Commit ffbe6f27 authored by Yann Garcia's avatar Yann Garcia

Unify STF525 TTCN-3 code with spirent

parent 5d39aeb9
......@@ -156,6 +156,7 @@ module ItsPki_TestCases {
in Headers p_headers,
in EtsiTs103097Certificate p_ec_certificate,
out InnerAtRequest p_inner_at_request,
out InnerAtResponse p_inner_at_response,
out HttpMessage p_response,
out integer p_result,
in template octetstring p_its_id := PICS_ITS_S_CANONICAL_ID,
......@@ -166,7 +167,6 @@ module ItsPki_TestCases {
var EtsiTs102941Data v_etsi_ts_102941_data;
var Oct16 v_request_hash;
var Oct16 v_aes_enc_key;
var InnerAtResponse v_inner_at_response;
var template (value) HttpMessage v_response;
log(">>> f_verify_http_at_request_from_iut_itss:", p_request);
......@@ -183,14 +183,14 @@ module ItsPki_TestCases {
log("f_verify_http_at_request_from_iut_itss: matching: ", match(v_etsi_ts_102941_data.content, mw_authorizationRequest(mw_innerAtRequest))); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_authorizationRequest(mw_innerAtRequest)) == false) {
// Send error message
f_http_build_authorization_response(-, its_aa_cantparse, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
f_http_build_authorization_response(-, its_aa_cantparse, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
// Set verdict
p_result := -2;
} else {
// Extract InnerAtRequest and Verify signature of mw_innerATRequestSignedForPop
if (f_verify_inner_at_request_signed_for_pop(v_etsi_ts_102941_data, p_ec_certificate, p_inner_at_request) == false) {
// Send error message
f_http_build_authorization_response(p_inner_at_request, its_aa_cantparse, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
f_http_build_authorization_response(p_inner_at_request, its_aa_cantparse, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), p_headers));
// Set verdict
p_result := -3;
......@@ -198,7 +198,7 @@ module ItsPki_TestCases {
log("f_verify_http_at_request_from_iut_itss: match ", match(p_inner_at_request, mw_innerAtRequest(mw_publicKeys, -, mw_shared_at_request, mw_ec_signature))); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(p_inner_at_request, mw_innerAtRequest(mw_publicKeys, -, mw_shared_at_request, mw_ec_signature)) == false) { // TODO To be refined
// Send error message: No enrolment request
f_http_build_authorization_response(p_inner_at_request, its_aa_badcontenttype, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
f_http_build_authorization_response(p_inner_at_request, its_aa_badcontenttype, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), p_headers));
// Set verdict
p_result := -4;
......@@ -226,7 +226,7 @@ module ItsPki_TestCases {
log("f_verify_http_at_request_from_iut_itss: matching: ", match(p_inner_at_request.sharedAtRequest.keyTag, v_key_tag));
if (match(p_inner_at_request.sharedAtRequest.keyTag, v_key_tag) == false) {
// Send error message: No enrolment request
f_http_build_authorization_response(p_inner_at_request, its_aa_keysdontmatch, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
f_http_build_authorization_response(p_inner_at_request, its_aa_keysdontmatch, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), p_headers));
// Set verdict
p_result := -5;
......@@ -235,10 +235,10 @@ module ItsPki_TestCases {
// Send OK message
log("f_verify_http_at_request_from_iut_itss: Receive ", p_inner_at_request);
if (p_force_response_code == ok) {
f_http_build_authorization_response(p_inner_at_request, ok, v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
f_http_build_authorization_response(p_inner_at_request, ok, v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
} else {
log("f_verify_http_at_request_from_iut_itss: Succeed built force error code ", p_force_response_code);
f_http_build_authorization_response(p_inner_at_request, p_force_response_code, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
f_http_build_authorization_response(p_inner_at_request, p_force_response_code, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
}
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), p_headers));
// Set verdict
......@@ -1742,6 +1742,8 @@ module ItsPki_TestCases {
// Local variables
var HashedId8 v_certificate_digest;
var EtsiTs103097Certificate v_certificate;
var InfoPortData v_info_port_data;
var boolean v_start_awaiting := false;
// Test component configuration
vc_hashedId8ToBeUsed := PX_IUT_DEFAULT_CERTIFICATE;
