diff --git a/ccsrc/Externals/LibItsSecurity_externals.cc b/ccsrc/Externals/LibItsSecurity_externals.cc index f628cd13f071e9b0349ac78b79b3a3bf163f9029..a3810b395dcb7b4868c906c20b350a0a07b22363 100644 --- a/ccsrc/Externals/LibItsSecurity_externals.cc +++ b/ccsrc/Externals/LibItsSecurity_externals.cc @@ -1046,7 +1046,7 @@ namespace LibItsSecurity__Functions p__publicKeyY = k.public_key_y(); p__publicKeyCompressed = k.public_key_compressed(); p__compressedMode = INTEGER((int)k.public_key_compressed_mode()); - + return TRUE; } diff --git a/ccsrc/Protocols/Security/security_ecc.cc b/ccsrc/Protocols/Security/security_ecc.cc index ed1518753e8ea59ae6fa891c8097ac6f13e82a76..333e91763cbf0540bdc5ac5ab30ae403722e3730 100644 --- a/ccsrc/Protocols/Security/security_ecc.cc +++ b/ccsrc/Protocols/Security/security_ecc.cc @@ -680,7 +680,11 @@ int security_ecc::encrypt(const encryption_algotithm p_enc_algorithm, const OCTE } int security_ecc::decrypt(const encryption_algotithm p_enc_algorithm, const OCTETSTRING& p_key, const OCTETSTRING& p_nonce, const OCTETSTRING& p_tag, const OCTETSTRING& p_enc_message, OCTETSTRING& p_message) { - loggers::get_instance().log(">>> security_ecc::decrypt: %d", p_enc_algorithm); + loggers::get_instance().log(">>> security_ecc::decrypt: p_enc_algorithm=%d", p_enc_algorithm); + loggers::get_instance().log_msg(">>> security_ecc::decrypt: p_key=", p_key); + loggers::get_instance().log_msg(">>> security_ecc::decrypt: p_nonce", p_nonce); + loggers::get_instance().log_msg(">>> security_ecc::decrypt: p_tag", p_tag); + loggers::get_instance().log_msg(">>> security_ecc::decrypt: p_enc_message", p_enc_message); _encryption_algotithm = p_enc_algorithm; _sym_key = p_key; diff --git a/data/v3/asn1c_cert.tar.bz2 b/data/v3/asn1c_cert.tar.bz2 new file mode 100644 index 0000000000000000000000000000000000000000..cddef462d9f54d43adafd95af19acb7dd5450790 Binary files /dev/null and b/data/v3/asn1c_cert.tar.bz2 differ diff --git a/etc/AtsPki/AtsPki_Idnomic.cfg_ b/etc/AtsPki/AtsPki_Idnomic.cfg_ index 0c8ecd22088a4a872be897b09bca88643ba791c1..d73bf6d4122187bd0f93557299f84b28b51a615f 100644 --- a/etc/AtsPki/AtsPki_Idnomic.cfg_ +++ b/etc/AtsPki/AtsPki_Idnomic.cfg_ @@ -19,12 +19,14 @@ LibItsPki_Pics.PICS_HEADER_HOST_EC := "ea.utopia.plugtests2019.innovation.ke LibItsPki_Pics.PICS_HEADER_HOST_ATV := "ea.utopia.plugtests2019.innovation.keynectis.net" LibItsPki_Pics.PICS_HEADER_HOST_AT := "aa.utopia.plugtests2019.innovation.keynectis.net" LibItsPki_Pics.PICS_HEADER_HOST_CA := "dc.plugtests2019.innovation.keynectis.net" +LibItsPki_Pics.PICS_HEADER_HOST_TLM := "cpoc.jrc.ec.europa.eu" LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/" LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/" LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/" LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/getctl/1D3C7B499A054F8C"; LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/1D3C7B499A054F8C"; +LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/data/certificates/ectl/ECTL_TEST_ETSI-PLUGTEST_6.0_2019-11-07.oer" LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O @@ -72,11 +74,11 @@ system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec) #system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.41,local_port=80)" # Multiple HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=aa.utopia.plugtests2019.innovation.keynectis.net)" system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=dc.plugtests2019.innovation.keynectis.net)" - +system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=cpoc.jrc.ec.europa.eu,use_ssl=1)" [EXECUTE] # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV +ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp) #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01 @@ -184,9 +186,12 @@ system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/ #ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV # Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL -ItsPki_TestCases.TC_RCA_CTLGEN_01_BV +#ItsPki_TestCases.TC_RCA_CTLGEN_01_BV # Check that the RootCA generates the CRL when CA certificate is about to be revoked -ItsPki_TestCases.TC_RCA_CRLGEN_02_BV +#ItsPki_TestCases.TC_RCA_CRLGEN_02_BV + +# Check that the TLM generates the ECTL when new RootCA is about to be added +#ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV [MAIN_CONTROLLER] # The options herein control the behavior of MC. diff --git a/etc/AtsRSUsSimulator/AtsRSUSimulator.cfg b/etc/AtsRSUsSimulator/AtsRSUSimulator.cfg index 2281c7385874ba3e88600d5269733d4c63a9557f..23a97d8b594663bfd1a8ee00173ecc970d2a00da 100644 --- a/etc/AtsRSUsSimulator/AtsRSUSimulator.cfg +++ b/etc/AtsRSUsSimulator/AtsRSUSimulator.cfg @@ -71,7 +71,7 @@ LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorization" LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/ea/authval" LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O -LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '1B4CA1210123AE900BBE6C3EBAE7E87DA20DBDAB1E7B2EC0691C51C1021900AA'O +LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D4954532D303031'O LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_TS_A_EA" LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" diff --git a/ttcn/AtsPki/ItsPki_TestCases.ttcn b/ttcn/AtsPki/ItsPki_TestCases.ttcn index 4090324f972d85c743b6672232edbe0a72af19ce..f839f108970212898e179da5566d46b4a8a0b932 100644 --- a/ttcn/AtsPki/ItsPki_TestCases.ttcn +++ b/ttcn/AtsPki/ItsPki_TestCases.ttcn @@ -58,6 +58,7 @@ module ItsPki_TestCases { import from LibItsHttp_BinaryTemplates all; import from LibItsHttp_Functions all; import from LibItsHttp_TestSystem all; + import from LibItsHttp_Pics all; // LibItsPki import from LibItsPki_TypesAndValues all; @@ -8902,7 +8903,7 @@ module ItsPki_TestCases { group ca_behavior { group ctl { - + /** * @desc Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL * 
@@ -8949,7 +8950,7 @@ module ItsPki_TestCases {
         // Test adapter configuration
         
         // Preamble
-        f_init_default_headers_list(-, "ca_request", v_headers);
+        f_init_default_headers_list(PICS_HEADER_CTL_CONTENT_TYPE, "ca_request", v_headers);
         action("The RootCA is triggered to add new EA certificate (CERT_EA) in the CTL");
         f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
         
@@ -9047,7 +9048,7 @@ module ItsPki_TestCases {
         // Test adapter configuration
         
         // Preamble
-        f_init_default_headers_list(-, "ca_request", v_headers);
+        f_init_default_headers_list(PICS_HEADER_CRL_CONTENT_TYPE, "ca_request", v_headers);
         action("the RootCA is triggered to add new CA certificate (CERT_CA) to the revocation list");
         f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
         
@@ -9104,4 +9105,111 @@ module ItsPki_TestCases {
 
   } // End of group ca_behavior
 
+  group tlm_behavior {
+    
+    group ctl {
+
+      /**
+       * @desc Check that the TLM generates the ECTL when new RootCA is about to be added
+       * 
+       * Pics Selection: PICS_IUT_CA_ROLE
+       * Initial conditions: 
+       *     }
+       * Expected behaviour:
+       *     ensure that {
+       *         when {
+       *             the TLM is triggered to add new RootCA certificate (CERT_RCA) in the CTL
+       *         }
+       *         then {
+       *             the IUT issue a new CTL of type CtlFormat
+       *                 containing isFullCtl
+       *                     indicating TRUE
+       *                 and containing ctlCommands
+       *                     containing CtlCommand
+       *                         containing add
+       *                             containing rca
+       *                                 containing selfsignedRootCa
+       *                                     indicating CERT_RCA
+       *         }
+       *     }
+       * 

+       * 
+       * @see       ETSI TS 103 525-2 TP TLM_ECTLGEN_01_BV
+       * @reference ETSI TS 102 941, clause 6.3.1
+       */
+      testcase TC_TLM_ECTLGEN_01_BV() runs on ItsPkiHttp system ItsPkiHttpSystem {
+        // Local variables
+        var HeaderLines v_headers;
+        var HttpMessage v_response;
+        
+        // Test control
+        if (not PICS_IUT_CA_ROLE) {
+          log("*** " & testcasename() & ": PICS_IUT_CA_ROLE required for executing the TC ***");
+          setverdict(inconc);
+          stop;
+        }
+        
+        // Test component configuration
+        f_cfHttpUp_tlm();
+        
+        // Test adapter configuration
+        
+        // Preamble
+        f_init_default_headers_list(PICS_HEADER_CTL_CONTENT_TYPE, "tlm_request", v_headers);
+        action("The TLM is triggered to add new RootCA certificate (CERT_RCA) in the CTL");
+        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+        
+        // Test Body
+        f_http_send(
+                    v_headers,
+                    m_http_request(
+                                   m_http_request_get(
+                                                      PICS_HTTP_GET_URI_ECTL,
+                                                      v_headers
+                                                      )));
+        tc_ac.start;
+        alt {
+          [] httpTlmPort.receive(
+                                 mw_http_response(
+                                                  mw_http_response_ok(
+                                                                      mw_http_message_body_binary(
+                                                                                                  mw_binary_body_ieee1609dot2_data(
+                                                                                                                                   mw_etsiTs103097Data_signed(
+                                                                                                                                                              mw_signedData(
+                                                                                                                                                                            -,
+                                                                                                                                                                            mw_toBeSignedData(                                                                                                                                                            mw_signedDataPayload                                                                                                                                        ),
+                                                                                                                                                                            mw_signerIdentifier_digest
+                                                                                                                                                                            ))))))) -> value v_response {
+            var ToBeSignedRcaCtl v_to_be_signed_tlm_ectl;
+
+            tc_ac.stop;
+
+            if (f_verify_rca_ctl_response_message(v_response.response.body.binary_body.ieee1609dot2_data, true, v_to_be_signed_tlm_ectl) == false) {
+              log("*** " & testcasename() & ": FAIL: Failed to verify RCA message ***");
+              f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+            } else {
+              if (f_verify_full_ectl(v_to_be_signed_tlm_ectl) == true) {
+                log("*** " & testcasename() & ": PASS: ToBeSignedRcaCtl received ***");
+                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+              } else {
+                log("*** " & testcasename() & ": FAIL: Receive unexpected message ***");
+                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+              }
+            }
+          }
+          [] tc_ac.timeout {
+            log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+          }
+        } // End of 'alt' statement
+
+        // Postamble
+        f_cfHttpDown_tlm();
+
+      } // End of testcase TC_TLM_ECTLGEN_01_BV
+
+    } // End of group ctl
+
+  } // End of group tlm_behavior
+
 } // End of module ItsPki_TestCases
diff --git a/ttcn/AtsRSUsSimulator/ItsRSUsSimulator_Functions.ttcn b/ttcn/AtsRSUsSimulator/ItsRSUsSimulator_Functions.ttcn
index d5e92a5e8ffd7aefb018d883eadd0e4bbb46a064..7f13b3aa05aed765d9b9f030725d1bdb986df583 100644
--- a/ttcn/AtsRSUsSimulator/ItsRSUsSimulator_Functions.ttcn
+++ b/ttcn/AtsRSUsSimulator/ItsRSUsSimulator_Functions.ttcn
@@ -1389,7 +1389,6 @@ module ItsRSUsSimulator_Functions {
                                                                      vc_at_counter,
                                                                      vc_at_certificates
                                                                      ));
-          //v_pki.done;
           repeat;
         }
         [] cfPort.receive {
diff --git a/ttcn/LibIts b/ttcn/LibIts
index 85cb2b6c78a91a7d1370036baa632d557c509ed4..63ccaf6630a5e2f37f949f23cdeee2cfdbbe0f48 160000
--- a/ttcn/LibIts
+++ b/ttcn/LibIts
@@ -1 +1 @@
-Subproject commit 85cb2b6c78a91a7d1370036baa632d557c509ed4
+Subproject commit 63ccaf6630a5e2f37f949f23cdeee2cfdbbe0f48