......@@ -1769,9 +1771,21 @@ module ItsPki_TestCases {
f_sendUtTriggerAuthorizationRequestPrimitive();
tc_ac.start;
alt {
[] geoNetworkingPort.receive { // FIXME Wait for new AT certificate
log("*** " & testcasename() & ": PASS: IUT started to send CAM using new AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
[v_start_awaiting == true] a_await_cam_with_current_cert(
v_info_port_data.hashed_id8,
v_info_port_data.at_certificate
) {
log("*** " & testcasename() & ": PASS: IUT started to send CA message using new AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
[] geoNetworkingPort.receive {
log("*** " & testcasename() & ": FAIL: IUT started to send CA message using wrong AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
[] infoPort.receive(InfoPortData:?) -> value v_info_port_data {
log("*** " & testcasename() & ": INFO: Received new AT certificate ***");
v_start_awaiting := true;
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": PASS: No CA message received ***");
......@@ -1827,18 +1841,29 @@ module ItsPki_TestCases {
var HttpMessage v_response;
var integer v_result;
var InnerAtRequest v_inner_at_request;
var InnerAtResponse v_inner_at_response;
tc_ac.stop;
// Verify IUT response
f_verify_http_at_request_from_iut_itss(v_request.request, v_headers, v_inner_ec_response.certificate, v_inner_at_request, v_response, v_result);
f_verify_http_at_request_from_iut_itss(v_request.request, v_headers, v_inner_ec_response.certificate, v_inner_at_request, v_inner_at_response, v_response, v_result);
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
}
// Set verdict
if (v_result == 0) {
var octetstring v_msg;
var octetstring v_hashed_id8;
log("*** " & testcasename() & ": PASS: InnerEcRequest received ***");
v_msg := bit2oct(encvalue(v_inner_at_response.certificate));
if (ischosen(v_inner_at_response.certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_hashed_id8 := f_hashedId8FromSha384(f_hashWithSha384(v_msg));
} else {
v_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256(v_msg));
}
infoPort.send(InfoPortData : { hashed_id8 := v_hashed_id8, at_certificate := v_inner_at_response.certificate });
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Failed to verify EA an EnrolmentRequestMessage ***");
......
......@@ -19,7 +19,6 @@ module ItsSecurity_Pics {
// LibItsSecurity
import from LibItsSecurity_TypesAndValues all;
// TODO To be removed
type record certificates_foi {
charstring certificate_id,
HashAlgorithm hashAlgorithm,
......@@ -33,7 +32,7 @@ module ItsSecurity_Pics {
{ cc_iutCert_A, sha256, '39CF4DF85C18EBA5'O, 'EFEB473043DD2B88'O, omit }, // CERT_IUT_A_AT
{ cc_iutCert_A_B, sha256, 'F437DE395A471B0A'O, 'FE18C80573BD41A5'O, omit }, // CERT_IUT_A_B_AT
{ cc_iutCert_A_B3, sha256, 'F437DE395A471B0A'O, '623F3CE451FA1A04'O, omit }, // CERT_IUT_A_B3_AT
{ cc_iutCert_B, sha256, '39CF4DF85C18EBA5'O, 'E9DAF8626F52D687'O, { circularRegion := { center := {436169490, 70533080}, radius := 5000 } } }, // CERT_IUT_B_AT
{ cc_iutCert_B, sha256, '39CF4DF85C18EBA5'O, 'E9DAF8626F52D687'O, { circularRegion := { center := {436169490, 70533080}, radius := 5000 } } }, // CERT_IUT_A_B_AT
{ cc_iutCert_C, sha256, '39CF4DF85C18EBA5'O, '46C778C826B25328'O, { rectangularRegion := { { northWest := { latitude := 436618657, longitude := 70083912 }, southEast := { latitude := 435720322, longitude := 70982247 } } } } }, // CERT_IUT_C_AT
{ cc_taCert_A1, sha256, '39CF4DF85C18EBA5'O, '01063FEF92C015BB'O, omit }, // CERT_IUT_A1_AT
......
This diff is collapsed.
......@@ -97,18 +97,6 @@ module ItsSecurity_TestControl {
execute(TC_SEC_ITSS_SND_GENMSG_07_BV());
execute(TC_SEC_ITSS_SND_GENMSG_08_BV());
/**
* @desc Sending behaviour test cases for certificates profile
* @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.7 Encrypted messages profile
*/
if (PICS_SEC_ENCRYPTION_SUPPORT) {
execute(TC_SEC_ITSS_SND_ENC_01_BV());
execute(TC_SEC_ITSS_SND_ENC_02_BV());
execute(TC_SEC_ITSS_SND_ENC_03_BV());
execute(TC_SEC_ITSS_SND_ENC_04_BV());
execute(TC_SEC_ITSS_SND_ENC_05_BV());
}
/**
* @desc Sending behaviour test cases for certificates profile
* @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.8 Profiles for certificates
......
Subproject commit ee2c278910c882b90b8fbea6bee5be70ec92aa83
Subproject commit 0181ca54a8bcae4214b6aba217dff20f2035504e
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment