From 50ccd8469114fd564b8f59554404e74168348649 Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Thu, 31 Mar 2022 15:16:29 +0200 Subject: [PATCH 1/5] CV2X#3 Validation against PKIs --- ccsrc/Externals/LibItsSecurity_externals.cc | 4 +- data/certificates/Makefile | 50 +- data/certificates/profiles/CERT_IUT_A1_AT.xml | 70 +-- data/certificates/profiles/CERT_IUT_A2_AT.xml | 70 +-- data/certificates/profiles/CERT_IUT_A3_AT.xml | 70 +-- data/certificates/profiles/CERT_IUT_A4_AT.xml | 70 +-- data/certificates/profiles/CERT_IUT_A_AA.xml | 88 +-- .../profiles/CERT_IUT_A_AA_A8.xml | 88 +-- .../profiles/CERT_IUT_A_AC_AT.xml | 72 +-- data/certificates/profiles/CERT_IUT_A_AT.xml | 72 +-- .../profiles/CERT_IUT_A_AT_A8.xml | 82 +-- .../profiles/CERT_IUT_A_B33_AT.xml | 70 +-- .../profiles/CERT_IUT_A_B3_AA.xml | 88 +-- .../profiles/CERT_IUT_A_B3_AT.xml | 70 +-- .../profiles/CERT_IUT_A_B3_N_AT.xml | 70 +-- .../certificates/profiles/CERT_IUT_A_B_AA.xml | 88 +-- .../certificates/profiles/CERT_IUT_A_B_AT.xml | 70 +-- .../profiles/CERT_IUT_A_B_N_AT.xml | 70 +-- .../profiles/CERT_IUT_A_C3_AT.xml | 72 +-- .../profiles/CERT_IUT_A_CC_AT.xml | 72 +-- .../certificates/profiles/CERT_IUT_A_N_AA.xml | 88 +-- .../certificates/profiles/CERT_IUT_A_N_AT.xml | 72 +-- data/certificates/profiles/CERT_IUT_A_RCA.xml | 96 ++-- data/certificates/profiles/CERT_IUT_B_AT.xml | 70 +-- data/certificates/profiles/CERT_IUT_C1_AT.xml | 74 +-- data/certificates/profiles/CERT_IUT_C3_AA.xml | 92 ++-- .../certificates/profiles/CERT_IUT_CA1_AT.xml | 70 +-- .../certificates/profiles/CERT_IUT_CA2_AT.xml | 70 +-- .../certificates/profiles/CERT_IUT_CA3_AT.xml | 70 +-- .../profiles/CERT_IUT_CAM_BO_02_AT.xml | 60 +- .../profiles/CERT_IUT_CAM_BO_03_AT.xml | 60 +- data/certificates/profiles/CERT_IUT_CA_AA.xml | 86 +-- data/certificates/profiles/CERT_IUT_CC_AA.xml | 92 ++-- data/certificates/profiles/CERT_IUT_C_AT.xml | 76 +-- .../certificates/profiles/CERT_IUT_C_AT_8.xml | 118 ++-- data/certificates/profiles/CERT_IUT_C_RCA.xml | 100 ++-- .../profiles/CERT_IUT_DENM_BO_01_AT.xml | 62 +-- .../profiles/CERT_IUT_DENM_BO_02_AT.xml | 62 +-- data/certificates/profiles/CERT_IUT_D_AA.xml | 96 ++-- data/certificates/profiles/CERT_IUT_D_AT.xml | 80 +-- .../certificates/profiles/CERT_IUT_D_AT_8.xml | 88 +-- data/certificates/profiles/CERT_IUT_E_AT.xml | 70 +-- .../certificates/profiles/CERT_IUT_E_AT_8.xml | 84 +-- .../profiles/CERT_IUT_IVI_SSP_1_AT.xml | 72 +-- .../CERT_IUT_IVI_SSP_ISO14823_1_AT.xml | 72 +-- .../CERT_IUT_IVI_SSP_ISO14823_2_AT.xml | 72 +-- .../CERT_IUT_IVI_SSP_ISO14823_3_AT.xml | 72 +-- .../CERT_IUT_IVI_SSP_ISO14823_4_AT.xml | 72 +-- .../CERT_IUT_IVI_SSP_ISO14823_5_AT.xml | 72 +-- .../CERT_IUT_IVI_SSP_ISO14823_6_AT.xml | 72 +-- .../profiles/CERT_IUT_IVI_SSP_LC_AT.xml | 72 +-- .../profiles/CERT_IUT_IVI_SSP_LS_AT.xml | 72 +-- .../profiles/CERT_IUT_IVI_SSP_NEG_AT.xml | 72 +-- .../profiles/CERT_IUT_IVI_SSP_NONE_AT.xml | 72 +-- .../profiles/CERT_IUT_IVI_SSP_RCC_AT.xml | 72 +-- .../profiles/CERT_IUT_IVI_SSP_SAEJ2540_AT.xml | 72 +-- .../profiles/CERT_IUT_IVI_SSP_TC_AT.xml | 72 +-- .../CERT_IUT_IVI_SSP_VIENNACONV_AT.xml | 72 +-- .../profiles/CERT_IUT_MAP_SSP_1_AT.xml | 72 +-- .../profiles/CERT_IUT_MAP_SSP_2_AT.xml | 72 +-- .../profiles/CERT_IUT_MAP_SSP_NONE_AT.xml | 72 +-- .../profiles/CERT_IUT_RTCM_SSP_NONE_AT.xml | 70 +-- .../profiles/CERT_IUT_SPAT_SSP_ALL_AT.xml | 72 +-- .../profiles/CERT_IUT_SPAT_SSP_NONE_AT.xml | 72 +-- .../profiles/CERT_IUT_SRM_SSP_01.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_02.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_03.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_04.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_05.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_06.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_07.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_08.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_09.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_10.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_11.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_12.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_13.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_14.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_15.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_16.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_17.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_18.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_NONE_AT.xml | 70 +-- .../profiles/CERT_IUT_SRM_SSP_REQ_NONE_AT.xml | 70 +-- .../profiles/CERT_IUT_SSM_SSP_AT.xml | 70 +-- .../CERT_TS_AA_AUTHVAL_RCV_02_BI_01.xml | 86 +-- .../CERT_TS_AA_AUTHVAL_RCV_02_BI_02.xml | 88 +-- .../CERT_TS_AA_AUTHVAL_RCV_02_BI_03.xml | 88 +-- data/certificates/profiles/CERT_TS_A_AA.xml | 88 +-- data/certificates/profiles/CERT_TS_A_AA_B.xml | 88 +-- data/certificates/profiles/CERT_TS_A_AT.xml | 72 +-- data/certificates/profiles/CERT_TS_A_EA.xml | 92 ++-- .../CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_01.xml | 90 +-- .../CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_02.xml | 92 ++-- .../CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_03.xml | 92 ++-- data/certificates/profiles/CERT_TS_A_EC.xml | 68 +-- data/certificates/profiles/CERT_TS_B1_AT.xml | 70 +-- data/certificates/profiles/CERT_TS_B_AT.xml | 72 +-- .../profiles/CERT_TS_CAM_BO_02_AT.xml | 62 +-- .../profiles/CERT_TS_CAM_BO_03_AT.xml | 60 +- .../profiles/CERT_TS_DENM_BO_01_AT.xml | 56 +- .../profiles/CERT_TS_DENM_BO_02_AT.xml | 56 +- .../profiles/CERT_TS_EC_ENR_RCV_02_BI_01.xml | 68 +-- .../profiles/CERT_TS_EC_ENR_RCV_02_BI_02.xml | 68 +-- .../profiles/CERT_TS_EC_ENR_RCV_02_BI_03.xml | 68 +-- data/certificates/profiles/CERT_TS_F3_AT.xml | 70 +-- data/certificates/profiles/CERT_TS_F_AT.xml | 72 +-- etc/AtsIS/AtsIS.cfg | 270 +-------- etc/AtsIS/AtsIS_IVIM.cf_ | 269 +++++++++ etc/AtsIS/AtsIS_Mapem.cf_ | 188 +++++++ etc/AtsIS/AtsIS_Spatem.cf_ | 200 +++++++ etc/AtsPki/AtsPki.cfg | 2 +- etc/AtsPki/AtsPki_Atos.cfg_ | 62 ++- ..._CryptaLabs.cfg_ => AtsPki_Autocrypt.cfg_} | 169 ++++-- etc/AtsPki/AtsPki_Cnit.cfg_ | 169 ------ etc/AtsPki/AtsPki_Ctag.cfg_ | 44 +- etc/AtsPki/AtsPki_Escrypt.cfg_ | 188 ------- ...sPki_eu_ccms_cpoc.cf_ => AtsPki_Etas.cfg_} | 516 +++++++++--------- etc/AtsPki/AtsPki_Microsec.cfg_ | 99 +++- etc/AtsPki/AtsPki_Simu.cfg_ | 6 +- scripts/run_tshark.bash | 3 +- ttcn/AtsPki | 2 +- 122 files changed, 5194 insertions(+), 4881 deletions(-) mode change 100644 => 120000 etc/AtsIS/AtsIS.cfg create mode 100644 etc/AtsIS/AtsIS_IVIM.cf_ create mode 100644 etc/AtsIS/AtsIS_Mapem.cf_ create mode 100644 etc/AtsIS/AtsIS_Spatem.cf_ rename etc/AtsPki/{AtsPki_CryptaLabs.cfg_ => AtsPki_Autocrypt.cfg_} (57%) delete mode 100644 etc/AtsPki/AtsPki_Cnit.cfg_ delete mode 100644 etc/AtsPki/AtsPki_Escrypt.cfg_ rename etc/AtsPki/{AtsPki_eu_ccms_cpoc.cf_ => AtsPki_Etas.cfg_} (78%) diff --git a/ccsrc/Externals/LibItsSecurity_externals.cc b/ccsrc/Externals/LibItsSecurity_externals.cc index b7db3ab..b398619 100644 --- a/ccsrc/Externals/LibItsSecurity_externals.cc +++ b/ccsrc/Externals/LibItsSecurity_externals.cc @@ -693,7 +693,7 @@ namespace LibItsSecurity__Functions { p__publicEphemeralKeyCompressed = ec->public_key_compressed(); loggers::get_instance().log_msg("fx__encryptWithEciesNistp256WithSha256: Ephemeral public compressed key: ", p__publicEphemeralKeyCompressed); p__ephemeralCompressedMode = (ec->public_key_compressed_mode() == ecc_compressed_mode::compressed_y_0) ? 0 : 1; - loggers::get_instance().log("fx__encryptWithEciesNistp256WithSha256: Ephemeral public compressed mode: %d: ", p__ephemeralCompressedMode); + loggers::get_instance().log("fx__encryptWithEciesNistp256WithSha256: Ephemeral public compressed mode: %d: ", (int)p__ephemeralCompressedMode); // 3. Retrieve AES 128 parameters p__nonce = ec->nonce(); loggers::get_instance().log_msg("fx__encryptWithEciesNistp256WithSha256: p__nonce: ", p__nonce); @@ -858,7 +858,7 @@ namespace LibItsSecurity__Functions { p__publicEphemeralKeyCompressed = ec->public_key_compressed(); loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: Ephemeral public compressed key: ", p__publicEphemeralKeyCompressed); p__ephemeralCompressedMode = (ec->public_key_compressed_mode() == ecc_compressed_mode::compressed_y_0) ? 0 : 1; - loggers::get_instance().log("fx__encryptWithEciesBrainpoolp256r1WithSha256: Ephemeral public compressed mode: %d: ", p__ephemeralCompressedMode); + loggers::get_instance().log("fx__encryptWithEciesBrainpoolp256r1WithSha256: Ephemeral public compressed mode: %d: ", (int)p__ephemeralCompressedMode); // 3. Retrieve AES 128 parameters p__nonce = ec->nonce(); loggers::get_instance().log_msg("fx__encryptWithEciesBrainpoolp256r1WithSha256: p__nonce: ", p__nonce); diff --git a/data/certificates/Makefile b/data/certificates/Makefile index 4858194..2d8024e 100644 --- a/data/certificates/Makefile +++ b/data/certificates/Makefile @@ -6,20 +6,25 @@ else endif endif +ifeq (,$(CERTGEN)) + $(error CERTGEN variable shall point to the certgen project) +endif + outdir=certificates in=profiles xerdir=xer depdir=temp keydir=certificates +iutdir=iut ifeq ($(ARCH),msvc) - asn1certgen= ../../../itscertgen/build/msvc/x64/Debug/certgen.exe + asn1certgen= $(CERTGEN)/build/msvc/x64/Debug/certgen.exe else - asn1certgen=../../../itscertgen/build/$(ARCH)-d/certgen + asn1certgen=$(CERTGEN)/build/$(ARCH)-d/certgen endif -xsl_cvt=../../../itscertgen/certgen/asn1certgen.xslt -xsl_dep=../../../itscertgen/certgen/prof2dep.xsl +xsl_cvt=$(CERTGEN)/itscertgen/certgen/asn1certgen.xslt +xsl_dep=$(CERTGEN)/itscertgen/certgen/prof2dep.xsl profiles=$(wildcard $(in)/*.xml) certificates_oer=$(patsubst $(in)/%.xml, $(outdir)/%.oer, $(profiles)) @@ -28,7 +33,7 @@ deps=$(patsubst $(in)/%.xml, $(depdir)/%.dep, $(profiles)) all: $(sort $(outdir) $(xerdir) $(depdir)) $(certificates_oer) -$(sort $(outdir) $(xerdir) $(depdir)): +$(sort $(outdir) $(xerdir) $(depdir) $(iutdir)): mkdir -p $@ clean: rm -f $(certificates_oer) $(certificates_xer) @@ -45,4 +50,39 @@ $(deps): $(depdir)/%.dep : $(in)/%.xml $(certificates_xer) : $(xsl_cvt) +certs_iut_at = $(filter $(outdir)/CERT_IUT_%_AT.oer, $(certificates_oer)) +vkeys_iut_at = $(patsubst %.oer, %.vkey, $(certs_iut_at)) +ekeys_iut_at = $(patsubst %.oer, %.ekey, $(certs_iut_at)) + +certs_iut := $(filter $(outdir)/CERT_IUT_%_RCA.oer, $(certificates_oer)) +certs_iut += $(filter $(outdir)/CERT_IUT_%_AA.oer, $(certificates_oer)) +certs_iut += $(certs_iut_at) + +iut_files = $(patsubst $(outdir)/%, $(iutdir)/%, $(certs_iut) $(vkeys_iut_at) $(ekeys_iut_at)) + +install: $(iutdir) $(iut_files) + +$(iut_files): $(iutdir)/%: $(outdir)/% + -cp -f $< $@ + +$(vkeys_iut_at) $(ekeys_iut_at): + +IUT_TC23 = CERT_IUT_C1_AT.oer CERT_IUT_C1_AT.vkey CERT_IUT_C1_AT.ekey CERT_IUT_CC_AA.oer CERT_IUT_C_RCA.oer CERT_TS_A_AT.oer CERT_IUT_A_AA.oer +IUT_TC24 = CERT_IUT_C2_AT.oer CERT_IUT_C2_AT.vkey CERT_IUT_C2_AT.ekey CERT_IUT_C2_AA.oer CERT_IUT_C_RCA.oer CERT_IUT_A_RCA.oer CERT_TS_A_AT.oer CERT_IUT_A_AA.oer +IUT_TC25 = CERT_IUT_A1_AT.oer CERT_IUT_A1_AT.vkey CERT_IUT_A1_AT.ekey CERT_IUT_A_AA.oer CERT_IUT_A_RCA.oer CERT_TS_A_AT.oer +IUT_TC26 = CERT_IUT_A2_AT.oer CERT_IUT_A2_AT.vkey CERT_IUT_A2_AT.ekey CERT_IUT_A_AA.oer CERT_IUT_A_RCA.oer CERT_TS_A_AT.oer +IUT_TC27 = CERT_IUT_A3_AT.oer CERT_IUT_A3_AT.vkey CERT_IUT_A3_AT.ekey CERT_IUT_A_AA.oer CERT_IUT_A_RCA.oer CERT_TS_A_AT.oer +IUT_TC28 = CERT_IUT_A_AT_A8.oer CERT_IUT_A_AT_A8.vkey CERT_IUT_A_AT_A8.ekey CERT_IUT_A_AA_A8.oer CERT_IUT_A_RCA.oer CERT_TS_A_AT.oer CERT_IUT_A_AA.oer + +IUT_TCS = TC23 TC24 TC25 TC26 TC27 TC28 + +define InstallTC +$(addprefix $(TC)/,$(IUT_$(TC))): $(TC)/% : $$(outdir)/% + mkdir -p $(TC) + -cp -f $$< $$@ +endef +$(foreach TC, $(IUT_TCS), $(eval $(InstallTC))) + +install_tc: $(foreach TC, $(IUT_TCS), $(addprefix $(TC)/, $(IUT_$(TC)))) + include $(deps) diff --git a/data/certificates/profiles/CERT_IUT_A1_AT.xml b/data/certificates/profiles/CERT_IUT_A1_AT.xml index 3a53e6d..f73179d 100644 --- a/data/certificates/profiles/CERT_IUT_A1_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A1_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A2_AT.xml b/data/certificates/profiles/CERT_IUT_A2_AT.xml index 0a2b58d..434f9e9 100644 --- a/data/certificates/profiles/CERT_IUT_A2_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A2_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A3_AT.xml b/data/certificates/profiles/CERT_IUT_A3_AT.xml index 4beb60e..415ecba 100644 --- a/data/certificates/profiles/CERT_IUT_A3_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A3_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A4_AT.xml b/data/certificates/profiles/CERT_IUT_A4_AT.xml index 97c4a01..7bdd092 100644 --- a/data/certificates/profiles/CERT_IUT_A4_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A4_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_AA.xml b/data/certificates/profiles/CERT_IUT_A_AA.xml index cb1e4a6..43f2171 100644 --- a/data/certificates/profiles/CERT_IUT_A_AA.xml +++ b/data/certificates/profiles/CERT_IUT_A_AA.xml @@ -1,44 +1,44 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_AA_A8.xml b/data/certificates/profiles/CERT_IUT_A_AA_A8.xml index 83436b7..b6c1ccc 100644 --- a/data/certificates/profiles/CERT_IUT_A_AA_A8.xml +++ b/data/certificates/profiles/CERT_IUT_A_AA_A8.xml @@ -1,44 +1,44 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_AC_AT.xml b/data/certificates/profiles/CERT_IUT_A_AC_AT.xml index 268c341..808cee1 100644 --- a/data/certificates/profiles/CERT_IUT_A_AC_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_AC_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_AT.xml b/data/certificates/profiles/CERT_IUT_A_AT.xml index da78154..1c9a403 100644 --- a/data/certificates/profiles/CERT_IUT_A_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_AT_A8.xml b/data/certificates/profiles/CERT_IUT_A_AT_A8.xml index f3487f4..9e14f2d 100644 --- a/data/certificates/profiles/CERT_IUT_A_AT_A8.xml +++ b/data/certificates/profiles/CERT_IUT_A_AT_A8.xml @@ -1,41 +1,41 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 00 - 00 - 00 - 00 - 00 - 00 - 00 - 01 FF FC - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 00 + 00 + 00 + 00 + 00 + 00 + 00 + 01 FF FC + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_B33_AT.xml b/data/certificates/profiles/CERT_IUT_A_B33_AT.xml index ed46755..ff8744e 100644 --- a/data/certificates/profiles/CERT_IUT_A_B33_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_B33_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_B3_AA.xml b/data/certificates/profiles/CERT_IUT_A_B3_AA.xml index deb8ec6..d7b1fb1 100644 --- a/data/certificates/profiles/CERT_IUT_A_B3_AA.xml +++ b/data/certificates/profiles/CERT_IUT_A_B3_AA.xml @@ -1,44 +1,44 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_B3_AT.xml b/data/certificates/profiles/CERT_IUT_A_B3_AT.xml index 57a148c..9ae80b9 100644 --- a/data/certificates/profiles/CERT_IUT_A_B3_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_B3_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_B3_N_AT.xml b/data/certificates/profiles/CERT_IUT_A_B3_N_AT.xml index b862d83..02e04ec 100644 --- a/data/certificates/profiles/CERT_IUT_A_B3_N_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_B3_N_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_B_AA.xml b/data/certificates/profiles/CERT_IUT_A_B_AA.xml index 16792b0..dc731e7 100644 --- a/data/certificates/profiles/CERT_IUT_A_B_AA.xml +++ b/data/certificates/profiles/CERT_IUT_A_B_AA.xml @@ -1,44 +1,44 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_B_AT.xml b/data/certificates/profiles/CERT_IUT_A_B_AT.xml index 482d7b5..11cdd6d 100644 --- a/data/certificates/profiles/CERT_IUT_A_B_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_B_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_B_N_AT.xml b/data/certificates/profiles/CERT_IUT_A_B_N_AT.xml index 356d47e..ab21ef5 100644 --- a/data/certificates/profiles/CERT_IUT_A_B_N_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_B_N_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_C3_AT.xml b/data/certificates/profiles/CERT_IUT_A_C3_AT.xml index 5a73afc..4bdb475 100644 --- a/data/certificates/profiles/CERT_IUT_A_C3_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_C3_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_CC_AT.xml b/data/certificates/profiles/CERT_IUT_A_CC_AT.xml index cd0bb33..50800e9 100644 --- a/data/certificates/profiles/CERT_IUT_A_CC_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_CC_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_N_AA.xml b/data/certificates/profiles/CERT_IUT_A_N_AA.xml index 29d016b..2728718 100644 --- a/data/certificates/profiles/CERT_IUT_A_N_AA.xml +++ b/data/certificates/profiles/CERT_IUT_A_N_AA.xml @@ -1,44 +1,44 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_N_AT.xml b/data/certificates/profiles/CERT_IUT_A_N_AT.xml index 195b85b..d98b2f2 100644 --- a/data/certificates/profiles/CERT_IUT_A_N_AT.xml +++ b/data/certificates/profiles/CERT_IUT_A_N_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_A_RCA.xml b/data/certificates/profiles/CERT_IUT_A_RCA.xml index bbd4d05..77df77d 100644 --- a/data/certificates/profiles/CERT_IUT_A_RCA.xml +++ b/data/certificates/profiles/CERT_IUT_A_RCA.xml @@ -1,48 +1,48 @@ - - 3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 01 FE/FF 01 - - - 01 - 01 38 - - - - - - - - - - + + 3 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 01 FE/FF 01 + + + 01 + 01 38 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_B_AT.xml b/data/certificates/profiles/CERT_IUT_B_AT.xml index 21bd1f3..6da3e65 100644 --- a/data/certificates/profiles/CERT_IUT_B_AT.xml +++ b/data/certificates/profiles/CERT_IUT_B_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_C1_AT.xml b/data/certificates/profiles/CERT_IUT_C1_AT.xml index b568a19..8265259 100644 --- a/data/certificates/profiles/CERT_IUT_C1_AT.xml +++ b/data/certificates/profiles/CERT_IUT_C1_AT.xml @@ -1,36 +1,38 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_C3_AA.xml b/data/certificates/profiles/CERT_IUT_C3_AA.xml index aa69a71..750a2a5 100644 --- a/data/certificates/profiles/CERT_IUT_C3_AA.xml +++ b/data/certificates/profiles/CERT_IUT_C3_AA.xml @@ -1,46 +1,46 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_CA1_AT.xml b/data/certificates/profiles/CERT_IUT_CA1_AT.xml index fcb929d..d101484 100644 --- a/data/certificates/profiles/CERT_IUT_CA1_AT.xml +++ b/data/certificates/profiles/CERT_IUT_CA1_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_CA2_AT.xml b/data/certificates/profiles/CERT_IUT_CA2_AT.xml index 362cc18..d03f1c1 100644 --- a/data/certificates/profiles/CERT_IUT_CA2_AT.xml +++ b/data/certificates/profiles/CERT_IUT_CA2_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_CA3_AT.xml b/data/certificates/profiles/CERT_IUT_CA3_AT.xml index 510a162..f582c2a 100644 --- a/data/certificates/profiles/CERT_IUT_CA3_AT.xml +++ b/data/certificates/profiles/CERT_IUT_CA3_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_CAM_BO_02_AT.xml b/data/certificates/profiles/CERT_IUT_CAM_BO_02_AT.xml index 569f390..3c2f9bc 100644 --- a/data/certificates/profiles/CERT_IUT_CAM_BO_02_AT.xml +++ b/data/certificates/profiles/CERT_IUT_CAM_BO_02_AT.xml @@ -1,30 +1,30 @@ - - - 2 - - - - - - - - - - - - - - - 01 BF FC - - - - - - - - - - + + + 2 + + + + + + + + + + + + + + + 01 BF FC + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_CAM_BO_03_AT.xml b/data/certificates/profiles/CERT_IUT_CAM_BO_03_AT.xml index dc08edd..7e6926f 100644 --- a/data/certificates/profiles/CERT_IUT_CAM_BO_03_AT.xml +++ b/data/certificates/profiles/CERT_IUT_CAM_BO_03_AT.xml @@ -1,30 +1,30 @@ - - - 2 - - - - - - - - - - - - - - - 01 DF FC - - - - - - - - - - + + + 2 + + + + + + + + + + + + + + + 01 DF FC + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_CA_AA.xml b/data/certificates/profiles/CERT_IUT_CA_AA.xml index a30ab2f..6c3dc71 100644 --- a/data/certificates/profiles/CERT_IUT_CA_AA.xml +++ b/data/certificates/profiles/CERT_IUT_CA_AA.xml @@ -1,43 +1,43 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_CC_AA.xml b/data/certificates/profiles/CERT_IUT_CC_AA.xml index a5a13fc..e2751a7 100644 --- a/data/certificates/profiles/CERT_IUT_CC_AA.xml +++ b/data/certificates/profiles/CERT_IUT_CC_AA.xml @@ -1,46 +1,46 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_C_AT.xml b/data/certificates/profiles/CERT_IUT_C_AT.xml index b6cac15..25dd4b8 100644 --- a/data/certificates/profiles/CERT_IUT_C_AT.xml +++ b/data/certificates/profiles/CERT_IUT_C_AT.xml @@ -1,38 +1,38 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_C_AT_8.xml b/data/certificates/profiles/CERT_IUT_C_AT_8.xml index 758cf12..b8ac71f 100644 --- a/data/certificates/profiles/CERT_IUT_C_AT_8.xml +++ b/data/certificates/profiles/CERT_IUT_C_AT_8.xml @@ -1,59 +1,59 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_C_RCA.xml b/data/certificates/profiles/CERT_IUT_C_RCA.xml index d536970..e426409 100644 --- a/data/certificates/profiles/CERT_IUT_C_RCA.xml +++ b/data/certificates/profiles/CERT_IUT_C_RCA.xml @@ -1,50 +1,50 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 FE/FF 01 - - - 01 - 01 38 - - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 FE/FF 01 + + + 01 + 01 38 + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_DENM_BO_01_AT.xml b/data/certificates/profiles/CERT_IUT_DENM_BO_01_AT.xml index 1bcd23b..c36a7ad 100644 --- a/data/certificates/profiles/CERT_IUT_DENM_BO_01_AT.xml +++ b/data/certificates/profiles/CERT_IUT_DENM_BO_01_AT.xml @@ -1,31 +1,31 @@ - - - 2 - - - - - - - - - - - - - - - 01 FF FC - 01 7F FF FF - - - - - - - - - - + + + 2 + + + + + + + + + + + + + + + 01 FF FC + 01 7F FF FF + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_DENM_BO_02_AT.xml b/data/certificates/profiles/CERT_IUT_DENM_BO_02_AT.xml index 7fc27b8..1aeeca0 100644 --- a/data/certificates/profiles/CERT_IUT_DENM_BO_02_AT.xml +++ b/data/certificates/profiles/CERT_IUT_DENM_BO_02_AT.xml @@ -1,31 +1,31 @@ - - - 2 - - - - - - - - - - - - - - - 01 FF FC - 01 BF FF FF - - - - - - - - - - + + + 2 + + + + + + + + + + + + + + + 01 FF FC + 01 BF FF FF + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_D_AA.xml b/data/certificates/profiles/CERT_IUT_D_AA.xml index 6e05e29..53e19cd 100644 --- a/data/certificates/profiles/CERT_IUT_D_AA.xml +++ b/data/certificates/profiles/CERT_IUT_D_AA.xml @@ -1,48 +1,48 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_D_AT.xml b/data/certificates/profiles/CERT_IUT_D_AT.xml index 77bd6a2..4d3197e 100644 --- a/data/certificates/profiles/CERT_IUT_D_AT.xml +++ b/data/certificates/profiles/CERT_IUT_D_AT.xml @@ -1,40 +1,40 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_D_AT_8.xml b/data/certificates/profiles/CERT_IUT_D_AT_8.xml index 2f7e0e5..7e9856c 100644 --- a/data/certificates/profiles/CERT_IUT_D_AT_8.xml +++ b/data/certificates/profiles/CERT_IUT_D_AT_8.xml @@ -1,44 +1,44 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_E_AT.xml b/data/certificates/profiles/CERT_IUT_E_AT.xml index 610343f..5414ca0 100644 --- a/data/certificates/profiles/CERT_IUT_E_AT.xml +++ b/data/certificates/profiles/CERT_IUT_E_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_E_AT_8.xml b/data/certificates/profiles/CERT_IUT_E_AT_8.xml index 2c823e3..5e359d2 100644 --- a/data/certificates/profiles/CERT_IUT_E_AT_8.xml +++ b/data/certificates/profiles/CERT_IUT_E_AT_8.xml @@ -1,42 +1,42 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_1_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_1_AT.xml index 40c50b7..cf3912e 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_1_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_1_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_1_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_1_AT.xml index 4a1632c..333e2d8 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_1_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_1_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 40 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 40 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_2_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_2_AT.xml index cece970..bfd45b8 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_2_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_2_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 20 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 20 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_3_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_3_AT.xml index a492d4d..52bf3fc 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_3_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_3_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 10 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 10 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_4_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_4_AT.xml index 471f68c..4b0d416 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_4_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_4_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 08 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 08 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_5_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_5_AT.xml index 70a95f8..8b014ae 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_5_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_5_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 04 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 04 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_6_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_6_AT.xml index b360610..13c2e96 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_6_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_ISO14823_6_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 02 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 02 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_LC_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_LC_AT.xml index 7001a8e..d793be4 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_LC_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_LC_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 FF 10 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 FF 10 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_LS_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_LS_AT.xml index ed62ef9..9fa5f53 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_LS_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_LS_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 FF 80 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 FF 80 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_NEG_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_NEG_AT.xml index 6865758..c0de519 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_NEG_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_NEG_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 FF 08 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 FF 08 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_NONE_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_NONE_AT.xml index 40c50b7..cf3912e 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_NONE_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_NONE_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_RCC_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_RCC_AT.xml index cf372f5..669512b 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_RCC_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_RCC_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 FF 40 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 FF 40 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_SAEJ2540_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_SAEJ2540_AT.xml index a84952f..b9eac3e 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_SAEJ2540_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_SAEJ2540_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 01 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 01 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_TC_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_TC_AT.xml index 53ee0a1..c8805fb 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_TC_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_TC_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 FF 20 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 FF 20 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_IVI_SSP_VIENNACONV_AT.xml b/data/certificates/profiles/CERT_IUT_IVI_SSP_VIENNACONV_AT.xml index f34ba09..9dc287f 100644 --- a/data/certificates/profiles/CERT_IUT_IVI_SSP_VIENNACONV_AT.xml +++ b/data/certificates/profiles/CERT_IUT_IVI_SSP_VIENNACONV_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 00 00 00 00 80 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 00 00 00 00 80 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_MAP_SSP_1_AT.xml b/data/certificates/profiles/CERT_IUT_MAP_SSP_1_AT.xml index a989808..51e9dfd 100644 --- a/data/certificates/profiles/CERT_IUT_MAP_SSP_1_AT.xml +++ b/data/certificates/profiles/CERT_IUT_MAP_SSP_1_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 E0 - 01 80 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 E0 + 01 80 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_MAP_SSP_2_AT.xml b/data/certificates/profiles/CERT_IUT_MAP_SSP_2_AT.xml index 560ed52..dda3d6c 100644 --- a/data/certificates/profiles/CERT_IUT_MAP_SSP_2_AT.xml +++ b/data/certificates/profiles/CERT_IUT_MAP_SSP_2_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 E0 - 01 40 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 E0 + 01 40 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_MAP_SSP_NONE_AT.xml b/data/certificates/profiles/CERT_IUT_MAP_SSP_NONE_AT.xml index d313391..88d62a1 100644 --- a/data/certificates/profiles/CERT_IUT_MAP_SSP_NONE_AT.xml +++ b/data/certificates/profiles/CERT_IUT_MAP_SSP_NONE_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 E0 - 01 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 E0 + 01 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_RTCM_SSP_NONE_AT.xml b/data/certificates/profiles/CERT_IUT_RTCM_SSP_NONE_AT.xml index e44b477..1808c8d 100644 --- a/data/certificates/profiles/CERT_IUT_RTCM_SSP_NONE_AT.xml +++ b/data/certificates/profiles/CERT_IUT_RTCM_SSP_NONE_AT.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SPAT_SSP_ALL_AT.xml b/data/certificates/profiles/CERT_IUT_SPAT_SSP_ALL_AT.xml index fc8c868..b2d843e 100644 --- a/data/certificates/profiles/CERT_IUT_SPAT_SSP_ALL_AT.xml +++ b/data/certificates/profiles/CERT_IUT_SPAT_SSP_ALL_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 E0 - 01 C0 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 E0 + 01 C0 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SPAT_SSP_NONE_AT.xml b/data/certificates/profiles/CERT_IUT_SPAT_SSP_NONE_AT.xml index 3dec797..b0bde6e 100644 --- a/data/certificates/profiles/CERT_IUT_SPAT_SSP_NONE_AT.xml +++ b/data/certificates/profiles/CERT_IUT_SPAT_SSP_NONE_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 00 - 01 C0 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 00 + 01 C0 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_01.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_01.xml index eb42058..5385270 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_01.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_01.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 C0 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 C0 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_02.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_02.xml index c765447..fe4b50d 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_02.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_02.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 A0 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 A0 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_03.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_03.xml index 140a004..b610319 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_03.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_03.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 90 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 90 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_04.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_04.xml index d946bc5..a781aa2 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_04.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_04.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 88 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 88 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_05.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_05.xml index f8fa5b5..4bdf925 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_05.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_05.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 84 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 84 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_06.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_06.xml index cfa0c9a..5de810d 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_06.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_06.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 82 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 82 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_07.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_07.xml index 08f6e1d..188166d 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_07.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_07.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 81 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 81 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_08.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_08.xml index c98f6c0..2f95775 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_08.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_08.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 80 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 80 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_09.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_09.xml index 6e35cc4..ce93d6c 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_09.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_09.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 40 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 40 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_10.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_10.xml index 460cbd6..83b721c 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_10.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_10.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 20 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 20 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_11.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_11.xml index 9d3eae3..7f413be 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_11.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_11.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 10 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 10 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_12.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_12.xml index 658c441..dfa74c6 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_12.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_12.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 08 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 08 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_13.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_13.xml index f407294..4f8a44c 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_13.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_13.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 04 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 04 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_14.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_14.xml index 17dc971..caf753f 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_14.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_14.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 02 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 02 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_15.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_15.xml index d1329ee..50e4fb2 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_15.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_15.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 01 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 01 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_16.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_16.xml index 858d2d6..870f52d 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_16.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_16.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 00 80 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 00 80 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_17.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_17.xml index 06076d2..10f2f2c 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_17.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_17.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 00 40 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 00 40 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_18.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_18.xml index 4121c30..dd94886 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_18.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_18.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 00 20 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 00 20 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_NONE_AT.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_NONE_AT.xml index bfc7d82..a26291f 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_NONE_AT.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_NONE_AT.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 00 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 00 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SRM_SSP_REQ_NONE_AT.xml b/data/certificates/profiles/CERT_IUT_SRM_SSP_REQ_NONE_AT.xml index de20888..167ae06 100644 --- a/data/certificates/profiles/CERT_IUT_SRM_SSP_REQ_NONE_AT.xml +++ b/data/certificates/profiles/CERT_IUT_SRM_SSP_REQ_NONE_AT.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 02 80 00 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 02 80 00 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_IUT_SSM_SSP_AT.xml b/data/certificates/profiles/CERT_IUT_SSM_SSP_AT.xml index a6995c9..d95facf 100644 --- a/data/certificates/profiles/CERT_IUT_SSM_SSP_AT.xml +++ b/data/certificates/profiles/CERT_IUT_SSM_SSP_AT.xml @@ -1,35 +1,35 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_01.xml b/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_01.xml index b2582dd..aab488b 100644 --- a/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_01.xml +++ b/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_01.xml @@ -1,43 +1,43 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_02.xml b/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_02.xml index 7c47bcf..857c07c 100644 --- a/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_02.xml +++ b/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_02.xml @@ -1,44 +1,44 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 02 32 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 02 32 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_03.xml b/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_03.xml index 1b34198..5aeacc4 100644 --- a/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_03.xml +++ b/data/certificates/profiles/CERT_TS_AA_AUTHVAL_RCV_02_BI_03.xml @@ -1,44 +1,44 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 30 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 30 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_A_AA.xml b/data/certificates/profiles/CERT_TS_A_AA.xml index cb1e4a6..43f2171 100644 --- a/data/certificates/profiles/CERT_TS_A_AA.xml +++ b/data/certificates/profiles/CERT_TS_A_AA.xml @@ -1,44 +1,44 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_A_AA_B.xml b/data/certificates/profiles/CERT_TS_A_AA_B.xml index 16792b0..dc731e7 100644 --- a/data/certificates/profiles/CERT_TS_A_AA_B.xml +++ b/data/certificates/profiles/CERT_TS_A_AA_B.xml @@ -1,44 +1,44 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - 01 32 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 32 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_A_AT.xml b/data/certificates/profiles/CERT_TS_A_AT.xml index da78154..1c9a403 100644 --- a/data/certificates/profiles/CERT_TS_A_AT.xml +++ b/data/certificates/profiles/CERT_TS_A_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_A_EA.xml b/data/certificates/profiles/CERT_TS_A_EA.xml index 5a781e8..4273cdf 100644 --- a/data/certificates/profiles/CERT_TS_A_EA.xml +++ b/data/certificates/profiles/CERT_TS_A_EA.xml @@ -1,45 +1,47 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - 01 C0 - - - 01 0E - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 C0 + + + 01 0E + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_01.xml b/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_01.xml index 802585d..35dbf1f 100644 --- a/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_01.xml +++ b/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_01.xml @@ -1,44 +1,46 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - 01 C0 - - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 C0 + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_02.xml b/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_02.xml index 5a71c29..87d7282 100644 --- a/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_02.xml +++ b/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_02.xml @@ -1,45 +1,47 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - 01 C0 - - - 02 0E - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 C0 + + + 02 0E + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_03.xml b/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_03.xml index a165dd0..b4783c2 100644 --- a/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_03.xml +++ b/data/certificates/profiles/CERT_TS_A_EA_AA_AUTHVAL_RCV_02_BI_03.xml @@ -1,45 +1,47 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - 01 40 - - - 01 0E - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + 01 40 + + + 01 0E + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_A_EC.xml b/data/certificates/profiles/CERT_TS_A_EC.xml index 4cd5539..884430a 100644 --- a/data/certificates/profiles/CERT_TS_A_EC.xml +++ b/data/certificates/profiles/CERT_TS_A_EC.xml @@ -1,34 +1,34 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 C0 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 C0 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_B1_AT.xml b/data/certificates/profiles/CERT_TS_B1_AT.xml index 8e6b62a..f65e53f 100644 --- a/data/certificates/profiles/CERT_TS_B1_AT.xml +++ b/data/certificates/profiles/CERT_TS_B1_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_B_AT.xml b/data/certificates/profiles/CERT_TS_B_AT.xml index fb30044..5a470de 100644 --- a/data/certificates/profiles/CERT_TS_B_AT.xml +++ b/data/certificates/profiles/CERT_TS_B_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_CAM_BO_02_AT.xml b/data/certificates/profiles/CERT_TS_CAM_BO_02_AT.xml index 84c91a0..7283389 100644 --- a/data/certificates/profiles/CERT_TS_CAM_BO_02_AT.xml +++ b/data/certificates/profiles/CERT_TS_CAM_BO_02_AT.xml @@ -1,31 +1,31 @@ - - - - 2 - - - - - - - - - - - - - - - 01 BF FC - - - - - - - - - - + + + + 2 + + + + + + + + + + + + + + + 01 BF FC + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_CAM_BO_03_AT.xml b/data/certificates/profiles/CERT_TS_CAM_BO_03_AT.xml index ae2db8d..79bf905 100644 --- a/data/certificates/profiles/CERT_TS_CAM_BO_03_AT.xml +++ b/data/certificates/profiles/CERT_TS_CAM_BO_03_AT.xml @@ -1,30 +1,30 @@ - - - 2 - - - - - - - - - - - - - - - 01 DF FC - - - - - - - - - - + + + 2 + + + + + + + + + + + + + + + 01 DF FC + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_DENM_BO_01_AT.xml b/data/certificates/profiles/CERT_TS_DENM_BO_01_AT.xml index ddbb6ff..d3e206b 100644 --- a/data/certificates/profiles/CERT_TS_DENM_BO_01_AT.xml +++ b/data/certificates/profiles/CERT_TS_DENM_BO_01_AT.xml @@ -1,28 +1,28 @@ - - 2 - - - - - - - - - - - - - - - 01 FF FC - 01 7F FF FF - - - - - - - - - - + + 2 + + + + + + + + + + + + + + + 01 FF FC + 01 7F FF FF + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_DENM_BO_02_AT.xml b/data/certificates/profiles/CERT_TS_DENM_BO_02_AT.xml index bad0497..4b7237b 100644 --- a/data/certificates/profiles/CERT_TS_DENM_BO_02_AT.xml +++ b/data/certificates/profiles/CERT_TS_DENM_BO_02_AT.xml @@ -1,28 +1,28 @@ - - 2 - - - - - - - - - - - - - - - 01 FF FC - 01 BF FF FF - - - - - - - - - - + + 2 + + + + + + + + + + + + + + + 01 FF FC + 01 BF FF FF + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_01.xml b/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_01.xml index 50c8809..8edf160 100644 --- a/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_01.xml +++ b/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_01.xml @@ -1,34 +1,34 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_02.xml b/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_02.xml index 69fa8ec..90004ec 100644 --- a/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_02.xml +++ b/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_02.xml @@ -1,34 +1,34 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 00 C0 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 00 C0 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_03.xml b/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_03.xml index 5e7dc2f..c95f71e 100644 --- a/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_03.xml +++ b/data/certificates/profiles/CERT_TS_EC_ENR_RCV_02_BI_03.xml @@ -1,34 +1,34 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 00 - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 00 + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_F3_AT.xml b/data/certificates/profiles/CERT_TS_F3_AT.xml index 57a148c..9ae80b9 100644 --- a/data/certificates/profiles/CERT_TS_F3_AT.xml +++ b/data/certificates/profiles/CERT_TS_F3_AT.xml @@ -1,35 +1,35 @@ - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/data/certificates/profiles/CERT_TS_F_AT.xml b/data/certificates/profiles/CERT_TS_F_AT.xml index 8a23871..1659a94 100644 --- a/data/certificates/profiles/CERT_TS_F_AT.xml +++ b/data/certificates/profiles/CERT_TS_F_AT.xml @@ -1,36 +1,36 @@ - - - 3 - - - - - - - - - - - - > - - - - - - - - - 01 FF FC - 01 FF FF FF - - - - - - - - - - - + + + 3 + + + + + + + + + + + + > + + + + + + + + + 01 FF FC + 01 FF FF FF + + + + + + + + + + + diff --git a/etc/AtsIS/AtsIS.cfg b/etc/AtsIS/AtsIS.cfg deleted file mode 100644 index 741acdf..0000000 --- a/etc/AtsIS/AtsIS.cfg +++ /dev/null @@ -1,269 +0,0 @@ - -[MODULE_PARAMETERS] -# This section shall contain the values of all parameters that are defined in your TTCN-3 modules. - -# IUT Station ID -LibItsCommon_Pixits.PX_IUT_STATION_ID := 2533729309 - -LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB -LibItsIvim_Pics.PICS_IS_IUT_SECURED := false - -LibItsIvim_Pics.PICS_IVIM_HAS_GENERAL_CONTAINER := true -LibItsIvim_Pics.PICS_IVIM_HAS_ROAD_CFG_CONTAINER := true -LibItsIvim_Pics.PICS_IVIM_HAS_LAYOUT_CONTAINER := true -LibItsIvim_Pics.PICS_IVIM_HAS_TEXT_CONTAINER := true - -LibItsIvim_Pixits.PX_PROVIDER := { - countryCode := '0101110011'B , - providerIdentifier := 31 - } - -[LOGGING] -# In this section you can specify the name of the log file and the classes of events -# you want to log into the file or display on console (standard error). - -LogFile := "../logs/AtsIS/%e.%h-%r.%s" -FileMask := LOG_ALL | USER | DEBUG | MATCHING -ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING -#FileMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP -#ConsoleMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP -LogSourceInfo := Stack -LogEntityName:= Yes -LogEventTypes:= Yes -#TimeStampFormat := DateTime - -[TESTPORT_PARAMETERS] -# In this section you can specify parameters that are passed to Test Ports. -# IVIM Layer -# next_header : btpA|btpB (overwrite BTP.type) -# header_type : tsb|gbc|uni -# header_sub_type : sh (single hop) -# IVIM Layer -# next_header : btpA|btpB (overwrite BTP.type) -# BTP Layer -# type : btpA|btpB -# destination port: dst_port -# source port : src_port -# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU -# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU -# GN Layer -# ll_address : GeoNetworking address of the Test System -# latitude : latitude of the Test System -# longitude : longitude of the Test System -# beaconing : Set to 1 if GnLayer shall start beaconing -# Beaconning timer expiry: expiry (ms) -# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU -# secured_mode : Set to 1 if message exchanges shall be signed -# encrypted_mode : Set to 1 if message exchanges shall be encrypted -# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1 -# secure_db_path : Path to the certificates and keys storage location -# hash : Hash algorithm to be used when secured mode is set -# Authorized values are SHA-256 or SHA-384 -# Default: SHA-256 -# cypher : Cyphering algorithm to be used when secured mode is set -# Authorized values are NISTP-256 and BP-256 -# Default: NISTP-256 -# Ethernet layer -# mac_src :Source MAC address -# mac_bc :Broadcast address -# eth_type : Ethernet type -# Commsignia layer -# mac_src : Device MAC address, used to discard packets -# To indicate no filering, use the value 000000000000 -# mac_bc : Broadcast address -# eth_type : Ethernet type, used to discard packets -# target_host : Device address -# target_port : Device port -# source_port : Test System port -# interface_id: Interface id, used to discard packets -# tx_power : TX power (dB) -# UDP layer (IP/UDP based on Pcap) -# dst_ip : destination IPv4 address (aa.bb.cc.dd) -# dst_port: destination port -# src_ip : source IPv4 address (aa.bb.cc.dd) -# src_port: source port -# Pcap layer -# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System -# filter : Pcap filter (compliant with tcpdump syntax) -# Online mode: -# nic: Local NIC -# If set, online mode is used -# Offline mode (nic is present but not set): -# file : File to read -# frame_offset: Frame offset, used to skip packets with frame number < frame_offset -# time_offset : Time offset, used to skip packets with time offset < time_offset -# save_mode : 1 to save sent packet, 0 otherwise - -#Cygwin -#system.ivimPort.params := "IVIM(next_header=btpB,header_type=uni)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=/home/yanng/tmp/certificates)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=CEBB111F-D749-4B40-8B4D-DBB060E90987,filter=and ether proto 0x8947)" -# Linux -#system.ivimPort.params := "IVIM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/PCAP(mac_src=dc536045af7f,nic=wlp2s0,filter=and ether proto 0x8947)" -system.ivimPort.params := "IVIM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7e)/PCAP(mac_src=dc536045af7e,nic=wlp0s20f3,filter=and ether proto 0x8947)" -# Linux over UDP -#system.ivimPort.params := "IVIM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/UDP(dst_ip=192.168.146.26,src_port=4041,dst_port=50544)" - -# IVIM UpperTester port based on UDP -system.utPort.params := "UT_IVIM/UDP(dst_ip=127.0.0.1,dst_port=12345,src_port=12346)" -#system.utPort.params := "UT_IVIM/UDP(dst_ip=192.168.146.26,dst_port=44100,src_port=12345)" -#system.utPort.params := "UT_IVIM/UDP(dst_ip=172.16.35.1)" - -[EXECUTE] -# Check that protocolVersion is set to 1 and messageID is set to 6 -#ItsIvim_TestCases.TC_IS_IVI_GEN_MSGF_BV_01 -# Check that all Application Containers references existing items in one or more Location Containers -#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_01 -# Check that application container information of the same type does not refer to overlapping RZs. -#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_02 -# Check that all definitions of zones that are based on the same Reference Position, be it that they are connected or not interconnected, should be included in the same Geographic Location Container -#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_03 -# Check that the IUT includes the component laneNumber for each zone if the zone definition is restricted to specific lane(s). -#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_04 -# Check that If the zone definition applies to the entire carriageway (all lanes), the -#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_05 -# Check that IUT includes, for each zone, one or more of the following optional components to define the zone: -#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_06 -# Check that management container contains a country code according to ISO 3166-1. Numbers shall be assigned on national basis. -#ItsIvim_TestCases.TC_IS_IVI_GEN_MANC_BV_01 -# Check that an IUT can split an IVI Structure to multiple messages if it exceeds the maximum PDU size. -#ItsIvim_TestCases.TC_IS_IVI_GEN_MANC_BV_02 -# Check that IVI Service generates a new IVIM on reception of a valid AppIVIM_Trigger request -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_01 -# Check that a new iviIdentificationNumber value is assigned for each newly generated IVIM -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_02 -# Check that iviIdentificationNumber value is set to a next unused value each time an IVIM is detected -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_03 -# Check that a new generated IVIM contains an iviStatus set to 'new' -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_04 -# Check that the timeStamp is set to the current time when generating a new IVM -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_05 -# Check that an updated IVIM contains an iviStatus set to 'update' -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_01 -# Check that an update can change the validity time to the IVIM - validTo information field -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_02 -# Check that an update can change the validity time to the IVIM - validFrom information field -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_03 -# Check that the timeStamp is set to the current time when generating an update with some change of information content -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_04 -# Check that the iviIdentificationNumber remains unchanged IVIM is updated -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_05 -# The IUT shall, at minimum, include the identifier(s) of a Relevance Zone in the component -#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_01 -# Check that all zone IDs in the General Application Container references existing items in -#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_02 -# The IUT shall include the component direction to describe the direction of relevance -#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_03 -# The IUT shall include at least one element in the roadSignCodes container. -#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_04 -# Check that all layoutID of the General Application Containers references existing layouts -#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_05 -# Check that all zone IDs in the Road Configuration Container references existing items in the Location Container of the same IVIM Structure. -#ItsIvim_TestCases.TC_IS_IVI_GEN_RCC_BV_01 -# Check that all Parts that relate to the same Location Container are included in the same Road Configuration Container. -#ItsIvim_TestCases.TC_IS_IVI_GEN_RCC_BV_02 -# Check that Road Configuration Container contains description of all present lanes. -#ItsIvim_TestCases.TC_IS_IVI_GEN_RCC_BV_03 -# Check that all zone IDs in the Text Container references existing items in the Location Container of the same IVIM Structure. -#ItsIvim_TestCases.TC_IS_IVI_GEN_TEXT_BV_01 -# The sending ITS-S shall include the component direction to describe the direction of -#ItsIvim_TestCases.TC_IS_IVI_GEN_TEXT_BV_02 -# The IUT can include either the component text and/or the component data. The IUT can repeat -#ItsIvim_TestCases.TC_IS_IVI_GEN_TEXT_BV_03 -# Check that all layoutID of the Text Containers references existing layouts in the Layout Containers of the same IVIM Structure. -#ItsIvim_TestCases.TC_IS_IVI_GEN_TEXT_BV_04 -# Check that IVIMs are not generated more frequently than T_GenIvimMin -#ItsIvim_TestCases.TC_IS_IVI_GEN_GFQ_TI_01 -# Check that IVIMs are not generated less frequently than T_GenIvimMax -#ItsIvim_TestCases.TC_IS_IVI_GEN_GFQ_TI_02 -# Check that the IUT activates repetition on reception of a valid AppIVIM_Update request -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVRP_BV_01 -# Check that the IUT activates repetition on reception of a valid AppIVIM_Update request -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVRP_BV_02 -# Check that the IUT terminates IVM genration on validity duration expery -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVTR_BV_01 -# Check that the IUT terminates IVM genration on termination request -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVTR_BV_02 -# Check that the IUT terminates IVM generation on cancellation request. -ItsIvim_TestCases.TC_IS_IVI_GEN_EVTR_BV_03 -# Check that the IUT terminates IVM generation on negation request -#ItsIvim_TestCases.TC_IS_IVI_GEN_EVTR_BV_04 -# Check that IVIM uses BTP_B packet -#ItsIvim_TestCases.TC_IS_IVI_GEN_COM_BV_01 -# Check that IVI service encapsulates IVIM in a UNC with the HeaderType field set to the value of 2. -#ItsIvim_TestCases.TC_IS_IVI_GEN_COM_BV_02 -# Check that IVI service uses certificate containing valid ITS AID to sign IVIM. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SEC_BV_01 -# Check that IVI service uses certificate containing valid ITS AID to sign IVIM. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SEC_BV_02 -# Check that IVI service uses certificate containing valid Service Specific Permissions of type BitmapSsp -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_01 -# Check that IVI service sends an IVIM containing different road signs schema when it is permitted by the signing certificate -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_02 -# Check that IVI service sends an IVIM containing ISO/TS 14823 road signs codes of different service categories -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_03 -# Check that IVI service sends an IVIM containing lane status when it is permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_04 -# Check that IVI service sends an IVIM containing different containers when it is permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_05 -# Check that IVI service sends an IVI negation when it is permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_06 -# Check that IVI service doesn’t send an IVIM if service provider value is not authorized by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_01 -# Check that IVI service doesn’t send an IVIM containing different road signs schema when it is not permitted by the signing certificat. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_02 -# Check that IVI service doesn’t send an IVIM containing ISO/TS 14823 road signs codes of different service categories when it is not permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_03 -# Check that IVI service doesn’t send an IVIM containing lane status when it is not permitted by the signing certificate -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_04 -# Check that IVI service doesn’t send an IVIM containing different containers when it is not permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_05 -# Check that IVI service doesn’t send an IVI negation when it is not permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_06 -# Check that the IUT can successfully process IVIM been received when the IUT was in the Relevance Zone. -#ItsIvim_TestCases.TC_IS_IVI_RCV_MSGF_BV_01 -# Check that the IUT can successfully process IVIM been received when the IUT was in the Detection Zone approaching the Relevance Zone -#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_01 -# Check that an IUT detects the applicability of a Relevance Zone defined as a polygonal lie. -#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_02 -# Check that an IUT detects the applicability of a Relevance Zone defined as an area. -#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_03 -# Check that an IUT detects the applicability of a Relevance Zone defined as a distance value. -#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_04 -# Check that an IUT detects the applicability of a Relevance Zone by matching its path with the relevance zone (path) of the moving IVI object. -#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_05 -# Check that a received IVIM is considered as new if iviStatus is “new”. -#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_01 -# Check that a received IVIM is considered as new if iviStatus is “new” and/or if the combination of serviceProviderId and iviIdentificationNumber is different from other received messages -#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_02 -# Check that a received IVIM is considered as update if the iviStatus is “update” and/or if the combination of serviceProviderId and iviIdentificationNumber equals to those from another received structure and the timestamp is more recent -#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_03 -# Check that a received IVIM is considered as duplicate of a received structure if the combination of serviceProviderId and iviIdentificationNumber equals to those from another received structure and the timestamp is the same; -#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_04 -# Check that a received IVIM is considered as cancelation if the iviStatus is “cancellation”. -#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_05 -# Check that a received IVIM is considered as negation if the iviStatus is “negation”. -#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_06 -# Check that the IUT accepts a received IVIM message permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BV_01 -# Check that the IUT skips a received IVIM message not permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_01 -# Check that the IUT skips a received IVIM message with service provider identifier not permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_02 -# Check that IVI service skips a received IVIM containing different road signs schema when it is not permitted by the signing certificate -#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_03 -# Check that IVI service skips a received IVIM containing ISO/TS 14823 road signs codes of different service categories when it is not permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_04 -# Check that IVI service skips a received IVIM containing lane status when it is not permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_05 -# Check that IVI service skips a received IVIM containing different containers when it is not permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_06 -# Check that IVI service skips a received IVI negation when it is not permitted by the signing certificate. -#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_07 -# Check that the IUT can successfully process IVIM been received when the IUT was in the Relevance Zone -#ItsIvim_TestCases.TC_IS_IVI_RCV_MSGF_BV_01 - -[MAIN_CONTROLLER] -# The options herein control the behavior of MC. -KillTimer := 10.0 -LocalAddress := 127.0.0.1 -TCPPort := 12000 -NumHCs := 1 diff --git a/etc/AtsIS/AtsIS.cfg b/etc/AtsIS/AtsIS.cfg new file mode 120000 index 0000000..57b4023 --- /dev/null +++ b/etc/AtsIS/AtsIS.cfg @@ -0,0 +1 @@ +AtsIS_Mapem.cf_ \ No newline at end of file diff --git a/etc/AtsIS/AtsIS_IVIM.cf_ b/etc/AtsIS/AtsIS_IVIM.cf_ new file mode 100644 index 0000000..741acdf --- /dev/null +++ b/etc/AtsIS/AtsIS_IVIM.cf_ @@ -0,0 +1,269 @@ + +[MODULE_PARAMETERS] +# This section shall contain the values of all parameters that are defined in your TTCN-3 modules. + +# IUT Station ID +LibItsCommon_Pixits.PX_IUT_STATION_ID := 2533729309 + +LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB +LibItsIvim_Pics.PICS_IS_IUT_SECURED := false + +LibItsIvim_Pics.PICS_IVIM_HAS_GENERAL_CONTAINER := true +LibItsIvim_Pics.PICS_IVIM_HAS_ROAD_CFG_CONTAINER := true +LibItsIvim_Pics.PICS_IVIM_HAS_LAYOUT_CONTAINER := true +LibItsIvim_Pics.PICS_IVIM_HAS_TEXT_CONTAINER := true + +LibItsIvim_Pixits.PX_PROVIDER := { + countryCode := '0101110011'B , + providerIdentifier := 31 + } + +[LOGGING] +# In this section you can specify the name of the log file and the classes of events +# you want to log into the file or display on console (standard error). + +LogFile := "../logs/AtsIS/%e.%h-%r.%s" +FileMask := LOG_ALL | USER | DEBUG | MATCHING +ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING +#FileMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP +#ConsoleMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP +LogSourceInfo := Stack +LogEntityName:= Yes +LogEventTypes:= Yes +#TimeStampFormat := DateTime + +[TESTPORT_PARAMETERS] +# In this section you can specify parameters that are passed to Test Ports. +# IVIM Layer +# next_header : btpA|btpB (overwrite BTP.type) +# header_type : tsb|gbc|uni +# header_sub_type : sh (single hop) +# IVIM Layer +# next_header : btpA|btpB (overwrite BTP.type) +# BTP Layer +# type : btpA|btpB +# destination port: dst_port +# source port : src_port +# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU +# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU +# GN Layer +# ll_address : GeoNetworking address of the Test System +# latitude : latitude of the Test System +# longitude : longitude of the Test System +# beaconing : Set to 1 if GnLayer shall start beaconing +# Beaconning timer expiry: expiry (ms) +# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU +# secured_mode : Set to 1 if message exchanges shall be signed +# encrypted_mode : Set to 1 if message exchanges shall be encrypted +# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1 +# secure_db_path : Path to the certificates and keys storage location +# hash : Hash algorithm to be used when secured mode is set +# Authorized values are SHA-256 or SHA-384 +# Default: SHA-256 +# cypher : Cyphering algorithm to be used when secured mode is set +# Authorized values are NISTP-256 and BP-256 +# Default: NISTP-256 +# Ethernet layer +# mac_src :Source MAC address +# mac_bc :Broadcast address +# eth_type : Ethernet type +# Commsignia layer +# mac_src : Device MAC address, used to discard packets +# To indicate no filering, use the value 000000000000 +# mac_bc : Broadcast address +# eth_type : Ethernet type, used to discard packets +# target_host : Device address +# target_port : Device port +# source_port : Test System port +# interface_id: Interface id, used to discard packets +# tx_power : TX power (dB) +# UDP layer (IP/UDP based on Pcap) +# dst_ip : destination IPv4 address (aa.bb.cc.dd) +# dst_port: destination port +# src_ip : source IPv4 address (aa.bb.cc.dd) +# src_port: source port +# Pcap layer +# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System +# filter : Pcap filter (compliant with tcpdump syntax) +# Online mode: +# nic: Local NIC +# If set, online mode is used +# Offline mode (nic is present but not set): +# file : File to read +# frame_offset: Frame offset, used to skip packets with frame number < frame_offset +# time_offset : Time offset, used to skip packets with time offset < time_offset +# save_mode : 1 to save sent packet, 0 otherwise + +#Cygwin +#system.ivimPort.params := "IVIM(next_header=btpB,header_type=uni)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=/home/yanng/tmp/certificates)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=CEBB111F-D749-4B40-8B4D-DBB060E90987,filter=and ether proto 0x8947)" +# Linux +#system.ivimPort.params := "IVIM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/PCAP(mac_src=dc536045af7f,nic=wlp2s0,filter=and ether proto 0x8947)" +system.ivimPort.params := "IVIM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7e)/PCAP(mac_src=dc536045af7e,nic=wlp0s20f3,filter=and ether proto 0x8947)" +# Linux over UDP +#system.ivimPort.params := "IVIM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/UDP(dst_ip=192.168.146.26,src_port=4041,dst_port=50544)" + +# IVIM UpperTester port based on UDP +system.utPort.params := "UT_IVIM/UDP(dst_ip=127.0.0.1,dst_port=12345,src_port=12346)" +#system.utPort.params := "UT_IVIM/UDP(dst_ip=192.168.146.26,dst_port=44100,src_port=12345)" +#system.utPort.params := "UT_IVIM/UDP(dst_ip=172.16.35.1)" + +[EXECUTE] +# Check that protocolVersion is set to 1 and messageID is set to 6 +#ItsIvim_TestCases.TC_IS_IVI_GEN_MSGF_BV_01 +# Check that all Application Containers references existing items in one or more Location Containers +#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_01 +# Check that application container information of the same type does not refer to overlapping RZs. +#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_02 +# Check that all definitions of zones that are based on the same Reference Position, be it that they are connected or not interconnected, should be included in the same Geographic Location Container +#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_03 +# Check that the IUT includes the component laneNumber for each zone if the zone definition is restricted to specific lane(s). +#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_04 +# Check that If the zone definition applies to the entire carriageway (all lanes), the +#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_05 +# Check that IUT includes, for each zone, one or more of the following optional components to define the zone: +#ItsIvim_TestCases.TC_IS_IVI_GEN_LOC_BV_06 +# Check that management container contains a country code according to ISO 3166-1. Numbers shall be assigned on national basis. +#ItsIvim_TestCases.TC_IS_IVI_GEN_MANC_BV_01 +# Check that an IUT can split an IVI Structure to multiple messages if it exceeds the maximum PDU size. +#ItsIvim_TestCases.TC_IS_IVI_GEN_MANC_BV_02 +# Check that IVI Service generates a new IVIM on reception of a valid AppIVIM_Trigger request +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_01 +# Check that a new iviIdentificationNumber value is assigned for each newly generated IVIM +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_02 +# Check that iviIdentificationNumber value is set to a next unused value each time an IVIM is detected +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_03 +# Check that a new generated IVIM contains an iviStatus set to 'new' +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_04 +# Check that the timeStamp is set to the current time when generating a new IVM +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVGN_BV_05 +# Check that an updated IVIM contains an iviStatus set to 'update' +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_01 +# Check that an update can change the validity time to the IVIM - validTo information field +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_02 +# Check that an update can change the validity time to the IVIM - validFrom information field +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_03 +# Check that the timeStamp is set to the current time when generating an update with some change of information content +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_04 +# Check that the iviIdentificationNumber remains unchanged IVIM is updated +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVUP_BV_05 +# The IUT shall, at minimum, include the identifier(s) of a Relevance Zone in the component +#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_01 +# Check that all zone IDs in the General Application Container references existing items in +#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_02 +# The IUT shall include the component direction to describe the direction of relevance +#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_03 +# The IUT shall include at least one element in the roadSignCodes container. +#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_04 +# Check that all layoutID of the General Application Containers references existing layouts +#ItsIvim_TestCases.TC_IS_IVI_GEN_GENAPP_BV_05 +# Check that all zone IDs in the Road Configuration Container references existing items in the Location Container of the same IVIM Structure. +#ItsIvim_TestCases.TC_IS_IVI_GEN_RCC_BV_01 +# Check that all Parts that relate to the same Location Container are included in the same Road Configuration Container. +#ItsIvim_TestCases.TC_IS_IVI_GEN_RCC_BV_02 +# Check that Road Configuration Container contains description of all present lanes. +#ItsIvim_TestCases.TC_IS_IVI_GEN_RCC_BV_03 +# Check that all zone IDs in the Text Container references existing items in the Location Container of the same IVIM Structure. +#ItsIvim_TestCases.TC_IS_IVI_GEN_TEXT_BV_01 +# The sending ITS-S shall include the component direction to describe the direction of +#ItsIvim_TestCases.TC_IS_IVI_GEN_TEXT_BV_02 +# The IUT can include either the component text and/or the component data. The IUT can repeat +#ItsIvim_TestCases.TC_IS_IVI_GEN_TEXT_BV_03 +# Check that all layoutID of the Text Containers references existing layouts in the Layout Containers of the same IVIM Structure. +#ItsIvim_TestCases.TC_IS_IVI_GEN_TEXT_BV_04 +# Check that IVIMs are not generated more frequently than T_GenIvimMin +#ItsIvim_TestCases.TC_IS_IVI_GEN_GFQ_TI_01 +# Check that IVIMs are not generated less frequently than T_GenIvimMax +#ItsIvim_TestCases.TC_IS_IVI_GEN_GFQ_TI_02 +# Check that the IUT activates repetition on reception of a valid AppIVIM_Update request +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVRP_BV_01 +# Check that the IUT activates repetition on reception of a valid AppIVIM_Update request +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVRP_BV_02 +# Check that the IUT terminates IVM genration on validity duration expery +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVTR_BV_01 +# Check that the IUT terminates IVM genration on termination request +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVTR_BV_02 +# Check that the IUT terminates IVM generation on cancellation request. +ItsIvim_TestCases.TC_IS_IVI_GEN_EVTR_BV_03 +# Check that the IUT terminates IVM generation on negation request +#ItsIvim_TestCases.TC_IS_IVI_GEN_EVTR_BV_04 +# Check that IVIM uses BTP_B packet +#ItsIvim_TestCases.TC_IS_IVI_GEN_COM_BV_01 +# Check that IVI service encapsulates IVIM in a UNC with the HeaderType field set to the value of 2. +#ItsIvim_TestCases.TC_IS_IVI_GEN_COM_BV_02 +# Check that IVI service uses certificate containing valid ITS AID to sign IVIM. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SEC_BV_01 +# Check that IVI service uses certificate containing valid ITS AID to sign IVIM. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SEC_BV_02 +# Check that IVI service uses certificate containing valid Service Specific Permissions of type BitmapSsp +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_01 +# Check that IVI service sends an IVIM containing different road signs schema when it is permitted by the signing certificate +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_02 +# Check that IVI service sends an IVIM containing ISO/TS 14823 road signs codes of different service categories +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_03 +# Check that IVI service sends an IVIM containing lane status when it is permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_04 +# Check that IVI service sends an IVIM containing different containers when it is permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_05 +# Check that IVI service sends an IVI negation when it is permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BV_06 +# Check that IVI service doesn’t send an IVIM if service provider value is not authorized by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_01 +# Check that IVI service doesn’t send an IVIM containing different road signs schema when it is not permitted by the signing certificat. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_02 +# Check that IVI service doesn’t send an IVIM containing ISO/TS 14823 road signs codes of different service categories when it is not permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_03 +# Check that IVI service doesn’t send an IVIM containing lane status when it is not permitted by the signing certificate +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_04 +# Check that IVI service doesn’t send an IVIM containing different containers when it is not permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_05 +# Check that IVI service doesn’t send an IVI negation when it is not permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_GEN_SSP_BO_06 +# Check that the IUT can successfully process IVIM been received when the IUT was in the Relevance Zone. +#ItsIvim_TestCases.TC_IS_IVI_RCV_MSGF_BV_01 +# Check that the IUT can successfully process IVIM been received when the IUT was in the Detection Zone approaching the Relevance Zone +#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_01 +# Check that an IUT detects the applicability of a Relevance Zone defined as a polygonal lie. +#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_02 +# Check that an IUT detects the applicability of a Relevance Zone defined as an area. +#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_03 +# Check that an IUT detects the applicability of a Relevance Zone defined as a distance value. +#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_04 +# Check that an IUT detects the applicability of a Relevance Zone by matching its path with the relevance zone (path) of the moving IVI object. +#ItsIvim_TestCases.TC_IS_IVI_RCV_DATA_BV_05 +# Check that a received IVIM is considered as new if iviStatus is “new”. +#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_01 +# Check that a received IVIM is considered as new if iviStatus is “new” and/or if the combination of serviceProviderId and iviIdentificationNumber is different from other received messages +#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_02 +# Check that a received IVIM is considered as update if the iviStatus is “update” and/or if the combination of serviceProviderId and iviIdentificationNumber equals to those from another received structure and the timestamp is more recent +#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_03 +# Check that a received IVIM is considered as duplicate of a received structure if the combination of serviceProviderId and iviIdentificationNumber equals to those from another received structure and the timestamp is the same; +#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_04 +# Check that a received IVIM is considered as cancelation if the iviStatus is “cancellation”. +#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_05 +# Check that a received IVIM is considered as negation if the iviStatus is “negation”. +#ItsIvim_TestCases.TC_IS_IVI_RCV_EVUP_BV_06 +# Check that the IUT accepts a received IVIM message permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BV_01 +# Check that the IUT skips a received IVIM message not permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_01 +# Check that the IUT skips a received IVIM message with service provider identifier not permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_02 +# Check that IVI service skips a received IVIM containing different road signs schema when it is not permitted by the signing certificate +#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_03 +# Check that IVI service skips a received IVIM containing ISO/TS 14823 road signs codes of different service categories when it is not permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_04 +# Check that IVI service skips a received IVIM containing lane status when it is not permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_05 +# Check that IVI service skips a received IVIM containing different containers when it is not permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_06 +# Check that IVI service skips a received IVI negation when it is not permitted by the signing certificate. +#ItsIvim_TestCases.TC_IS_IVI_RCV_SSP_BO_07 +# Check that the IUT can successfully process IVIM been received when the IUT was in the Relevance Zone +#ItsIvim_TestCases.TC_IS_IVI_RCV_MSGF_BV_01 + +[MAIN_CONTROLLER] +# The options herein control the behavior of MC. +KillTimer := 10.0 +LocalAddress := 127.0.0.1 +TCPPort := 12000 +NumHCs := 1 diff --git a/etc/AtsIS/AtsIS_Mapem.cf_ b/etc/AtsIS/AtsIS_Mapem.cf_ new file mode 100644 index 0000000..4bf9437 --- /dev/null +++ b/etc/AtsIS/AtsIS_Mapem.cf_ @@ -0,0 +1,188 @@ + +[MODULE_PARAMETERS] +# This section shall contain the values of all parameters that are defined in your TTCN-3 modules. + +# IUT Station ID +LibItsCommon_Pixits.PX_IUT_STATION_ID := 2533729309 + +LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB +LibItsMapemSpatem_Pics.PICS_IS_IUT_SECURED := false + +[LOGGING] +# In this section you can specify the name of the log file and the classes of events +# you want to log into the file or display on console (standard error). + +LogFile := "../logs/AtsIS/%e.%h-%r.%s" +FileMask := LOG_ALL | USER | DEBUG | MATCHING +ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING +#FileMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP +#ConsoleMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP +LogSourceInfo := Stack +LogEntityName:= Yes +LogEventTypes:= Yes +#TimeStampFormat := DateTime + +[TESTPORT_PARAMETERS] +# In this section you can specify parameters that are passed to Test Ports. +# MAPEM Layer +# next_header : btpA|btpB (overwrite BTP.type) +# header_type : tsb|gbc|uni +# header_sub_type : sh (single hop) +# MAPEM Layer +# next_header : btpA|btpB (overwrite BTP.type) +# BTP Layer +# type : btpA|btpB +# destination port: dst_port +# source port : src_port +# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU +# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU +# GN Layer +# ll_address : GeoNetworking address of the Test System +# latitude : latitude of the Test System +# longitude : longitude of the Test System +# beaconing : Set to 1 if GnLayer shall start beaconing +# Beaconning timer expiry: expiry (ms) +# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU +# secured_mode : Set to 1 if message exchanges shall be signed +# encrypted_mode : Set to 1 if message exchanges shall be encrypted +# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1 +# secure_db_path : Path to the certificates and keys storage location +# hash : Hash algorithm to be used when secured mode is set +# Authorized values are SHA-256 or SHA-384 +# Default: SHA-256 +# cypher : Cyphering algorithm to be used when secured mode is set +# Authorized values are NISTP-256 and BP-256 +# Default: NISTP-256 +# Ethernet layer +# mac_src :Source MAC address +# mac_bc :Broadcast address +# eth_type : Ethernet type +# Commsignia layer +# mac_src : Device MAC address, used to discard packets +# To indicate no filering, use the value 000000000000 +# mac_bc : Broadcast address +# eth_type : Ethernet type, used to discard packets +# target_host : Device address +# target_port : Device port +# source_port : Test System port +# interface_id: Interface id, used to discard packets +# tx_power : TX power (dB) +# UDP layer (IP/UDP based on Pcap) +# dst_ip : destination IPv4 address (aa.bb.cc.dd) +# dst_port: destination port +# src_ip : source IPv4 address (aa.bb.cc.dd) +# src_port: source port +# Pcap layer +# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System +# filter : Pcap filter (compliant with tcpdump syntax) +# Online mode: +# nic: Local NIC +# If set, online mode is used +# Offline mode (nic is present but not set): +# file : File to read +# frame_offset: Frame offset, used to skip packets with frame number < frame_offset +# time_offset : Time offset, used to skip packets with time offset < time_offset +# save_mode : 1 to save sent packet, 0 otherwise + +#Cygwin +#system.mapemSpatemPort.params := "MAPEM(next_header=btpB,header_type=uni)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=/home/yanng/tmp/certificates)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=CEBB111F-D749-4B40-8B4D-DBB060E90987,filter=and ether proto 0x8947)" +# Linux +#system.mapemSpatemPort.params := "MAPEM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/PCAP(mac_src=dc536045af7f,nic=wlp2s0,filter=and ether proto 0x8947)" +system.mapemSpatemPort.params := "MapemSpatem(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=1,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7e)/PCAP(mac_src=dc536045af7e,nic=wlp0s20f3,filter=and ether proto 0x8947)" +# Linux over UDP +#system.mapemSpatemPort.params := "MAPEM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/UDP(dst_ip=192.168.146.26,src_port=4041,dst_port=50544)" + +# MAPEM UpperTester port based on UDP +system.utPort.params := "UT_MAPEMSPATEM/UDP(dst_ip=127.0.0.1,dst_port=12345,src_port=12346)" + +[EXECUTE] + +#ItsMapem_TestCases.TC_IS_RLT_xxx_BV_01 + +# Check that protocolVersion is set to 1 and messageID is set to 4 +ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_01 +# Check that the intersection information revision number is changed when the intersection configuration is changed. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_02 +# Check that the intersection information revision number is not changed when the intersection configuration is still the same. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_03 +# Check that RLT Service transmits MAPEM with the valid connection trajectories. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_04 +# Check that reference point altitude is encoded using regional extension. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_05 +# Check that each lane of the intersection contains a unique number. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_06 +# Check that the number of nodes needed to represent the path of a lane is selected such that the perpendicular distance between the lane centre line and the straight line connecting the two consecutive nodes is less than 1 m. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_07 +# Check that each vehicular lane of the intersection includes only allowed manoeuvres and vehicle types. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_08 +# Check that each pedestrian lane of the intersection includes only allowed manoeuvres and user types. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_09 +# Check that each special lane of the intersection includes only allowed manoeuvres and user types. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_10 +# Check that each crosswalk lane of the intersection does not have ingress or egress approaches and includes only valid user types. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_11 +# Check that each lane information contain lane width or default lane width is provided. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_12 +# Check that default lane width is not included in the RTL message if each lane information contains lane width. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_13 +# Check that possible manoevers are encoded in connectsTo data element. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_14 +# An IUT shall broadcast the signal group identifier, the lanes/approaches associated with the signal group, and the lanes/approaches’ allowable manoeuvres. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_15 +# Check that lanes which are crossed by a crosswalk shall use the same ingressApproach egressApproach identifier. +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_16 +# Check that RLT Service transmits MAPEM without data elements not used in ETSI architecture +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_17 + +# Check that IVI Service generates a new MAPEM on reception of a valid AppMAPEM_Trigger request +#ItsMapem_TestCases.TC_IS_RLT_EVGN_BV_01 +# Check that RLT Service transmits new content +#ItsMapem_TestCases.TC_IS_RLT_EVGN_BV_02 +# Check that RLT Service transmits non-fragmented MAPEM without the Layer ID. +#ItsMapem_TestCases.TC_IS_RLT_GEN_FRAG_BV_01 +# Check that RLT Service transmits fragmented MAPEM when the message size exceeds the allowed message length +#ItsMapem_TestCases.TC_IS_RLT_GEN_FRAG_BV_02 + +# Check that the RLT Service transmits continuously both MAPEM and SPATEM. +#ItsMapem_TestCases.TC_IS_RLT_GEN_COM_BV_01 +# Check that the destination port for MAPEM is set to 2003 +#ItsMapem_TestCases.TC_IS_RLT_GEN_COM_BV_03 +# Check that MAPEM uses BTP_B packet +# Check that the destination port for MAPEM is set to 2003 +#ItsMapem_TestCases.TC_IS_RLT_GEN_COM_BV_04 +# Check that TLM service encapsulates MAPEM in a GBC with the HeaderType field set to the value of 4 +#ItsMapem_TestCases.TC_IS_RLT_GEN_COM_BV_05 + +# Check that RLT service uses certificate containing valid ITS AID to sign MAPEM messages. +#ItsMapem_TestCases.TC_IS_RLT_GEN_SEC_BV_01 +# Check that TLM service uses generic security profile to sign MAPEM message and does not include additional security header elements. +#ItsMapem_TestCases.TC_IS_RLT_GEN_SEC_BV_02 +# Check that RLT service uses certificate containing valid Service Specific Permissions of type BitmapSsp to sign MAPEM messages and the SSP version is set to 1. +#ItsMapem_TestCases.TC_IS_RLT_GEN_SSP_BV_01 +# Check that RLT service sends a MAPEM message containing intersections when it is permitted by the signing certificate. +#ItsMapem_TestCases.TC_IS_RLT_GEN_SSP_BV_02 +# Check that RLT service does not send a MAPEM message containing intersections if it is not permitted by the certificate. +#ItsMapem_TestCases.TC_IS_RLT_GEN_SSP_BO_03 +# Check that RLT service sends a MAPEM message containing roadSegments when it is permitted by the signing certificate. +#ItsMapem_TestCases.TC_IS_RLT_GEN_SSP_BV_04 +# Check that RLT service does not send a MAPEM message containing roadSegments if it is not permitted by the certificate. +#ItsMapem_TestCases.TC_IS_RLT_GEN_SSP_BO_05 +# Check that RLT service sends a MAPEM message containing roadSegments when it is permitted by the signing certificate. +#ItsMapem_TestCases.TC_IS_RLT_GEN_RATE_BV_01 +# Check that the IUT can successfully process all mandatory fields of MAPEM received +#ItsMapem_TestCases.TC_IS_RLT_GEN_RCV_BV_03 +# Check that the IUT accepts the MAPEM signed with valid certificate +#ItsMapem_TestCases.TC_IS_RLT_RCV_SEC_BV_01 +# Check that the IUT skips the MAPEM signed with certificate without permissions to sign MAPEM. +#ItsMapem_TestCases.TC_IS_RLT_RCV_SEC_BO_02 +# Check that the IUT skips the MAPEM containing intersections signed with certificate without service specific permissions (SSP) to sign such a MAPEM +#ItsMapem_TestCases.TC_IS_RLT_RCV_SEC_BO_03 +# Check that the IUT skips the MAPEM containing roadSegments signed with certificate +#ItsMapem_TestCases.TC_IS_RLT_RCV_SEC_BO_04 + +[MAIN_CONTROLLER] +# The options herein control the behavior of MC. +KillTimer := 10.0 +LocalAddress := 127.0.0.1 +TCPPort := 12000 +NumHCs := 1 diff --git a/etc/AtsIS/AtsIS_Spatem.cf_ b/etc/AtsIS/AtsIS_Spatem.cf_ new file mode 100644 index 0000000..b5d062f --- /dev/null +++ b/etc/AtsIS/AtsIS_Spatem.cf_ @@ -0,0 +1,200 @@ + +[MODULE_PARAMETERS] +# This section shall contain the values of all parameters that are defined in your TTCN-3 modules. + +# IUT Station ID +LibItsCommon_Pixits.PX_IUT_STATION_ID := 2533729309 + +LibItsGeoNetworking_Pixits.PX_GN_UPPER_LAYER := e_btpB + +[LOGGING] +# In this section you can specify the name of the log file and the classes of events +# you want to log into the file or display on console (standard error). + +LogFile := "../logs/AtsIS/%e.%h-%r.%s" +FileMask := LOG_ALL | USER | DEBUG | MATCHING +ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING +#FileMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP +#ConsoleMask := ERROR | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP +LogSourceInfo := Stack +LogEntityName:= Yes +LogEventTypes:= Yes +#TimeStampFormat := DateTime + +[TESTPORT_PARAMETERS] +# In this section you can specify parameters that are passed to Test Ports. +# SPATEM Layer +# next_header : btpA|btpB (overwrite BTP.type) +# header_type : tsb|gbc|uni +# header_sub_type : sh (single hop) +# SPATEM Layer +# next_header : btpA|btpB (overwrite BTP.type) +# BTP Layer +# type : btpA|btpB +# destination port: dst_port +# source port : src_port +# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU +# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU +# GN Layer +# ll_address : GeoNetworking address of the Test System +# latitude : latitude of the Test System +# longitude : longitude of the Test System +# beaconing : Set to 1 if GnLayer shall start beaconing +# Beaconning timer expiry: expiry (ms) +# device_mode : Set to 1 if the layer shall encapsulate upper layer PDU +# secured_mode : Set to 1 if message exchanges shall be signed +# encrypted_mode : Set to 1 if message exchanges shall be encrypted +# NOTE: For signed & encrypted message exchanges, both secured_mode and encrypted_mode shall be set to 1 +# secure_db_path : Path to the certificates and keys storage location +# hash : Hash algorithm to be used when secured mode is set +# Authorized values are SHA-256 or SHA-384 +# Default: SHA-256 +# cypher : Cyphering algorithm to be used when secured mode is set +# Authorized values are NISTP-256 and BP-256 +# Default: NISTP-256 +# Ethernet layer +# mac_src :Source MAC address +# mac_bc :Broadcast address +# eth_type : Ethernet type +# Commsignia layer +# mac_src : Device MAC address, used to discard packets +# To indicate no filering, use the value 000000000000 +# mac_bc : Broadcast address +# eth_type : Ethernet type, used to discard packets +# target_host : Device address +# target_port : Device port +# source_port : Test System port +# interface_id: Interface id, used to discard packets +# tx_power : TX power (dB) +# UDP layer (IP/UDP based on Pcap) +# dst_ip : destination IPv4 address (aa.bb.cc.dd) +# dst_port: destination port +# src_ip : source IPv4 address (aa.bb.cc.dd) +# src_port: source port +# Pcap layer +# mac_src : Source MAC address, used to exclude from capture the acket sent by the Test System +# filter : Pcap filter (compliant with tcpdump syntax) +# Online mode: +# nic: Local NIC +# If set, online mode is used +# Offline mode (nic is present but not set): +# file : File to read +# frame_offset: Frame offset, used to skip packets with frame number < frame_offset +# time_offset : Time offset, used to skip packets with time offset < time_offset +# save_mode : 1 to save sent packet, 0 otherwise + +#Cygwin +#system.mapemSpatemPort.params := "SPATEM(next_header=btpB,header_type=uni)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=/home/yanng/tmp/certificates)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=CEBB111F-D749-4B40-8B4D-DBB060E90987,filter=and ether proto 0x8947)" +# Linux +#system.mapemSpatemPort.params := "SPATEM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/PCAP(mac_src=dc536045af7f,nic=wlp2s0,filter=and ether proto 0x8947)" +system.mapemSpatemPort.params := "SPATEM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7e)/PCAP(mac_src=dc536045af7e,nic=wlp0s20f3,filter=and ether proto 0x8947)" +# Linux over UDP +#system.mapemSpatemPort.params := "SPATEM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/UDP(dst_ip=192.168.146.26,src_port=4041,dst_port=50544)" + +# SPATEM UpperTester port based on UDP +system.utPort.params := "UT_SPATEM/UDP(dst_ip=127.0.0.1,dst_port=12345,src_port=12346)" +#system.utPort.params := "UT_SPATEM/UDP(dst_ip=192.168.146.26,dst_port=44100,src_port=12345)" +#system.utPort.params := "UT_SPATEM/UDP(dst_ip=172.16.35.1)" + +[EXECUTE] + +ItsSpatem_TestCases.TC_IS_TLM_xxx_BV_01 + +# Check that protocolVersion is set to 1 and messageID is set to 4 +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_01 +# An IUT shall include the unique identifier for the intersection as part of the signal phase and timing message broadcast +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_02 +# Check that TLM service generates a SPAT message with the revision data element synchronized with the revision data element in the intersection configuration of the roadway geometric information (MAP) +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_03 +# An IUT shall include a timestamp as part of the signal phase and timing message broadcast. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_04 +# An IUT shall include signalGroupe for each intersection if this signalGroup is defined in the intersection configuration of the roadway geometric information (MAP) +# For each vehicular manoeuvre at a signalized intersection, an IUT shall include the current movement state. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_06 +# For each pedestrian manoeuvre at a signalized intersection, an IUT shall include the current movement state. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_07 +# For each active manoeuvre an IUT shall include the earliest time point when the manoeuvre state is predicted to change +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_08 +# For each manoeuvre at a signalized intersection, an IUT shall include: +# - the next expected movement states pertaining to that manoeuvre +# - the time point for when the succeeding manoeuvre state is predicted to change +# - the start time for each pending manoeuvre +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_09 +# Check that SPAT message prioritization is encoded using regional extension. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_10 +# For each manoeuvre at a signalized intersection, an IUT shall indicate if one or more pedestrians have been detected in the pedestrian crossing. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_11 +# An IUT shall transmit information about the optimal speed for vehicles on each lane +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_12 +# An IUT shall transmit information about the signal timing progression speed along the roadway. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_13 +# An IUT shall transmit the length of the queue and the length of available vehicular storage on each egress lane. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_MSGF_BV_14 + +# Check that TLM Service generates a new SPATEM on reception of a valid AppSPATEM _Start request +#ItsSpatem_TestCases.TC_IS_TLM_GEN_EVGN_BV_01 +# Check that TLM Service generates SPATEM are time ordered +# Check that TLM Service terminates on reception of a valid AppSPATEM _Stop request +#ItsSpatem_TestCases.TC_IS_TLM_GEN_EVGN_BV_03 +# Check that TLM Service generates a new SPATEM on reception of a valid AppSPATEM_Trigger request +#ItsSpatem_TestCases.TC_IS_TLM_GEN_EVGN_BV_04 + +# Check that TLM Service provides the destination area in SPATEM +#ItsSpatem_TestCases.TC_IS_TLM_GEN_COM_BV_01 +# Check that SPATEM uses BTP_B packet. Check that the destination port for SPATEM is set to 2004 +#ItsSpatem_TestCases.TC_IS_TLM_GEN_COM_BV_02 + +# Check that TLM service encapsulates SPATEM in a GBC with the HeaderType field set to the value of 4 +#ItsSpatem_TestCases.TC_IS_TLM_GEN_COMM_BV_03 +# Check that TLM service uses certificate containing valid ITS AID to sign SPATEM messages. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SEC_BV_01 +# Check that TLM service uses generic security profile to sign SPATEM message and does not include additional security header elements +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SEC_BV_02 +# Check that TLM service uses certificate containing valid Service Specific Permissions of type BitmapSsp to sign SPATEM messages and the SSP version is set to 1 +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SSP_BV_01 +# Check that TLM service sends a SPAT message containing IntersectionState without prioritization and manoeuvre assist information when it is permitted by the signing certificate +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SSP_BV_02 +# Check that TLM service does not send a SPAT message containing IntersectionState if it is not permitted by the certificate +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SSP_BO_03 +# Check that TLM service sends a SPAT message containing public transport prioritization response when it is permitted by the signing certificate . +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SSP_BV_04 +# Check that TLM service does not send a SPAT message containing IntersectionState if it is not permitted by the certificate. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SSP_BO_05 +# Check that TLM service sends a SPAT message containing Intersection maneuver assisting information when it is permitted by the signing certificate +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SSP_BV_06 +# Check that TLM service sends a SPAT message containing movement state maneuver assisting information when it is permitted by the signing certificate. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SSP_BV_07 +# Check that TLM service does not send a SPAT message containing intersection maneuver assisting information if it is not permitted by the certificate. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SSP_BO_08 +# Check that TLM service does not send a SPAT message containing movement state maneuver assisting information if it is not permitted by the certificate. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_SSP_BO_09 + +# Check that the IUT transmits SPATEM with valid transmission rate. +#ItsSpatem_TestCases.TC_IS_TLM_GEN_RATE_BV_01 + +# Check that the IUT can successfully process all mandatory fields of SPATEM received +#ItsSpatem_TestCases.TC_IS_TLM_RCV_MSGF_BV_01 +# Check that the IUT accepts the SPATEM message permitted by the signing certificate. +#ItsSpatem_TestCases.TC_IS_TLM_RCV_SEC_BV_01 +# Check that the IUT discards the SPATEM message not permitted by the signing certificate. +#ItsSpatem_TestCases.TC_IS_TLM_RCV_SEC_BO_01 +# Check that the IUT accepts the SPATEM message containing IntersectionState without additional information permitted by the signing certificate. +#ItsSpatem_TestCases.TC_IS_TLM_RCV_SSP_BV_01 +# Check that the IUT skips the SPATEM message containing IntersectionState without additional information not permitted by the signing certificate. +#ItsSpatem_TestCases.TC_IS_TLM_RCV_SSP_BO_02 +# Check that the IUT accepts the SPATEM message containing IntersectionState with public transport prioritization response permitted by the signing certificate. +#ItsSpatem_TestCases.TC_IS_TLM_RCV_SSP_BV_03 +# Check that the IUT skips the SPATEM message containing IntersectionState with public transport prioritization response not permitted by the signing certificate. +#ItsSpatem_TestCases.TC_IS_TLM_RCV_SSP_BO_04 +# Check that the IUT accepts the SPATEM message containing IntersectionState with manoeuvre assist information permitted by the signing certificate. +#ItsSpatem_TestCases.TC_IS_TLM_RCV_SSP_BV_05 +# Check that the IUT skips the SPATEM message containing IntersectionState with manoeuvre assist information permitted by the signing certificate +#ItsSpatem_TestCases.TC_IS_TLM_RCV_SSP_BO_06 + + +[MAIN_CONTROLLER] +# The options herein control the behavior of MC. +KillTimer := 10.0 +LocalAddress := 127.0.0.1 +TCPPort := 12000 +NumHCs := 1 diff --git a/etc/AtsPki/AtsPki.cfg b/etc/AtsPki/AtsPki.cfg index be66d6f..68e18b6 120000 --- a/etc/AtsPki/AtsPki.cfg +++ b/etc/AtsPki/AtsPki.cfg @@ -1 +1 @@ -AtsPki_Microsec.cfg_ \ No newline at end of file +AtsPki_Etas.cfg_ \ No newline at end of file diff --git a/etc/AtsPki/AtsPki_Atos.cfg_ b/etc/AtsPki/AtsPki_Atos.cfg_ index 6f681a1..57f7c8e 100644 --- a/etc/AtsPki/AtsPki_Atos.cfg_ +++ b/etc/AtsPki/AtsPki_Atos.cfg_ @@ -2,6 +2,12 @@ [MODULE_PARAMETERS] # This section shall contain the values of all parameters that are defined in your TTCN-3 modules. +# Reduce LibCom Timeout +LibCommon_Sync.PX_TSYNC_TIME_LIMIT := 40.0 +LibCommon_Sync.PX_TSHUT_DOWN_TIME_LIMIT := 40.0 +LibCommon_Time.PX_TDONE := 40.0 +LibCommon_Time.PX_TWAIT := 40.0 + # Enable Security support LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true # Root path to access certificate stored in files, identified by certficate ID @@ -30,14 +36,15 @@ LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/getctl/347A3B143C94C298" LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/347A3B143C94C298" LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/getectl/0DA3EE9ACF7F9F14" -LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "ATOS_EA_D41845A1F71C356A" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) -LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" -LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "ATOS_AA_A8AA9CAB63B783EE" -LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "ATOS_RCA_347A3B143C94C298" +LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI +LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "ATOS_EA_D41845A1F71C356A" # "ATOS_EA_D41845A1F71C356A" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set +LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "ATOS_AA_A8AA9CAB63B783EE" +LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "ATOS_RCA_347A3B143C94C298" -LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3031'O # Nist-P256 -#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3032'O # Brainpool-P256 r1 -#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3033'O # Brainpool-P384 r1 +LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3031'O # Nist-P256 +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3032'O # Brainpool-P256 r1 +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3033'O # Brainpool-P384 r1 # Technical keys # Private key @@ -48,12 +55,17 @@ LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := 'FE95786F01D7E1666CCDFAB7 LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '038038f5490cd5a58ff5465d3b577ee830047336ac5dac07036b798aaecae7273f'O; # Set to true if the IUT support CertificateId shall be set to the choice name, false if it shall be omitted -LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +# Set to true if the IUT support geographical region +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_REGION := false # requestedSubjectAttributes.region is omitted #LibItsPki_Pics.PICS_PKI_AUTH_POP := false # Do not use Signed for PoP in Authorization requet # Required for SECPKI_AA_AUTH_RCV_02_BV #LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment +# URI to request CTL +LibItsPki_Pics.PICS_HTTP_POST_URI_DC := "/ctl" + #LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request #LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 or e_brainpool_p384_r1 @@ -82,15 +94,24 @@ LogEventTypes:= Yes [TESTPORT_PARAMETERS] # Multiple HTTP component ports system.httpEcPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-ea.l0.c-its-pki.eu)" -#system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-ea.l0.c-its-pki.eu)" # To be used when IUT is the EA -system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43,local_port=80)" # Multiple HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx +system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-ea.l0.c-its-pki.eu)" # To be used when IUT is the EA +#system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43,local_port=80)" # Multiple HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-aa.l0.c-its-pki.eu)" + system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-dc.l0.c-its-pki.eu)" system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-dc.l0.c-its-pki.eu)" [EXECUTE] +# Config: +# LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := false # CERT_TS_A_EA shall be trusted by the PKI +# LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := PKI EA cert +# LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +# LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := PKI AA cert +# LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert +# system.httpAtVPort.params := TCP(server=0.atos-ea.l0.c-its-pki.eu) + # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message -ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp) #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01 @@ -144,7 +165,7 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV #ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV # The AuthorizationValidationResponse message shall be sent by the EA to the AA across the interface at reference point S4 in response to a received AuthorizationValidationRequest message -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV +ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV # Check that EA doesn't accept Authorization Validation Request when SharedAtRequest is signed with certificate without appropriate permissions #ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_02_BI @@ -161,6 +182,14 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # The component version of the EtsiTs102941Data structure is set to v1 (integer value set to 1) #ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_06_BV +# Config: +# LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI +# LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := CERT_TS_A_EA +# LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +# LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := PKI AA cert +# LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert +# system.httpAtVPort.params := TCP(server=server=192.168.1.43) + # Check that the EA/AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... #ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV # Check that the AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... @@ -195,7 +224,7 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV #ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_16_BI # Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest -#ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV +#ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV <==== # Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL #ItsPki_TestCases.TC_RCA_CTLGEN_01_BV @@ -204,7 +233,12 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # Check that the TLM generates the ECTL when new RootCA is about to be added #ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV -#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV + +# Config: +# system.httpCaPort.params := TCP(debug=1,server_mode=1,server=10.200.60.6) +# Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates +#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV # + # Check that the issuing certificate has version 3 #ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_01_BV diff --git a/etc/AtsPki/AtsPki_CryptaLabs.cfg_ b/etc/AtsPki/AtsPki_Autocrypt.cfg_ similarity index 57% rename from etc/AtsPki/AtsPki_CryptaLabs.cfg_ rename to etc/AtsPki/AtsPki_Autocrypt.cfg_ index 680432d..c5cc79c 100644 --- a/etc/AtsPki/AtsPki_CryptaLabs.cfg_ +++ b/etc/AtsPki/AtsPki_Autocrypt.cfg_ @@ -9,48 +9,69 @@ LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "../data/certificates" # Configuration sub-directory to access certificate stored in files LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "certificates" -# Use this certificate if the RSU simulator act as IUT -LibItsCommon_Pixits.PX_CERT_FOR_TS := "CERT_IUT_A_AT" - -LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" -LibItsHttp_Pics.PICS_HEADER_CTL_CONTENT_TYPE := "application/x-its-crl" - -LibItsPki_Pics.PICS_MULTIPLE_END_POINT := false -LibItsPki_Pics.PICS_HEADER_HOST_EC := "pki.seacat.io" -LibItsPki_Pics.PICS_HEADER_HOST_ATV := "pki.seacat.io" -LibItsPki_Pics.PICS_HEADER_HOST_AT := "pki.seacat.io" -LibItsPki_Pics.PICS_HEADER_HOST_CA := "pki.seacat.io" -LibItsPki_Pics.PICS_HEADER_HOST_TLM := "pki.seacat.io" - -LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/etsi-plugtest-brainpool/cits/ea/enrolment" -LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/etsi-plugtest-brainpool/cits/aa/authorization" -LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/etsi-plugtest-brainpool/cits/ea/authorization-validation" -LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/etsi-plugtest-brainpool/cits/dc/getctl/DC8A483A7AEF3FA9" -LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/etsi-plugtest-brainpool/cits/dc/getcrl/DC8A483A7AEF3FA9" -LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "" - -LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_CRYPTALAB_PKI_EA" -LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" -LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "CERT_CRYPTALAB_PKI_AA" -LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "CERT_CRYPTALAB_PKI_RCA" +LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" + +LibItsPki_Pics.PICS_MULTIPLE_END_POINT := true +LibItsPki_Pics.PICS_HEADER_HOST_EC := "ea.etsi.autocrypt.io:9100" +LibItsPki_Pics.PICS_HEADER_HOST_ATV := "ea.etsi.autocrypt.io:9100" +LibItsPki_Pics.PICS_HEADER_HOST_AT := "aa.etsi.autocrypt.io:9200" +LibItsPki_Pics.PICS_HEADER_HOST_CA := "dc.etsi.autocrypt.io:9300" +LibItsPki_Pics.PICS_HEADER_HOST_TLM := "dc.etsi.autocrypt.io:9300" + +LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/api/ea/ec" +LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/api/aa/at" +LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/api/ea/av" +LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/getctl/102DEBCB233A0F09" +LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/102DEBCB233A0F09" +LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/" + +#LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI +LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "AUTOCRYPT_EA_BCBD30353B9C491F" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set +LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "AUTOCRYPT_AA_A66CB66EC2F67F4D" +LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "AUTOCRYPT_RCA_102DEBCB233A0F09" + +LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3031'O # Nist-P256 +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3032'O # Brainpool-P256 r1 +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3033'O # Brainpool-P384 r1 + +# Technical keys +# Private key +#FE95786F01D7E1666CCDFAB7BAEE9BF9B30BBEA15A838A58994E65E684A8BB34 +# Public key +#048038F5490CD5A58FF5465D3B577EE830047336AC5DAC07036B798AAECAE7273FD91C4F60995494EA949E64EE0E3D768DBDEB8AFC345627211E3FC4DD8FD39EE5 +LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := 'FE95786F01D7E1666CCDFAB7BAEE9BF9B30BBEA15A838A58994E65E684A8BB34'O; +LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '038038f5490cd5a58ff5465d3b577ee830047336ac5dac07036b798aaecae7273f'O; + +# Set to true if the IUT support CertificateId shall be set to the choice name, false if it shall be omitted +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +# Set to true if the IUT support geographical region +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_REGION := false # requestedSubjectAttributes.region is omitted #LibItsPki_Pics.PICS_PKI_AUTH_POP := false # Do not use Signed for PoP in Authorization requet # Required for SECPKI_AA_AUTH_RCV_02_BV #LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment +# URI to request CTL +LibItsPki_Pics.PICS_HTTP_POST_URI_DC := "/ctl" + #LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request -#LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 or e_brainpool_p384_r1 -LibItsPki_Pixits.PX_EC_ALG_FOR_EC := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -LibItsPki_Pixits.PX_EC_ALG_FOR_ATV := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -LibItsPki_Pixits.PX_EC_ALG_FOR_EC_SIGN := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -LibItsPki_Pixits.PX_EC_ALG_FOR_AT := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p384_r1 + +#LibItsPki_Pixits.PX_EC_ALG_FOR_EC := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_EC_ALG_FOR_AT := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_EC_ALG_FOR_EC_SIGN := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_EC_ALG_FOR_ATV := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 + +LibItsSecurity_Pics.PICS_SEC_CIRCULAR_REGION := false +LibItsSecurity_Pics.PICS_SEC_RECTANGULAR_REGION := true [LOGGING] # In this section you can specify the name of the log file and the classes of events # you want to log into the file or display on console (standard error). -LogFile := "../logs/%e.%h-%r.%s" +LogFile := "../logs/AtsPki/%e.%h-%r.%s" FileMask := LOG_ALL | USER | DEBUG | MATCHING ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING #FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP @@ -61,20 +82,26 @@ LogEventTypes:= Yes #TimeStampFormat := DateTime [TESTPORT_PARAMETERS] -# Single HTTP component port -system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=178.238.43.67)" # Multiple HTTP component ports -#system.httpEcPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=178.238.43.67)" -#system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=178.238.43.67)" -#system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.25,local_port=80)" # Multiple HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx -#system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=178.238.43.67)" - -system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=178.238.43.67,use_ssl=1)" -system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=178.238.43.67,use_ssl=1)" +system.httpEcPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=ea.etsi.autocrypt.io,port=9100)" +system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=ea.etsi.autocrypt.io,port=9100)" # To be used when IUT is the EA +#system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43,local_port=80)" # Multiple HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx +system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=aa.etsi.autocrypt.io,port=9200)" +#system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=10.200.60.6)" +system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=dc.etsi.autocrypt.io,port=9300)" +system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=dc.etsi.autocrypt.io,port=9300)" [EXECUTE] +# Config: +# LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := false # CERT_TS_A_EA shall be trusted by the PKI +# LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := PKI EA cert +# LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +# LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := PKI AA cert +# LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert +# system.httpAtVPort.params := TCP(server=ea.etsi.autocrypt.io:9100) + # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV +ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp) #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01 @@ -145,6 +172,14 @@ system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec) # The component version of the EtsiTs102941Data structure is set to v1 (integer value set to 1) #ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_06_BV +# Config: +# LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI +# LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := CERT_TS_A_EA +# LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +# LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := PKI AA cert +# LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert +# system.httpAtVPort.params := TCP(server=server=192.168.1.43) + # Check that the EA/AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... #ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV # Check that the AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... @@ -184,11 +219,61 @@ system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec) # Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL #ItsPki_TestCases.TC_RCA_CTLGEN_01_BV # Check that the RootCA generates the CRL signed with appropriate certificate. -ItsPki_TestCases.TC_RCA_CRLGEN_01_BV - +#ItsPki_TestCases.TC_RCA_CRLGEN_01_BV # Check that the TLM generates the ECTL when new RootCA is about to be added #ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV +# Config: +# system.httpCaPort.params := TCP(debug=1,server_mode=1,server=10.200.60.6) +# Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates +#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV # + + +# Check that the issuing certificate has version 3 +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_01_BV +# Check that the issuing certificate has type explicit +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_01 +# Check that the CA, been authorized using explicit certificate, is able to issue an implicit certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_02 +# Check that the CA, been authorized using explicit certificate, is able to issue an implicit certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_03 +# Check that the CA, been authorized using implicit certificate, does not issue an explicit certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BO_01 +# Check that CA issues certificate conformed to ETSI TS 103 097 [1], clause 6 +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_03_BV +# Check that the certificate issuer of certificates is referenced using digest. Check that right digest field is used to reference to the certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_04_BV +# Check that the CA is able to issue the certificate with the well-formed circular region validity restriction +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_05_BV +# Check that the CA is able to issue the certificate with the well-formed rectangular region validity restriction +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_06_BV +# Check that the CA is able to issue the certificate with the well-formed polygonal region validity restriction +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_07_BV +# Check that the CA is able to issue the certificate with identified region validity restriction contains values that correspond to numeric country codes as defined by United Nations Statistics Division [5] +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_08_BV +# Check that the identified region validity restriction of the subordinate certificate is included in the identified region validity restriction of the issuing certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_09_BV +# Check that the certificate signature contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_10_BV +# Check that the certificate verification key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_11_BV +# Check that the certificate encryption key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_12_BV +# Check the explicit certificate signature +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_13_BV_01 +# Check the explicit certificate signature +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_13_BV_02 +# Check that all PSID entries of the appPermissions component of the certificate are unique +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_14_BV +# Check that all PSID entries of the appPermissions component of the certificate are also contained in the certIssuePermissions component in the issuing certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_15_BV +# Check that all PSID entries of the certIssuePermissions component of the certificate are unique +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_16_BV +# Check that SSP field in each entry of the appPermissions component of the AT certificate is equal to or a subset of the SSP Range in the corresponding issuing entry +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_17_BV +# Check that the validityPeriod of the subordinate certificate is inside the validityPeriod of the issuing certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_18_BV + [MAIN_CONTROLLER] # The options herein control the behavior of MC. KillTimer := 10.0 diff --git a/etc/AtsPki/AtsPki_Cnit.cfg_ b/etc/AtsPki/AtsPki_Cnit.cfg_ deleted file mode 100644 index 9eb60ef..0000000 --- a/etc/AtsPki/AtsPki_Cnit.cfg_ +++ /dev/null @@ -1,169 +0,0 @@ -[MODULE_PARAMETERS] -# This section shall contain the values of all parameters that are defined in your TTCN-3 modules. - -# Enable Security support -LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true -# Root path to access certificate stored in files, identified by certficate ID -LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "/home/vagrant/tmp" -# Configuration sub-directory to access certificate stored in files -LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "certificates" - -LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" - -LibItsHttp_Pics.PICS_HEADER_HOST := "etsi-dc-noes.labtlclivorno.it" - -LibItsPki_Pics.PICS_HTTP_POST_URI_EC :="/dc/ea" -LibItsPki_Pics.PICS_HTTP_POST_URI_AT :="/dc/aa" -LibItsPki_Pics.PICS_HTTP_POST_URI_ATV :="/dc/ea/validate" - -#LibItsPki_Pics.PICS_ITS_S_WITH_PRIVACY := false -LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5C25F97607DFC62972A147FAD8B7A7C939569F0F95ECD4C641724A68B51836E5'O -LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '020144E5174B0AFDA86BDB8B643B68D40030F5BDB9A9F090C64852CC3C20C9D5AD'O -LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D4954532D303031'O - -LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_CNIT_EA" -LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" -LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "CERT_CNIT_AA" -LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "CERT_CNIT_RCA" - -#LibItsPki_Pics.PICS_PKI_AUTH_POP := false # Do not use Signed for PoP in Authorization requet - # Required for SECPKI_AA_AUTH_RCV_02_BV -#LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment - -#LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request - -LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false - -[LOGGING] -# In this section you can specify the name of the log file and the classes of events -# you want to log into the file or display on console (standard error). - -LogFile := "../logs/%e.%h-%r.%s" -FileMask := LOG_ALL | USER | DEBUG | MATCHING -ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING -#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP -#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP -LogSourceInfo := Stack -LogEntityName:= Yes -LogEventTypes:= Yes -#TimeStampFormat := DateTime - -[TESTPORT_PARAMETERS] -system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=etsi-dc-noes.labtlclivorno.it)" - -[EXECUTE] -# The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV - -# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01 -# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (containing opaque[0] (version) indicating other value than 1) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_02 -# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (containing opaque[1] (value) indicating "Enrolment Request" (bit 1) set to 0) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_03 - -# Enroll an ITS-Station, but with a canonical-ID, that is not registered. -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_05_BI -# Enroll the ITS-Station, but the CSR re-quests more permissions than the issuer allows, i.e. request for security management SSP bit which is not set in the EA SSP -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_06_BI -# Enroll the ITS-Station, but the CSR requests a AID permission that the issuer does not allow, i.e. request for CAM AID -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_07_BI -# Enroll the ITS-Station, but the expiring date of the CSR is before the start date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_08_BI -# Enroll the ITS-Station, but the start date of the CSR is before the start date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_09_BI -# Enroll the ITS-Station, but the expiring date of the CSR is after the expiring date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_10_BI -# Enroll the ITS-Station, but the start date of the CSR is after the expiring date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_11_BI -# Enroll the ITS-Station, but the lifetime of the EC would be grater than allowed (considering values in C-ITS CP) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_12_BI -# Enroll the ITS-Station, but the inner PoP signature in the CSR, created with the EC private key, can not be verified with the provided public key -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_13_BI - -# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. -#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV -# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. -#ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV -# The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed structure -#ItsPki_TestCases.TC_SECPKI_EA_ENR_03_BV -# If the ITS-S has been able to decrypt the content, this expected EtsiTs103097Data-Signed structure shall contain hashId, tbsData, signer and signature. The hashId shall indicate the hash algorithm to be used as specified in ETSI TS 103 097, the signer shall be declared as a digest, containing the HashedId8 of the EA certificate and the signature over tbsData shall be computed using the EA private key corresponding to its publicVerificationKey found in the referenced EA certificate -#ItsPki_TestCases.TC_SECPKI_EA_ENR_04_BV -# Within the headerInfo of the tbsData, the psid shall be set to secured certificate request as assigned in ETSI TS 102 965 and the generationTime shall be present -#ItsPki_TestCases.TC_SECPKI_EA_ENR_05_BV -# Within the headerInfo of the tbsData, aside from psid and generationTime, all other components of the component tbsData.headerInfo not used and absent -#ItsPki_TestCases.TC_SECPKI_EA_ENR_06_BV -# The EtsiTS102941Data shall contain the version set to v1 (integer value set to 1) and the content set to InnerECResponse -#ItsPki_TestCases.TC_SECPKI_EA_ENR_07_BV -# The InnerECResponse shall contain the requestHash, which is the left-most 16 octets of the SHA256 digest of the EtsiTs103097Data - Signed structure received in the request and a responseCode indicating the result of the request -#ItsPki_TestCases.TC_SECPKI_EA_ENR_08_BV -# If the responseCode is 0, the InnerECResponse shall also contain an (enrolment) certificate -#ItsPki_TestCases.TC_SECPKI_EA_ENR_09_BV -# If the responseCode is different than 0, the InnerECResponse shall not contain a certificate -#ItsPki_TestCases.TC_SECPKI_EA_ENR_10_BV -# Check that signing of Enrolment response message is permitted by the EA certificate -#ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV -# Check that generated EC certificate contains only allowed permissions -#ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV - -# The AuthorizationValidationResponse message shall be sent by the EA to the AA across the interface at reference point S4 in response to a received AuthorizationValidationRequest message -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV -# Check that EA doesn't accept Authorization Validation Request when SharedAtRequest is signed with certificate without appropriate permissions -ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_02_BI - -# The EtsiTs103097Data-Encrypted is build with the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the AuthorizationRequest message to which the response is built and the component ciphertext containing the encrypted representation of the EtsiTs103097Data-Signed. The encryption uses a ETSI TS 103 097 [3] approved algorithm -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_01_BV -# To read an authorization validation response, the AA shall receive an EtsiTs103097Data-Encrypted structure, containing a EtsiTs103097Data-Signed structure, containing a EtsiTs102941Data structure, containing an AuthorizationValidationResponse structure -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_02_BV -# The AuthorizationValidationResponse structure contains the requestHash being the left-most 16 octets of the SHA256 digest of the EtsiTs103097Data-Signed structure received in the AuthorizationValidationRequest and a responseCode -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_03_BV -# If the responseCode is 0, the AuthorizationValidationResponse structure contains the component confirmedSubjectAttributes with the attributes the EA wishes to confirm, except for certIssuePermissions which is not allowed to be present -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_04_BV -# If the responseCode is different than 0, the AuthorizationValidationResponse structure does not contain the component confirmedSubjectAttributes -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_05_BV -# The component version of the EtsiTs102941Data structure is set to v1 (integer value set to 1) -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_06_BV - -# Check that the EA/AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV -# Check that the AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_02_BV -# Check that the AA skips the AuthorizationRequest message if it is not addressed to this AA -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_03_BI -# Check that the AA skips the AuthorizationRequest message if it unable to decrypt the encKey -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_04_BI -# Check that the AA skips the AuthorizationRequest message if it unable to decrypt the encKey -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_05_BI -# Check that the AA rejects the AuthorizationRequest message if it unable to verify the POP signature -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_06_BI -# Check that the AA rejects the AuthorizationRequest message if it unable to verify the integrity of the request using hmacKey -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_07_BI -# Send a correctly encoded AT request, but the ITS-Station is not enrolled at the EA -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_08_BI -# Send an AT request, but the inner signer (valid EC) is not issued by the EA which is known / trusted by the AA. The AA trusts only EAs listet on the RCA-CTL -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_09_BI -# Send an AT request, but the generation time of the CSR is in the past -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_10_BI -# Send an AT request, but the generation time of the CSR is in the future -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_11_BI -# Send an AT request, but the expiry date of the CSR is before the start date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_12_BI -# Send an AT request, but the start date of the CSR is before the start date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_13_BI -# Send an AT request, but the expiry date of the CSR is after the expiry date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_14_BI -# Send an AT request, but the start date of the CSR is after the expiring date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_15_BI -# Send an AT request, but the expiry date of the CSR is after now + maximum pre-loading period (considering values in C-ITS CP) -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_16_BI - -# Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest -#ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV - -[MAIN_CONTROLLER] -# The options herein control the behavior of MC. -KillTimer := 10.0 -LocalAddress := 127.0.0.1 -TCPPort := 12000 -NumHCs := 1 - diff --git a/etc/AtsPki/AtsPki_Ctag.cfg_ b/etc/AtsPki/AtsPki_Ctag.cfg_ index 5ace087..8df2dfb 100644 --- a/etc/AtsPki/AtsPki_Ctag.cfg_ +++ b/etc/AtsPki/AtsPki_Ctag.cfg_ @@ -29,14 +29,28 @@ LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/DC/getctl/74c997bd5cc4562a" LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/DC/getcrl/74c997bd5cc4562a" LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "" -LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '504b4945532d4653432d303030303031'O # Nist-P256 -#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '504b4945532d4653432d303030303032'O # Brainpool-P256 r1 -#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '504b4945532d4653432d303030303033'O # Brainpool-P384 r1 - -LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_CTAG_PKI_EA" -LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" -LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "CERT_CTAG_PKI_AA" -LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "CERT_CTAG_PKI_RCA" +#LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI +LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_TS_A_EA" #"MICROSEC_EA_77C0DE13A375774D" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set +LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "MICROSEC_AA_43166B9022583C61" +LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "MICROSEC_RCA_B65E3B8FBBEC3910" + +LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3031'O # Nist-P256 +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3032'O # Brainpool-P256 r1 +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3033'O # Brainpool-P384 r1 + +# Technical keys +# Private key +#FE95786F01D7E1666CCDFAB7BAEE9BF9B30BBEA15A838A58994E65E684A8BB34 +# Public key +#048038F5490CD5A58FF5465D3B577EE830047336AC5DAC07036B798AAECAE7273FD91C4F60995494EA949E64EE0E3D768DBDEB8AFC345627211E3FC4DD8FD39EE5 +LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := 'FE95786F01D7E1666CCDFAB7BAEE9BF9B30BBEA15A838A58994E65E684A8BB34'O; +LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '038038f5490cd5a58ff5465d3b577ee830047336ac5dac07036b798aaecae7273f'O; + +# Set to true if the IUT support CertificateId shall be set to the choice name, false if it shall be omitted +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +# Set to true if the IUT support geographical region +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_REGION := false # requestedSubjectAttributes.region is omitted #LibItsPki_Pics.PICS_PKI_AUTH_POP := false # Do not use Signed for PoP in Authorization requet # Required for SECPKI_AA_AUTH_RCV_02_BV @@ -44,11 +58,15 @@ LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "CERT_CTAG_PKI_RCA" #LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request -#LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 or e_brainpool_p384_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_EC := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_ATV := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_EC_SIGN := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_AT := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p384_r1 + +#LibItsPki_Pixits.PX_EC_ALG_FOR_EC := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_EC_ALG_FOR_AT := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_EC_ALG_FOR_EC_SIGN := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_EC_ALG_FOR_ATV := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 + +LibItsSecurity_Pics.PICS_SEC_CIRCULAR_REGION := false +LibItsSecurity_Pics.PICS_SEC_RECTANGULAR_REGION := true [LOGGING] # In this section you can specify the name of the log file and the classes of events diff --git a/etc/AtsPki/AtsPki_Escrypt.cfg_ b/etc/AtsPki/AtsPki_Escrypt.cfg_ deleted file mode 100644 index 58e8a07..0000000 --- a/etc/AtsPki/AtsPki_Escrypt.cfg_ +++ /dev/null @@ -1,188 +0,0 @@ - -[MODULE_PARAMETERS] -# This section shall contain the values of all parameters that are defined in your TTCN-3 modules. - -# Enable Security support -LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true -# Root path to access certificate stored in files, identified by certficate ID -LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "../data/certificates" -# Configuration sub-directory to access certificate stored in files -LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "certificates" - -# Use this certificate if the RSU simulator act as IUT -LibItsCommon_Pixits.PX_CERT_FOR_TS := "CERT_IUT_A_AT" - -LibItsHttp_Pics.PICS_HEADER_CTL_CONTENT_TYPE := "application/x-its-crl" -LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" - -LibItsPki_Pics.PICS_MULTIPLE_END_POINT := false -LibItsHttp_Pics.PICS_HEADER_HOST := "test.bsi.v2x-pilot.escrypt.com" - -LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment" -LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorization" -LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/ea/validation" -#LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/getctl/1D3C7B499A054F8C"; -#LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/1D3C7B499A054F8C"; -#LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/data/certificates/ectl/ECTL_TEST_ETSI-PLUGTEST_6.0_2019-11-07.oer" - -LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D4954532D30303100000000'O - -LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_ESCRYPT_PKI_EA" -LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" -LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "CERT_ESCRYPT_PKI_AA" -LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "CERT_ESCRYPT_PKI_RCA" - -#LibItsPki_Pics.PICS_ITS_S_WITH_PRIVACY := false -#LibItsPki_Pics.PICS_PKI_AUTH_POP := false # Do not use Signed for PoP in Authorization requet - # Required for SECPKI_AA_AUTH_RCV_02_BV -#LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment -#LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request - -#LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 or e_brainpool_p384_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_EC := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_ATV := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_EC_SIGN := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_AT := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 - -[LOGGING] -# In this section you can specify the name of the log file and the classes of events -# you want to log into the file or display on console (standard error). - -LogFile := "../logs/%e.%h-%r.%s" -FileMask := LOG_ALL | USER | DEBUG | MATCHING -ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING -#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP -#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP -LogSourceInfo := Stack -LogEntityName:= Yes -LogEventTypes:= Yes -#TimeStampFormat := DateTime - -[TESTPORT_PARAMETERS] -# Single HTTP component port -system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=test.bsi.v2x-pilot.escrypt.com)" - -[EXECUTE] -# The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV - -# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01 -# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (containing opaque[0] (version) indicating other value than 1) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_02 -# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (containing opaque[1] (value) indicating "Enrolment Request" (bit 1) set to 0) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_03 - -# Enroll an ITS-Station, but with a canonical-ID, that is not registered. -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_05_BI -# Enroll the ITS-Station, but the CSR re-quests more permissions than the issuer allows, i.e. request for security management SSP bit which is not set in the EA SSP -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_06_BI -# Enroll the ITS-Station, but the CSR requests a AID permission that the issuer does not allow, i.e. request for CAM AID -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_07_BI -# Enroll the ITS-Station, but the expiring date of the CSR is before the start date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_08_BI -# Enroll the ITS-Station, but the start date of the CSR is before the start date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_09_BI -# Enroll the ITS-Station, but the expiring date of the CSR is after the expiring date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_10_BI -# Enroll the ITS-Station, but the start date of the CSR is after the expiring date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_11_BI -# Enroll the ITS-Station, but the lifetime of the EC would be grater than allowed (considering values in C-ITS CP) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_12_BI -# Enroll the ITS-Station, but the inner PoP signature in the CSR, created with the EC private key, can not be verified with the provided public key -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_13_BI - -# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. -ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV -# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. -ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV -# The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed structure -ItsPki_TestCases.TC_SECPKI_EA_ENR_03_BV -# If the ITS-S has been able to decrypt the content, this expected EtsiTs103097Data-Signed structure shall contain hashId, tbsData, signer and signature. The hashId shall indicate the hash algorithm to be used as specified in ETSI TS 103 097, the signer shall be declared as a digest, containing the HashedId8 of the EA certificate and the signature over tbsData shall be computed using the EA private key corresponding to its publicVerificationKey found in the referenced EA certificate -ItsPki_TestCases.TC_SECPKI_EA_ENR_04_BV -# Within the headerInfo of the tbsData, the psid shall be set to secured certificate request as assigned in ETSI TS 102 965 and the generationTime shall be present -ItsPki_TestCases.TC_SECPKI_EA_ENR_05_BV -# Within the headerInfo of the tbsData, aside from psid and generationTime, all other components of the component tbsData.headerInfo not used and absent -ItsPki_TestCases.TC_SECPKI_EA_ENR_06_BV -# The EtsiTS102941Data shall contain the version set to v1 (integer value set to 1) and the content set to InnerECResponse -ItsPki_TestCases.TC_SECPKI_EA_ENR_07_BV -# The InnerECResponse shall contain the requestHash, which is the left-most 16 octets of the SHA256 digest of the EtsiTs103097Data - Signed structure received in the request and a responseCode indicating the result of the request -ItsPki_TestCases.TC_SECPKI_EA_ENR_08_BV -# If the responseCode is 0, the InnerECResponse shall also contain an (enrolment) certificate -ItsPki_TestCases.TC_SECPKI_EA_ENR_09_BV -# If the responseCode is different than 0, the InnerECResponse shall not contain a certificate -ItsPki_TestCases.TC_SECPKI_EA_ENR_10_BV -# Check that signing of Enrolment response message is permitted by the EA certificate -ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV -# Check that generated EC certificate contains only allowed permissions -ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV - -# The AuthorizationValidationResponse message shall be sent by the EA to the AA across the interface at reference point S4 in response to a received AuthorizationValidationRequest message -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV -# Check that EA doesn't accept Authorization Validation Request when SharedAtRequest is signed with certificate without appropriate permissions -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_02_BI - -# The EtsiTs103097Data-Encrypted is build with the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the AuthorizationRequest message to which the response is built and the component ciphertext containing the encrypted representation of the EtsiTs103097Data-Signed. The encryption uses a ETSI TS 103 097 [3] approved algorithm -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_01_BV -# To read an authorization validation response, the AA shall receive an EtsiTs103097Data-Encrypted structure, containing a EtsiTs103097Data-Signed structure, containing a EtsiTs102941Data structure, containing an AuthorizationValidationResponse structure -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_02_BV -# The AuthorizationValidationResponse structure contains the requestHash being the left-most 16 octets of the SHA256 digest of the EtsiTs103097Data-Signed structure received in the AuthorizationValidationRequest and a responseCode -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_03_BV -# If the responseCode is 0, the AuthorizationValidationResponse structure contains the component confirmedSubjectAttributes with the attributes the EA wishes to confirm, except for certIssuePermissions which is not allowed to be present -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_04_BV -# If the responseCode is different than 0, the AuthorizationValidationResponse structure does not contain the component confirmedSubjectAttributes -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_05_BV -# The component version of the EtsiTs102941Data structure is set to v1 (integer value set to 1) -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_06_BV - -# Check that the EA/AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV -# Check that the AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_02_BV -# Check that the AA skips the AuthorizationRequest message if it is not addressed to this AA -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_03_BI -# Check that the AA skips the AuthorizationRequest message if it unable to decrypt the encKey -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_04_BI -# Check that the AA skips the AuthorizationRequest message if it unable to decrypt the encKey -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_05_BI -# Check that the AA rejects the AuthorizationRequest message if it unable to verify the POP signature -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_06_BI -# Check that the AA rejects the AuthorizationRequest message if it unable to verify the integrity of the request using hmacKey -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_07_BI -# Send a correctly encoded AT request, but the ITS-Station is not enrolled at the EA -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_08_BI -# Send an AT request, but the inner signer (valid EC) is not issued by the EA which is known / trusted by the AA. The AA trusts only EAs listet on the RCA-CTL -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_09_BI -# Send an AT request, but the generation time of the CSR is in the past -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_10_BI -# Send an AT request, but the generation time of the CSR is in the future -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_11_BI -# Send an AT request, but the expiry date of the CSR is before the start date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_12_BI -# Send an AT request, but the start date of the CSR is before the start date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_13_BI -# Send an AT request, but the expiry date of the CSR is after the expiry date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_14_BI -# Send an AT request, but the start date of the CSR is after the expiring date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_15_BI -# Send an AT request, but the expiry date of the CSR is after now + maximum pre-loading period (considering values in C-ITS CP) -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_16_BI - -# Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest -#ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV - -# Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL -#ItsPki_TestCases.TC_RCA_CTLGEN_01_BV -# Check that the RootCA generates the CRL when CA certificate is about to be revoked -#ItsPki_TestCases.TC_RCA_CRLGEN_02_BV - -# Check that the TLM generates the ECTL when new RootCA is about to be added -#ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV - -[MAIN_CONTROLLER] -# The options herein control the behavior of MC. -KillTimer := 10.0 -LocalAddress := 127.0.0.1 -TCPPort := 12000 -NumHCs := 1 - diff --git a/etc/AtsPki/AtsPki_eu_ccms_cpoc.cf_ b/etc/AtsPki/AtsPki_Etas.cfg_ similarity index 78% rename from etc/AtsPki/AtsPki_eu_ccms_cpoc.cf_ rename to etc/AtsPki/AtsPki_Etas.cfg_ index 824f07f..4f31f67 100644 --- a/etc/AtsPki/AtsPki_eu_ccms_cpoc.cf_ +++ b/etc/AtsPki/AtsPki_Etas.cfg_ @@ -1,248 +1,268 @@ - -[MODULE_PARAMETERS] -# This section shall contain the values of all parameters that are defined in your TTCN-3 modules. - -# Enable Security support -LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true -# Root path to access certificate stored in files, identified by certficate ID -LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "../data/certificates" -# Configuration sub-directory to access certificate stored in files -LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "certificates" - -# Use this certificate if the RSU simulator act as IUT -LibItsCommon_Pixits.PX_CERT_FOR_TS := "CERT_IUT_A_AT" - -LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" -LibItsHttp_Pics.PICS_HEADER_CTL_CONTENT_TYPE := "application/x-its-crl" - -LibItsPki_Pics.PICS_MULTIPLE_END_POINT := true -LibItsPki_Pics.PICS_HEADER_HOST_EC := "0.atos-ea.l0.c-its-pki.eu" -LibItsPki_Pics.PICS_HEADER_HOST_ATV := "0.atos-ea.l0.c-its-pki.eu" -LibItsPki_Pics.PICS_HEADER_HOST_AT := "0.atos-aa.l0.c-its-pki.eu" -LibItsPki_Pics.PICS_HEADER_HOST_CA := "cpoc.jrc.ec.europa.eu" -LibItsPki_Pics.PICS_HEADER_HOST_TLM := "cpoc.jrc.ec.europa.eu" - -LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/" -LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/" -LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/" -LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/103600/3-1/getctl/347A3B143C94C298" -LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/data/certificates/tlm/4/1D261F9E338ECB5B.oer" -LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/data/certificates/ectl/4/E43ACA63B0A8882E.oer" - -LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D4954532D303031'O # Nist-P256 -#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D4954532D303032'O # Brainpool-P256 r1 -#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D4954532D303033'O # Brainpool-P384 r1 - -LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_TS_A_EA"#"CERT_IDNOMIC_PKI_EA" -LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" -LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "CERT_IDNOMIC_PKI_AA" -LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "CERT_IDNOMIC_PKI_RCA" - -#LibItsPki_Pics.PICS_PKI_AUTH_POP := false # Do not use Signed for PoP in Authorization requet - # Required for SECPKI_AA_AUTH_RCV_02_BV -#LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment - -#LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request - -#LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 or e_brainpool_p384_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_EC := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_ATV := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_EC_SIGN := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 -#LibItsPki_Pixits.PX_EC_ALG_FOR_AT := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 - -LibItsSecurity_Pics.PICS_SEC_CIRCULAR_REGION := false -LibItsSecurity_Pics.PICS_SEC_RECTANGULAR_REGION := true - -[LOGGING] -# In this section you can specify the name of the log file and the classes of events -# you want to log into the file or display on console (standard error). - -LogFile := "../logs/AtsPki/%e.%h-%r.%s" -FileMask := LOG_ALL | USER | DEBUG | MATCHING -ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING -#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP -#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP -LogSourceInfo := Stack -LogEntityName:= Yes -LogEventTypes:= Yes -#TimeStampFormat := DateTime - -[TESTPORT_PARAMETERS] -# Multiple HTTP component ports -system.httpEcPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=90.84.188.76)" -system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=90.84.188.76)" -#system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.25,local_port=80)" # Multiple HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx -system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(server=90.84.188.76)" -system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=139.191.221.21,use_ssl=1)" -system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=139.191.221.21,use_ssl=1)" - -[EXECUTE] -# The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV - -# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01 -# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (containing opaque[0] (version) indicating other value than 1) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_02 -# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (containing opaque[1] (value) indicating "Enrolment Request" (bit 1) set to 0) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_03 - -# Enroll an ITS-Station, but with a canonical-ID, that is not registered. -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_05_BI -# Enroll the ITS-Station, but the CSR re-quests more permissions than the issuer allows, i.e. request for security management SSP bit which is not set in the EA SSP -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_06_BI -# Enroll the ITS-Station, but the CSR requests a AID permission that the issuer does not allow, i.e. request for CAM AID -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_07_BI -# Enroll the ITS-Station, but the expiring date of the CSR is before the start date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_08_BI -# Enroll the ITS-Station, but the start date of the CSR is before the start date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_09_BI -# Enroll the ITS-Station, but the expiring date of the CSR is after the expiring date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_10_BI -# Enroll the ITS-Station, but the start date of the CSR is after the expiring date of the EA -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_11_BI -# Enroll the ITS-Station, but the lifetime of the EC would be grater than allowed (considering values in C-ITS CP) -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_12_BI -# Enroll the ITS-Station, but the inner PoP signature in the CSR, created with the EC private key, can not be verified with the provided public key -##ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_13_BI - -# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. -#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV -# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. -#ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV -# The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed structure -#ItsPki_TestCases.TC_SECPKI_EA_ENR_03_BV -# If the ITS-S has been able to decrypt the content, this expected EtsiTs103097Data-Signed structure shall contain hashId, tbsData, signer and signature. The hashId shall indicate the hash algorithm to be used as specified in ETSI TS 103 097, the signer shall be declared as a digest, containing the HashedId8 of the EA certificate and the signature over tbsData shall be computed using the EA private key corresponding to its publicVerificationKey found in the referenced EA certificate -#ItsPki_TestCases.TC_SECPKI_EA_ENR_04_BV -# Within the headerInfo of the tbsData, the psid shall be set to secured certificate request as assigned in ETSI TS 102 965 and the generationTime shall be present -#ItsPki_TestCases.TC_SECPKI_EA_ENR_05_BV -# Within the headerInfo of the tbsData, aside from psid and generationTime, all other components of the component tbsData.headerInfo not used and absent -#ItsPki_TestCases.TC_SECPKI_EA_ENR_06_BV -# The EtsiTS102941Data shall contain the version set to v1 (integer value set to 1) and the content set to InnerECResponse -#ItsPki_TestCases.TC_SECPKI_EA_ENR_07_BV -# The InnerECResponse shall contain the requestHash, which is the left-most 16 octets of the SHA256 digest of the EtsiTs103097Data - Signed structure received in the request and a responseCode indicating the result of the request -#ItsPki_TestCases.TC_SECPKI_EA_ENR_08_BV -# If the responseCode is 0, the InnerECResponse shall also contain an (enrolment) certificate -#ItsPki_TestCases.TC_SECPKI_EA_ENR_09_BV -# If the responseCode is different than 0, the InnerECResponse shall not contain a certificate -#ItsPki_TestCases.TC_SECPKI_EA_ENR_10_BV -# Check that signing of Enrolment response message is permitted by the EA certificate -#ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV -# Check that generated EC certificate contains only allowed permissions -#ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV - -# The AuthorizationValidationResponse message shall be sent by the EA to the AA across the interface at reference point S4 in response to a received AuthorizationValidationRequest message -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV -# Check that EA doesn't accept Authorization Validation Request when SharedAtRequest is signed with certificate without appropriate permissions -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_02_BI - -# The EtsiTs103097Data-Encrypted is build with the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the AuthorizationRequest message to which the response is built and the component ciphertext containing the encrypted representation of the EtsiTs103097Data-Signed. The encryption uses a ETSI TS 103 097 [3] approved algorithm -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_01_BV -# To read an authorization validation response, the AA shall receive an EtsiTs103097Data-Encrypted structure, containing a EtsiTs103097Data-Signed structure, containing a EtsiTs102941Data structure, containing an AuthorizationValidationResponse structure -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_02_BV -# The AuthorizationValidationResponse structure contains the requestHash being the left-most 16 octets of the SHA256 digest of the EtsiTs103097Data-Signed structure received in the AuthorizationValidationRequest and a responseCode -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_03_BV -# If the responseCode is 0, the AuthorizationValidationResponse structure contains the component confirmedSubjectAttributes with the attributes the EA wishes to confirm, except for certIssuePermissions which is not allowed to be present -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_04_BV -# If the responseCode is different than 0, the AuthorizationValidationResponse structure does not contain the component confirmedSubjectAttributes -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_05_BV -# The component version of the EtsiTs102941Data structure is set to v1 (integer value set to 1) -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_06_BV - -# Check that the EA/AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV -# Check that the AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_02_BV -# Check that the AA skips the AuthorizationRequest message if it is not addressed to this AA -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_03_BI -# Check that the AA skips the AuthorizationRequest message if it unable to decrypt the encKey -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_04_BI -# Check that the AA skips the AuthorizationRequest message if it unable to decrypt the cyphertext -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_05_BI -# Check that the AA rejects the AuthorizationRequest message if it unable to verify the POP signature -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_06_BI -# Check that the AA rejects the AuthorizationRequest message if it unable to verify the integrity of the request using hmacKey -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_07_BI -# Send a correctly encoded AT request, but the ITS-Station is not enrolled at the EA -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_08_BI -# Send an AT request, but the inner signer (valid EC) is not issued by the EA which is known / trusted by the AA. The AA trusts only EAs listet on the RCA-CTL -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_09_BI -# Send an AT request, but the generation time of the CSR is in the past -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_10_BI -# Send an AT request, but the generation time of the CSR is in the future -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_11_BI -# Send an AT request, but the expiry date of the CSR is before the start date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_12_BI -# Send an AT request, but the start date of the CSR is before the start date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_13_BI -# Send an AT request, but the expiry date of the CSR is after the expiry date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_14_BI -# Send an AT request, but the start date of the CSR is after the expiring date of the EC -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_15_BI -# Send an AT request, but the expiry date of the CSR is after now + maximum pre-loading period (considering values in C-ITS CP) -#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_16_BI - -# Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest -#ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV - -# Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL -ItsPki_TestCases.TC_RCA_CTLGEN_01_BV -# Check that the RootCA generates the CRL signed with appropriate certificate. -#ItsPki_TestCases.TC_RCA_CRLGEN_01_BV -# Check that the TLM generates the ECTL when new RootCA is about to be added -#ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV - -#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV - -# Check that the issuing certificate has version 3 -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_01_BV -# Check that the issuing certificate has type explicit -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_01 -# Check that the CA, been authorized using explicit certificate, is able to issue an implicit certificate -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_02 -# Check that the CA, been authorized using explicit certificate, is able to issue an implicit certificate -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_03 -# Check that the CA, been authorized using implicit certificate, does not issue an explicit certificate -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BO_01 -# Check that CA issues certificate conformed to ETSI TS 103 097 [1], clause 6 -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_03_BV -# Check that the certificate issuer of certificates is referenced using digest. Check that right digest field is used to reference to the certificate -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_04_BV -# Check that the CA is able to issue the certificate with the well-formed circular region validity restriction -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_05_BV -# Check that the CA is able to issue the certificate with the well-formed rectangular region validity restriction -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_06_BV -# Check that the CA is able to issue the certificate with the well-formed polygonal region validity restriction -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_07_BV -# Check that the CA is able to issue the certificate with identified region validity restriction contains values that correspond to numeric country codes as defined by United Nations Statistics Division [5] -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_08_BV -# Check that the identified region validity restriction of the subordinate certificate is included in the identified region validity restriction of the issuing certificate -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_09_BV -# Check that the certificate signature contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_10_BV -# Check that the certificate verification key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_11_BV -# Check that the certificate encryption key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_12_BV -# Check the explicit certificate signature -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_13_BV_01 -# Check the explicit certificate signature -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_13_BV_02 -# Check that all PSID entries of the appPermissions component of the certificate are unique -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_14_BV -# Check that all PSID entries of the appPermissions component of the certificate are also contained in the certIssuePermissions component in the issuing certificate -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_15_BV -# Check that all PSID entries of the certIssuePermissions component of the certificate are unique -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_16_BV -# Check that SSP field in each entry of the appPermissions component of the AT certificate is equal to or a subset of the SSP Range in the corresponding issuing entry -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_17_BV -# Check that the validityPeriod of the subordinate certificate is inside the validityPeriod of the issuing certificate -#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_18_BV - -[MAIN_CONTROLLER] -# The options herein control the behavior of MC. -KillTimer := 10.0 -LocalAddress := 127.0.0.1 -TCPPort := 12000 -NumHCs := 1 - + +[MODULE_PARAMETERS] +# This section shall contain the values of all parameters that are defined in your TTCN-3 modules. + +# Enable Security support +LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true +# Root path to access certificate stored in files, identified by certficate ID +LibItsSecurity_Pixits.PX_CERTIFICATE_POOL_PATH := "../data/certificates" +# Configuration sub-directory to access certificate stored in files +LibItsSecurity_Pixits.PX_IUT_SEC_CONFIG_NAME := "certificates" + +# Use this certificate if the RSU simulator act as IUT +LibItsCommon_Pixits.PX_CERT_FOR_TS := "CERT_IUT_A_AT" + +LibItsHttp_Pics.PICS_HEADER_CTL_CONTENT_TYPE := "application/x-its-crl" +LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" + +LibItsPki_Pics.PICS_MULTIPLE_END_POINT := false +LibItsHttp_Pics.PICS_HEADER_HOST := "plugtest.staging-eu.cycurv2x-pki.com" + +LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment" +LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorization" +LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/ea/validation" +#LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/getctl/1D3C7B499A054F8C"; +#LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/1D3C7B499A054F8C"; +#LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/data/certificates/ectl/ECTL_TEST_ETSI-PLUGTEST_6.0_2019-11-07.oer" + +#LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI +LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "ETAS_EA_c155ccf01bc5e6ad" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set +LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "ETAS_AA_719a79daba61c1d6" +LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "ETAS_RCA_0375DB7CD62CF6B2" + +LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492d5465737453797374656d2d'O +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492d5465737453797374656d2e'O # Brainpool-P256 r1 +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492d5465737453797374656d5f'O # Brainpool-P384 r1 + +# Technical keys +# Private key +#FE95786F01D7E1666CCDFAB7BAEE9BF9B30BBEA15A838A58994E65E684A8BB34 +# Public key +# 04278aafdf017b60c8244e56c2458350510444a22a92c6d0484e865eceaf4ba723134fddd6b527b784e6f7ca15f8b9f6a06b57d8074083628a25b9a36075cb24c8 +LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5dca486322033315e1791ee2a61d3717082aef9cc7e27e29b76fe9c722824f98'O; +LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '02278aafdf017b60c8244e56c2458350510444a22a92c6d0484e865eceaf4ba723'O; + +# Set to true if the IUT support CertificateId shall be set to the choice name, false if it shall be omitted +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +# Set to true if the IUT support geographical region +LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_REGION := false # requestedSubjectAttributes.region is omitted + +#LibItsPki_Pics.PICS_PKI_AUTH_POP := false # Do not use Signed for PoP in Authorization requet + # Required for SECPKI_AA_AUTH_RCV_02_BV +#LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment + +#LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request + +#LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p384_r1 + +#LibItsPki_Pixits.PX_EC_ALG_FOR_EC := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_EC_ALG_FOR_AT := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_EC_ALG_FOR_EC_SIGN := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 +#LibItsPki_Pixits.PX_EC_ALG_FOR_ATV := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p256_r1 + +LibItsSecurity_Pics.PICS_SEC_CIRCULAR_REGION := false +LibItsSecurity_Pics.PICS_SEC_RECTANGULAR_REGION := false + +[LOGGING] +# In this section you can specify the name of the log file and the classes of events +# you want to log into the file or display on console (standard error). + +LogFile := "../logs/AtsPki/%e.%h-%r.%s" +FileMask := LOG_ALL | USER | DEBUG | MATCHING +ConsoleMask := LOG_ALL | USER | DEBUG | MATCHING +#FileMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP +#ConsoleMask := ERROR | WARNING | USER | MATCHING | EXECUTOR_RUNTIME | VERDICTOP +LogSourceInfo := Stack +LogEntityName:= Yes +LogEventTypes:= Yes +#TimeStampFormat := DateTime + +[TESTPORT_PARAMETERS] +# Single HTTP component port +system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=plugtest.staging-eu.cycurv2x-pki.com)" + +[EXECUTE] +# Config: +# LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := false # CERT_TS_A_EA shall be trusted by the PKI +# LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := PKI EA cert +# LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +# LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := PKI AA cert +# LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert +# system.httpAtVPort.params := TCP(server=0.atos-ea.l0.c-its-pki.eu) + +# The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV + +# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp) +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01 +# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (containing opaque[0] (version) indicating other value than 1) +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_02 +# Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (containing opaque[1] (value) indicating "Enrolment Request" (bit 1) set to 0) +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_03 + +# Enroll an ITS-Station, but with a canonical-ID, that is not registered. +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_05_BI +# Enroll the ITS-Station, but the CSR re-quests more permissions than the issuer allows, i.e. request for security management SSP bit which is not set in the EA SSP +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_06_BI +# Enroll the ITS-Station, but the CSR requests a AID permission that the issuer does not allow, i.e. request for CAM AID +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_07_BI +# Enroll the ITS-Station, but the expiring date of the CSR is before the start date of the EA +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_08_BI +# Enroll the ITS-Station, but the start date of the CSR is before the start date of the EA +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_09_BI +# Enroll the ITS-Station, but the expiring date of the CSR is after the expiring date of the EA +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_10_BI +# Enroll the ITS-Station, but the start date of the CSR is after the expiring date of the EA +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_11_BI +# Enroll the ITS-Station, but the lifetime of the EC would be grater than allowed (considering values in C-ITS CP) +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_12_BI +# Enroll the ITS-Station, but the inner PoP signature in the CSR, created with the EC private key, can not be verified with the provided public key +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_13_BI + +# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. +#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV +# The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. +#ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV +# The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed structure +#ItsPki_TestCases.TC_SECPKI_EA_ENR_03_BV +# If the ITS-S has been able to decrypt the content, this expected EtsiTs103097Data-Signed structure shall contain hashId, tbsData, signer and signature. The hashId shall indicate the hash algorithm to be used as specified in ETSI TS 103 097, the signer shall be declared as a digest, containing the HashedId8 of the EA certificate and the signature over tbsData shall be computed using the EA private key corresponding to its publicVerificationKey found in the referenced EA certificate +#ItsPki_TestCases.TC_SECPKI_EA_ENR_04_BV +# Within the headerInfo of the tbsData, the psid shall be set to secured certificate request as assigned in ETSI TS 102 965 and the generationTime shall be present +#ItsPki_TestCases.TC_SECPKI_EA_ENR_05_BV +# Within the headerInfo of the tbsData, aside from psid and generationTime, all other components of the component tbsData.headerInfo not used and absent +#ItsPki_TestCases.TC_SECPKI_EA_ENR_06_BV +# The EtsiTS102941Data shall contain the version set to v1 (integer value set to 1) and the content set to InnerECResponse +#ItsPki_TestCases.TC_SECPKI_EA_ENR_07_BV +# The InnerECResponse shall contain the requestHash, which is the left-most 16 octets of the SHA256 digest of the EtsiTs103097Data - Signed structure received in the request and a responseCode indicating the result of the request +#ItsPki_TestCases.TC_SECPKI_EA_ENR_08_BV +# If the responseCode is 0, the InnerECResponse shall also contain an (enrolment) certificate +#ItsPki_TestCases.TC_SECPKI_EA_ENR_09_BV +# If the responseCode is different than 0, the InnerECResponse shall not contain a certificate +#ItsPki_TestCases.TC_SECPKI_EA_ENR_10_BV +# Check that signing of Enrolment response message is permitted by the EA certificate +#ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV +# Check that generated EC certificate contains only allowed permissions +ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV + +# The AuthorizationValidationResponse message shall be sent by the EA to the AA across the interface at reference point S4 in response to a received AuthorizationValidationRequest message +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV +# Check that EA doesn't accept Authorization Validation Request when SharedAtRequest is signed with certificate without appropriate permissions +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_02_BI + +# The EtsiTs103097Data-Encrypted is build with the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the AuthorizationRequest message to which the response is built and the component ciphertext containing the encrypted representation of the EtsiTs103097Data-Signed. The encryption uses a ETSI TS 103 097 [3] approved algorithm +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_01_BV +# To read an authorization validation response, the AA shall receive an EtsiTs103097Data-Encrypted structure, containing a EtsiTs103097Data-Signed structure, containing a EtsiTs102941Data structure, containing an AuthorizationValidationResponse structure +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_02_BV +# The AuthorizationValidationResponse structure contains the requestHash being the left-most 16 octets of the SHA256 digest of the EtsiTs103097Data-Signed structure received in the AuthorizationValidationRequest and a responseCode +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_03_BV +# If the responseCode is 0, the AuthorizationValidationResponse structure contains the component confirmedSubjectAttributes with the attributes the EA wishes to confirm, except for certIssuePermissions which is not allowed to be present +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_04_BV +# If the responseCode is different than 0, the AuthorizationValidationResponse structure does not contain the component confirmedSubjectAttributes +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_05_BV +# The component version of the EtsiTs102941Data structure is set to v1 (integer value set to 1) +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_06_BV + +# Config: +# LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI +# LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := CERT_TS_A_EA +# LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +# LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := PKI AA cert +# LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert +# system.httpAtVPort.params := TCP(server=server=192.168.1.43) + +# Check that the EA/AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV +# Check that the AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_02_BV +# Check that the AA skips the AuthorizationRequest message if it is not addressed to this AA +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_03_BI +# Check that the AA skips the AuthorizationRequest message if it unable to decrypt the encKey +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_04_BI +# Check that the AA skips the AuthorizationRequest message if it unable to decrypt the encKey +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_05_BI +# Check that the AA rejects the AuthorizationRequest message if it unable to verify the POP signature +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_06_BI +# Check that the AA rejects the AuthorizationRequest message if it unable to verify the integrity of the request using hmacKey +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_07_BI +# Send a correctly encoded AT request, but the ITS-Station is not enrolled at the EA +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_08_BI +# Send an AT request, but the inner signer (valid EC) is not issued by the EA which is known / trusted by the AA. The AA trusts only EAs listet on the RCA-CTL +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_09_BI +# Send an AT request, but the generation time of the CSR is in the past +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_10_BI +# Send an AT request, but the generation time of the CSR is in the future +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_11_BI +# Send an AT request, but the expiry date of the CSR is before the start date of the EC +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_12_BI +# Send an AT request, but the start date of the CSR is before the start date of the EC +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_13_BI +# Send an AT request, but the expiry date of the CSR is after the expiry date of the EC +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_14_BI +# Send an AT request, but the start date of the CSR is after the expiring date of the EC +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_15_BI +# Send an AT request, but the expiry date of the CSR is after now + maximum pre-loading period (considering values in C-ITS CP) +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_16_BI + +# Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest +#ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV + +# Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL +#ItsPki_TestCases.TC_RCA_CTLGEN_01_BV +# Check that the RootCA generates the CRL when CA certificate is about to be revoked +#ItsPki_TestCases.TC_RCA_CRLGEN_02_BV +# Check that the TLM generates the ECTL when new RootCA is about to be added +#ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV + +# Check that the issuing certificate has version 3 +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_01_BV +# Check that the issuing certificate has type explicit +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_01 +# Check that the CA, been authorized using explicit certificate, is able to issue an implicit certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_02 +# Check that the CA, been authorized using explicit certificate, is able to issue an implicit certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_03 +# Check that the CA, been authorized using implicit certificate, does not issue an explicit certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BO_01 +# Check that CA issues certificate conformed to ETSI TS 103 097 [1], clause 6 +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_03_BV +# Check that the certificate issuer of certificates is referenced using digest. Check that right digest field is used to reference to the certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_04_BV +# Check that the CA is able to issue the certificate with the well-formed circular region validity restriction +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_05_BV +# Check that the CA is able to issue the certificate with the well-formed rectangular region validity restriction +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_06_BV +# Check that the CA is able to issue the certificate with the well-formed polygonal region validity restriction +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_07_BV +# Check that the CA is able to issue the certificate with identified region validity restriction contains values that correspond to numeric country codes as defined by United Nations Statistics Division [5] +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_08_BV +# Check that the identified region validity restriction of the subordinate certificate is included in the identified region validity restriction of the issuing certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_09_BV +# Check that the certificate signature contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_10_BV +# Check that the certificate verification key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_11_BV +# Check that the certificate encryption key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_12_BV +# Check the explicit certificate signature +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_13_BV_01 +# Check the explicit certificate signature +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_13_BV_02 +# Check that all PSID entries of the appPermissions component of the certificate are unique +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_14_BV +# Check that all PSID entries of the appPermissions component of the certificate are also contained in the certIssuePermissions component in the issuing certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_15_BV +# Check that all PSID entries of the certIssuePermissions component of the certificate are unique +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_16_BV +# Check that SSP field in each entry of the appPermissions component of the AT certificate is equal to or a subset of the SSP Range in the corresponding issuing entry +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_17_BV +# Check that the validityPeriod of the subordinate certificate is inside the validityPeriod of the issuing certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_18_BV + +[MAIN_CONTROLLER] +# The options herein control the behavior of MC. +KillTimer := 10.0 +LocalAddress := 127.0.0.1 +TCPPort := 12000 +NumHCs := 1 + diff --git a/etc/AtsPki/AtsPki_Microsec.cfg_ b/etc/AtsPki/AtsPki_Microsec.cfg_ index f4ad5c3..a5939a2 100644 --- a/etc/AtsPki/AtsPki_Microsec.cfg_ +++ b/etc/AtsPki/AtsPki_Microsec.cfg_ @@ -23,14 +23,15 @@ LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/v2x_rootca_nistp256/getctl/B65E3B LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/v2x_rootca_nistp256/getcrl/B65E3B8FBBEC3910" LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/v2x_rootca_brainpoolp256r1" -LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "MICROSEC_EA_77C0DE13A375774D" -LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" -LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "MICROSEC_AA_43166B9022583C61" -LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "MICROSEC_RCA_B65E3B8FBBEC3910" +#LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI +LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "MICROSEC_EA_77C0DE13A375774D" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set +LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "MICROSEC_AA_43166B9022583C61" +LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "MICROSEC_RCA_B65E3B8FBBEC3910" -LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3031'O # Nist-P256 -#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3032'O # Brainpool-P256 r1 -#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3033'O # Brainpool-P384 r1 +LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3031'O # Nist-P256 +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3032'O # Brainpool-P256 r1 +#LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492D5465737453797374656D2D3033'O # Brainpool-P384 r1 # Technical keys # Private key @@ -41,12 +42,17 @@ LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := 'FE95786F01D7E1666CCDFAB7 LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '038038f5490cd5a58ff5465d3b577ee830047336ac5dac07036b798aaecae7273f'O; # Set to true if the IUT support CertificateId shall be set to the choice name, false if it shall be omitted -LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +# Set to true if the IUT support geographical region +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_REGION := false # requestedSubjectAttributes.region is omitted #LibItsPki_Pics.PICS_PKI_AUTH_POP := false # Do not use Signed for PoP in Authorization requet # Required for SECPKI_AA_AUTH_RCV_02_BV #LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment +# URI to request CTL +LibItsPki_Pics.PICS_HTTP_POST_URI_DC := "/ctl" + #LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request #LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p384_r1 @@ -75,17 +81,24 @@ LogEventTypes:= Yes [TESTPORT_PARAMETERS] # Single HTTP component port -#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=139.191.221.21,use_ssl=1)" system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=v2x-pki-test.microsec.com)" -system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=yanngarcia.ddns.net)" # HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx +#system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=yanngarcia.ddns.net)" # HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=v2x-pki-test.microsec.com)" system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=v2x-pki-test.microsec.com)" [EXECUTE] +# Config: +# LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := false # CERT_TS_A_EA shall be trusted by the PKI +# LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := PKI EA cert +# LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +# LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := PKI AA cert +# LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert +# system.httpAtVPort.params := TCP(server=0.atos-ea.l0.c-its-pki.eu) + # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message -#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV +ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp) #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01 @@ -114,7 +127,7 @@ system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec) #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_13_BI # The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. -ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV +#ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV # The EnrolmentResponse message shall be encrypted using an ETSI TS 103 097 approved algorithm and the encryption shall be done with the same AES key as the one used by the ITS-S requestor for the encryption of the EnrolmentRequest message. #ItsPki_TestCases.TC_SECPKI_EA_ENR_02_BV # The outermost structure is an EtsiTs103097Data-Encrypted structure containing the component recipients containing one instance of RecipientInfo of choice pskRecipInfo, which contains the HashedId8 of the symmetric key used by the ITS-S to encrypt the EnrolmentRequest message to which the response is built and containing the component ciphertext, once decrypted, contains an EtsiTs103097Data-Signed structure @@ -156,10 +169,18 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV # The component version of the EtsiTs102941Data structure is set to v1 (integer value set to 1) #ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_06_BV +# Config: +# LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI +# LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := CERT_TS_A_EA +# LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI +# LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := PKI AA cert +# LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert +# system.httpAtVPort.params := TCP(server=server=192.168.1.43) + # Check that the EA/AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... #ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV # Check that the AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... -##ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_02_BV +#ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_02_BV # Check that the AA skips the AuthorizationRequest message if it is not addressed to this AA #ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_03_BI # Check that the AA skips the AuthorizationRequest message if it unable to decrypt the encKey @@ -196,10 +217,60 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_01_BV #ItsPki_TestCases.TC_RCA_CTLGEN_01_BV # Check that the RootCA generates the CRL signed with appropriate certificate. #ItsPki_TestCases.TC_RCA_CRLGEN_01_BV - # Check that the TLM generates the ECTL when new RootCA is about to be added #ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV +# Config: +# system.httpCaPort.params := TCP(debug=1,server_mode=1,server=10.200.60.6) +# Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates +#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV # + + +# Check that the issuing certificate has version 3 +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_01_BV +# Check that the issuing certificate has type explicit +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_01 +# Check that the CA, been authorized using explicit certificate, is able to issue an implicit certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_02 +# Check that the CA, been authorized using explicit certificate, is able to issue an implicit certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BV_03 +# Check that the CA, been authorized using implicit certificate, does not issue an explicit certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_02_BO_01 +# Check that CA issues certificate conformed to ETSI TS 103 097 [1], clause 6 +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_03_BV +# Check that the certificate issuer of certificates is referenced using digest. Check that right digest field is used to reference to the certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_04_BV +# Check that the CA is able to issue the certificate with the well-formed circular region validity restriction +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_05_BV +# Check that the CA is able to issue the certificate with the well-formed rectangular region validity restriction +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_06_BV +# Check that the CA is able to issue the certificate with the well-formed polygonal region validity restriction +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_07_BV +# Check that the CA is able to issue the certificate with identified region validity restriction contains values that correspond to numeric country codes as defined by United Nations Statistics Division [5] +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_08_BV +# Check that the identified region validity restriction of the subordinate certificate is included in the identified region validity restriction of the issuing certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_09_BV +# Check that the certificate signature contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_10_BV +# Check that the certificate verification key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_11_BV +# Check that the certificate encryption key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_12_BV +# Check the explicit certificate signature +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_13_BV_01 +# Check the explicit certificate signature +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_13_BV_02 +# Check that all PSID entries of the appPermissions component of the certificate are unique +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_14_BV +# Check that all PSID entries of the appPermissions component of the certificate are also contained in the certIssuePermissions component in the issuing certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_15_BV +# Check that all PSID entries of the certIssuePermissions component of the certificate are unique +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_16_BV +# Check that SSP field in each entry of the appPermissions component of the AT certificate is equal to or a subset of the SSP Range in the corresponding issuing entry +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_17_BV +# Check that the validityPeriod of the subordinate certificate is inside the validityPeriod of the issuing certificate +#ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_18_BV + [MAIN_CONTROLLER] # The options herein control the behavior of MC. KillTimer := 10.0 diff --git a/etc/AtsPki/AtsPki_Simu.cfg_ b/etc/AtsPki/AtsPki_Simu.cfg_ index 0541f29..72febb3 100644 --- a/etc/AtsPki/AtsPki_Simu.cfg_ +++ b/etc/AtsPki/AtsPki_Simu.cfg_ @@ -49,7 +49,9 @@ LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := 'FE95786F01D7E1666CCDFAB7 LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '038038f5490cd5a58ff5465d3b577ee830047336ac5dac07036b798aaecae7273f'O; # Set to true if the IUT support CertificateId shall be set to the choice name, false if it shall be omitted -LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +# Set to true if the IUT support geographical region +#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_REGION := false # requestedSubjectAttributes.region is omitted # Re-enrollment keys LibItsPki_Pics.PICS_SECPKI_REENROLMENT := true @@ -193,7 +195,7 @@ system.utPort.params := "UT_PKI/UDP(dst_ip=192.168.1.43,dst_port=12345,src_port= # The IUT is capable of parsing and handling of positive EnrolmentResponse messages containing the requested EC. In case of a successful enrolment, the IUT switches to the state 'enrolled' #ItsPki_TestCases.TC_SECPKI_ITSS_ENR_RECV_02_BV # Check that the ITS-S send the Authorization HttpRequest message to the Authorization Authority (AA) to request an authorization ticket -ItsPki_TestCases.TC_SECPKI_ITSS_AUTH_01_BV +#ItsPki_TestCases.TC_SECPKI_ITSS_AUTH_01_BV # Check that the AuthorizationRequest message is encrypted and sent to only one Authorization Authority #ItsPki_TestCases.TC_SECPKI_ITSS_AUTH_02_BV # Check that the AuthorizationRequest message is encrypted using the encryptionKey found in the AA certificate referenced in recipientId diff --git a/scripts/run_tshark.bash b/scripts/run_tshark.bash index 0f7f81d..09889dd 100755 --- a/scripts/run_tshark.bash +++ b/scripts/run_tshark.bash @@ -7,4 +7,5 @@ PCAP_SAVE_PATH=~/tmp rm $PCAP_SAVE_PATH/capture_*.pcap* #~/frameworks/wireshark-build/run/tshark -ieth1 -V -f"ether proto 0x8947 or udp src port 12345 or udp dst port 12345" -Tfields -eframe.time -eeth.dst -eeth.src -eeth.type -edata -g -w $PCAP_SAVE_PATH/capture_`date +'%Y%m%d'`.pcap -F pcap -~/frameworks/wireshark-build/run/tshark -ieth1 -V -f"udp port 9091 or udp port 7946" -Tfields -eframe.time -eeth.dst -eeth.src -eeth.type -edata -g -w $PCAP_SAVE_PATH/capture_`date +'%Y%m%d'`.pcap -F pcap +#~/frameworks/wireshark-build/run/tshark -ieth1 -V -f"udp port 9091 or udp port 7946" -Tfields -eframe.time -eeth.dst -eeth.src -eeth.type -edata -g -w $PCAP_SAVE_PATH/capture_`date +'%Y%m%d'`.pcap -F pcap +tcpdump -i wlp0s20f3 -vvv -xx -w $PCAP_SAVE_PATH/capture_`date +'%Y%m%d'`.pcap diff --git a/ttcn/AtsPki b/ttcn/AtsPki index 63d369f..cfb0456 160000 --- a/ttcn/AtsPki +++ b/ttcn/AtsPki @@ -1 +1 @@ -Subproject commit 63d369f5077c4a49d7f51dddff2e88d0af8722cd +Subproject commit cfb04564a30eca02fa97366c44d32cf524fd07ed -- GitLab From 5d47bb184fa1278ce05b041cfefe2b18ec934f4f Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Fri, 22 Apr 2022 16:03:27 +0200 Subject: [PATCH 2/5] CV2X#3 Validation against PKIs (Remote) --- ccsrc/Protocols/Http/http_codec.cc | 11 ++++++-- etc/AtsIS/AtsIS_Mapem.cf_ | 14 +++++----- etc/AtsPki/AtsPki.cfg | 2 +- etc/AtsPki/AtsPki_Atos.cfg_ | 43 +++++++++++++++++++----------- etc/AtsPki/AtsPki_Autocrypt.cfg_ | 4 +-- etc/AtsPki/AtsPki_Etas.cfg_ | 10 +++++++ etc/AtsPki/AtsPki_Microsec.cfg_ | 15 ++++++----- ttcn/AtsIS | 2 +- ttcn/AtsPki | 2 +- ttcn/LibIts | 2 +- 10 files changed, 68 insertions(+), 37 deletions(-) diff --git a/ccsrc/Protocols/Http/http_codec.cc b/ccsrc/Protocols/Http/http_codec.cc index 69eb2d8..f78ad74 100644 --- a/ccsrc/Protocols/Http/http_codec.cc +++ b/ccsrc/Protocols/Http/http_codec.cc @@ -417,8 +417,15 @@ int http_codec::encode_body(const LibItsHttp__MessageBodyTypes::HttpMessageBody it = _codecs.find("http_its"); // TODO Use params if (it != _codecs.cend()) { loggers::get_instance().log("http_codec::encode_body: Call '%s'", it->first.c_str()); - _codecs["http_its"]->encode((Record_Type &)binary_body.ieee1609dot2__data(), p_encoding_buffer); // TODO Use params - processed = true; + if (binary_body.ischosen(LibItsHttp__BinaryMessageBodyTypes::BinaryBody::ALT_ieee1609dot2__data)) { + _codecs["http_its"]->encode((Record_Type &)binary_body.ieee1609dot2__data(), p_encoding_buffer); // TODO Use params + processed = true; + } else if (binary_body.ischosen(LibItsHttp__BinaryMessageBodyTypes::BinaryBody::ALT_ieee1609dot2__certificate)) { + _codecs["http_its"]->encode((Record_Type &)binary_body.ieee1609dot2__certificate(), p_encoding_buffer); // TODO Use params + processed = true; + } else { + loggers::get_instance().warning("http_codec::encode_body: Unsupported variant"); + } } } // TODO Add new HTTP message codec here if (!processed) { diff --git a/etc/AtsIS/AtsIS_Mapem.cf_ b/etc/AtsIS/AtsIS_Mapem.cf_ index 4bf9437..67a4065 100644 --- a/etc/AtsIS/AtsIS_Mapem.cf_ +++ b/etc/AtsIS/AtsIS_Mapem.cf_ @@ -87,22 +87,24 @@ LogEventTypes:= Yes #Cygwin #system.mapemSpatemPort.params := "MAPEM(next_header=btpB,header_type=uni)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=/home/yanng/tmp/certificates)/ETH(mac_src=e2b7b30429eb)/PCAP(mac_src=e2b7b30429eb,nic=CEBB111F-D749-4B40-8B4D-DBB060E90987,filter=and ether proto 0x8947)" # Linux -#system.mapemSpatemPort.params := "MAPEM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/PCAP(mac_src=dc536045af7f,nic=wlp2s0,filter=and ether proto 0x8947)" -system.mapemSpatemPort.params := "MapemSpatem(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=1,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7e)/PCAP(mac_src=dc536045af7e,nic=wlp0s20f3,filter=and ether proto 0x8947)" +# ETH +#system.mapemSpatemPort.params := "MapemSpatem(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/PCAP(mac_src=dc536045af7f,nic=enx00e07cc91967,filter=and ether proto 0x8947)" +# WiFi +#system.mapemSpatemPort.params := "MapemSpatem(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=1,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7e)/PCAP(mac_src=dc536045af7e,nic=wlp0s20f3,filter=and ether proto 0x8947)" # Linux over UDP -#system.mapemSpatemPort.params := "MAPEM(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=1,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/UDP(dst_ip=192.168.146.26,src_port=4041,dst_port=50544)" +system.mapemSpatemPort.params := "MapemSpatem(next_header=btpB,header_type=gbc)/BTP(dst_port=2006)/GN(ll_address=4C5E0C14D2EA,latitude=43551050,longitude=10298730,distanceA=1500,distanceB=1500,angle=0,device_mode=0,secured_mode=0,sec_db_path=../data/certificates/certificates)/ETH(mac_src=dc536045af7f)/UDP(dst_ip=81.47.99.165,src_port=4041,dst_port=50544)" # MAPEM UpperTester port based on UDP -system.utPort.params := "UT_MAPEMSPATEM/UDP(dst_ip=127.0.0.1,dst_port=12345,src_port=12346)" +system.utPort.params := "UT_MAPEMSPATEM/UDP(dst_ip=81.47.99.165)" #,dst_port=12346,src_port=12346)" [EXECUTE] #ItsMapem_TestCases.TC_IS_RLT_xxx_BV_01 # Check that protocolVersion is set to 1 and messageID is set to 4 -ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_01 +#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_01 # Check that the intersection information revision number is changed when the intersection configuration is changed. -#ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_02 +ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_02 # Check that the intersection information revision number is not changed when the intersection configuration is still the same. #ItsMapem_TestCases.TC_IS_RLT_GEN_MSGF_BV_03 # Check that RLT Service transmits MAPEM with the valid connection trajectories. diff --git a/etc/AtsPki/AtsPki.cfg b/etc/AtsPki/AtsPki.cfg index 68e18b6..5996708 120000 --- a/etc/AtsPki/AtsPki.cfg +++ b/etc/AtsPki/AtsPki.cfg @@ -1 +1 @@ -AtsPki_Etas.cfg_ \ No newline at end of file +AtsPki_Atos.cfg_ \ No newline at end of file diff --git a/etc/AtsPki/AtsPki_Atos.cfg_ b/etc/AtsPki/AtsPki_Atos.cfg_ index 57f7c8e..faac706 100644 --- a/etc/AtsPki/AtsPki_Atos.cfg_ +++ b/etc/AtsPki/AtsPki_Atos.cfg_ @@ -37,7 +37,7 @@ LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/347A3B143C94C298" LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/getectl/0DA3EE9ACF7F9F14" LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI -LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "ATOS_EA_D41845A1F71C356A" # "ATOS_EA_D41845A1F71C356A" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set +LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_TS_A_EA" # "ATOS_EA_D41845A1F71C356A" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "ATOS_AA_A8AA9CAB63B783EE" LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "ATOS_RCA_347A3B143C94C298" @@ -64,7 +64,14 @@ LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '038038f5490cd5a58ff5465d3 #LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment # URI to request CTL -LibItsPki_Pics.PICS_HTTP_POST_URI_DC := "/ctl" +LibItsPki_Pics.PICS_HTTP_POST_URI_DC := "/dc" +LibItsPki_Pics.PICS_HTTP_POST_URI_CTL := "/ctl" +LibItsPki_Pics.PICS_HTTP_POST_URI_CRL := "/crl" +LibItsPki_Pics.PICS_DC_ENDPOINT := "http://yanngarcia.ddns.net/dc" +LibItsPki_Pics.PICS_AA_ENDPOINT := "http://yanngarcia.ddns.net/aa" +LibItsPki_Pics.PICS_EA_ENDPOINT := "http://yanngarcia.ddns.net/ea" + + #LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request @@ -94,11 +101,12 @@ LogEventTypes:= Yes [TESTPORT_PARAMETERS] # Multiple HTTP component ports system.httpEcPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-ea.l0.c-its-pki.eu)" -system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-ea.l0.c-its-pki.eu)" # To be used when IUT is the EA -#system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43,local_port=80)" # Multiple HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx +#system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-ea.l0.c-its-pki.eu)" # To be used when IUT is the EA +system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43,local_port=80)" # To be used when IUT is the AA - Multiple HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-aa.l0.c-its-pki.eu)" -system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-dc.l0.c-its-pki.eu)" +#system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-dc.l0.c-its-pki.eu)" +system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43)" system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-dc.l0.c-its-pki.eu)" [EXECUTE] @@ -165,7 +173,7 @@ system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec) #ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV # The AuthorizationValidationResponse message shall be sent by the EA to the AA across the interface at reference point S4 in response to a received AuthorizationValidationRequest message -ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV # Check that EA doesn't accept Authorization Validation Request when SharedAtRequest is signed with certificate without appropriate permissions #ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_02_BI @@ -190,6 +198,11 @@ ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV # LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert # system.httpAtVPort.params := TCP(server=server=192.168.1.43) +# Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest +#ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV +# Check that the AuthorizationValidationRequest message is encrypted using approved algorithm and sent to only one Enrolment Authority +ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_02_BV + # Check that the EA/AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... #ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV # Check that the AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... @@ -223,9 +236,9 @@ ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV # Send an AT request, but the expiry date of the CSR is after now + maximum pre-loading period (considering values in C-ITS CP) #ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_16_BI -# Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest -#ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV <==== - +# Config: +# system.httpCaPort.params := TCP(debug=1,server=0.atos-dc.l0.c-its-pki.eu) +# Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates # Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL #ItsPki_TestCases.TC_RCA_CTLGEN_01_BV # Check that the RootCA generates the CRL signed with appropriate certificate. @@ -233,13 +246,6 @@ ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV # Check that the TLM generates the ECTL when new RootCA is about to be added #ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV - -# Config: -# system.httpCaPort.params := TCP(debug=1,server_mode=1,server=10.200.60.6) -# Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates -#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV # - - # Check that the issuing certificate has version 3 #ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_01_BV # Check that the issuing certificate has type explicit @@ -285,6 +291,11 @@ ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV # Check that the validityPeriod of the subordinate certificate is inside the validityPeriod of the issuing certificate #ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_18_BV +# Config: +# system.httpCaPort.params := TCP(debug=1,server_mode=1,server=192.168.1.43) +# Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates +#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV + [MAIN_CONTROLLER] # The options herein control the behavior of MC. KillTimer := 10.0 diff --git a/etc/AtsPki/AtsPki_Autocrypt.cfg_ b/etc/AtsPki/AtsPki_Autocrypt.cfg_ index c5cc79c..5755d41 100644 --- a/etc/AtsPki/AtsPki_Autocrypt.cfg_ +++ b/etc/AtsPki/AtsPki_Autocrypt.cfg_ @@ -101,7 +101,7 @@ system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec) # system.httpAtVPort.params := TCP(server=ea.etsi.autocrypt.io:9100) # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message -ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV +#ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # Check that EA doesn't accept Enrolment rekeying request when enrolment is not permitted by signing certificate (not containing an item of type PsidSsp) #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_02_BI_01 @@ -155,7 +155,7 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV #ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV # The AuthorizationValidationResponse message shall be sent by the EA to the AA across the interface at reference point S4 in response to a received AuthorizationValidationRequest message -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV +ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV # Check that EA doesn't accept Authorization Validation Request when SharedAtRequest is signed with certificate without appropriate permissions #ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_02_BI diff --git a/etc/AtsPki/AtsPki_Etas.cfg_ b/etc/AtsPki/AtsPki_Etas.cfg_ index 4f31f67..d5a18bf 100644 --- a/etc/AtsPki/AtsPki_Etas.cfg_ +++ b/etc/AtsPki/AtsPki_Etas.cfg_ @@ -82,6 +82,9 @@ LogEventTypes:= Yes # Single HTTP component port system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=plugtest.staging-eu.cycurv2x-pki.com)" +system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=plugtest.staging-eu.cycurv2x-pki.com)" +#system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43)" + [EXECUTE] # Config: # LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := false # CERT_TS_A_EA shall be trusted by the PKI @@ -207,6 +210,8 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV # Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest #ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV +# Config: +# system.httpCaPort.params := TCP(debug=1,server=plugtest.staging-eu.cycurv2x-pki.com) # Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL #ItsPki_TestCases.TC_RCA_CTLGEN_01_BV # Check that the RootCA generates the CRL when CA certificate is about to be revoked @@ -259,6 +264,11 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV # Check that the validityPeriod of the subordinate certificate is inside the validityPeriod of the issuing certificate #ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_18_BV +# Config: +# system.httpCaPort.params := TCP(debug=1,server_mode=1,server=192.168.1.43) +# Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates +ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV + [MAIN_CONTROLLER] # The options herein control the behavior of MC. KillTimer := 10.0 diff --git a/etc/AtsPki/AtsPki_Microsec.cfg_ b/etc/AtsPki/AtsPki_Microsec.cfg_ index a5939a2..8d8d5d4 100644 --- a/etc/AtsPki/AtsPki_Microsec.cfg_ +++ b/etc/AtsPki/AtsPki_Microsec.cfg_ @@ -86,7 +86,7 @@ system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TC #system.httpAtVPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=yanngarcia.ddns.net)" # HTTP component ports specific to TC_SECPKI_AA_AUTHVAL_xx system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=v2x-pki-test.microsec.com)" -system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=v2x-pki-test.microsec.com)" +#system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43)"system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=v2x-pki-test.microsec.com)" [EXECUTE] # Config: @@ -213,6 +213,8 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest #ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV +# Config: +# system.httpCaPort.params := TCP(debug=1,server=v2x-pki-test.microsec.com # Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL #ItsPki_TestCases.TC_RCA_CTLGEN_01_BV # Check that the RootCA generates the CRL signed with appropriate certificate. @@ -220,12 +222,6 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # Check that the TLM generates the ECTL when new RootCA is about to be added #ItsPki_TestCases.TC_TLM_ECTLGEN_01_BV -# Config: -# system.httpCaPort.params := TCP(debug=1,server_mode=1,server=10.200.60.6) -# Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates -#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV # - - # Check that the issuing certificate has version 3 #ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_01_BV # Check that the issuing certificate has type explicit @@ -271,6 +267,11 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV # Check that the validityPeriod of the subordinate certificate is inside the validityPeriod of the issuing certificate #ItsPki_TestCases.TC_SECPKI_CA_CERTGEN_18_BV +# Config: +# system.httpCaPort.params := TCP(debug=1,server_mode=1,server=192.168.1.43) +# Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates +#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV # + [MAIN_CONTROLLER] # The options herein control the behavior of MC. KillTimer := 10.0 diff --git a/ttcn/AtsIS b/ttcn/AtsIS index b4ae053..8110f6c 160000 --- a/ttcn/AtsIS +++ b/ttcn/AtsIS @@ -1 +1 @@ -Subproject commit b4ae0532b5c48abaf5c02686bcbf157bee130a41 +Subproject commit 8110f6c72909313ab017fe72f7fa23130f77f3be diff --git a/ttcn/AtsPki b/ttcn/AtsPki index cfb0456..710005f 160000 --- a/ttcn/AtsPki +++ b/ttcn/AtsPki @@ -1 +1 @@ -Subproject commit cfb04564a30eca02fa97366c44d32cf524fd07ed +Subproject commit 710005fbc65dd5656d95cd9af4ed335609e4f751 diff --git a/ttcn/LibIts b/ttcn/LibIts index bf54862..5e2726a 160000 --- a/ttcn/LibIts +++ b/ttcn/LibIts @@ -1 +1 @@ -Subproject commit bf548622aec06cafeb5615f4750d5ef980a118bf +Subproject commit 5e2726ae7230c722263dc1d875db10893f6a073e -- GitLab From 093d24abfb4ffe021da66e17c02989073ec3e85c Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Wed, 27 Apr 2022 16:24:04 +0200 Subject: [PATCH 3/5] CV2X#3 Validation against PKIs (Remote) --- ccsrc/Externals/LibItsCommon_externals.cc | 2 +- etc/AtsPki/AtsPki_Atos.cfg_ | 20 +++++++++---------- etc/AtsPki/AtsPki_Etas.cfg_ | 2 +- etc/AtsPki/AtsPki_Microsec.cfg_ | 5 +---- ttcn/AtsPki | 2 +- ttcn/AtsSecurity | 2 +- ttcn/LibIts | 2 +- .../docker/home/etc/init.d/45-certgen.sh | 2 +- 8 files changed, 16 insertions(+), 21 deletions(-) diff --git a/ccsrc/Externals/LibItsCommon_externals.cc b/ccsrc/Externals/LibItsCommon_externals.cc index 9f2297b..2a2c16f 100644 --- a/ccsrc/Externals/LibItsCommon_externals.cc +++ b/ccsrc/Externals/LibItsCommon_externals.cc @@ -25,7 +25,7 @@ namespace LibItsCommon__Functions { } /** * @desc This external function gets the current time since 01/01/1970 in UTC format - * @return The current time since 01/01/1970 in UTC format + * @return The current time since 01/01/1970 in UTC format in milliseconds * @see fx_getCurrentTimeUtc() return UInt64 */ INTEGER fx__getCurrentTimeUtc() { diff --git a/etc/AtsPki/AtsPki_Atos.cfg_ b/etc/AtsPki/AtsPki_Atos.cfg_ index faac706..3611b3c 100644 --- a/etc/AtsPki/AtsPki_Atos.cfg_ +++ b/etc/AtsPki/AtsPki_Atos.cfg_ @@ -31,10 +31,10 @@ LibItsPki_Pics.PICS_HEADER_HOST_TLM := "0.atos-dc.l0.c-its-pki.eu" LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/" LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/" LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/" -LibItsPki_Pics.PICS_HTTP_GET_URI_CA := "/getcacerts/347A3B143C94C298" -LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/getctl/347A3B143C94C298" -LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/347A3B143C94C298" -LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/getectl/0DA3EE9ACF7F9F14" +#LibItsPki_Pics.PICS_HTTP_GET_URI_CA := "/getcacerts/347A3B143C94C298" +#LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/getctl/347A3B143C94C298" +#LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/347A3B143C94C298" +#systemLibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/getectl/0DA3EE9ACF7F9F14" LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "CERT_TS_A_EA" # "ATOS_EA_D41845A1F71C356A" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set @@ -64,15 +64,10 @@ LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '038038f5490cd5a58ff5465d3 #LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment # URI to request CTL -LibItsPki_Pics.PICS_HTTP_POST_URI_DC := "/dc" -LibItsPki_Pics.PICS_HTTP_POST_URI_CTL := "/ctl" -LibItsPki_Pics.PICS_HTTP_POST_URI_CRL := "/crl" LibItsPki_Pics.PICS_DC_ENDPOINT := "http://yanngarcia.ddns.net/dc" LibItsPki_Pics.PICS_AA_ENDPOINT := "http://yanngarcia.ddns.net/aa" LibItsPki_Pics.PICS_EA_ENDPOINT := "http://yanngarcia.ddns.net/ea" - - #LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request #LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256, e_brainpool_p256_r1 or e_brainpool_p384_r1 @@ -107,7 +102,9 @@ system.httpAtPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/ #system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-dc.l0.c-its-pki.eu)" system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43)" + system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=0.atos-dc.l0.c-its-pki.eu)" +#system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43)" [EXECUTE] # Config: @@ -201,7 +198,7 @@ system.httpTlmPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec) # Check that the AA sends AuthorizationValidationRequest after receiving of the AuthorizationRequest #ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV # Check that the AuthorizationValidationRequest message is encrypted using approved algorithm and sent to only one Enrolment Authority -ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_02_BV +#ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_02_BV # Check that the EA/AA is able to decrypt the AuthorizationRequest message using the encryption private key corresponding to the recipient certificate... #ItsPki_TestCases.TC_SECPKI_AA_AUTH_RCV_01_BV @@ -294,7 +291,8 @@ ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_02_BV # Config: # system.httpCaPort.params := TCP(debug=1,server_mode=1,server=192.168.1.43) # Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates -#ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV +# PKI platform simu +ItsPki_TestCases.TC_PKI_PLTF_RCV_BV_01 [MAIN_CONTROLLER] # The options herein control the behavior of MC. diff --git a/etc/AtsPki/AtsPki_Etas.cfg_ b/etc/AtsPki/AtsPki_Etas.cfg_ index d5a18bf..bde3214 100644 --- a/etc/AtsPki/AtsPki_Etas.cfg_ +++ b/etc/AtsPki/AtsPki_Etas.cfg_ @@ -23,7 +23,7 @@ LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorization" LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/ea/validation" #LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/getctl/1D3C7B499A054F8C"; #LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/1D3C7B499A054F8C"; -#LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/data/certificates/ectl/ECTL_TEST_ETSI-PLUGTEST_6.0_2019-11-07.oer" +#LibItsPki_Pics.PICS_HTTP_GET_URI_TLM := "/data/certificates/ectl/ECTL_TEST_ETSI-PLUGTEST_6.0_2019-11-07.oer" #LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "ETAS_EA_c155ccf01bc5e6ad" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set diff --git a/etc/AtsPki/AtsPki_Microsec.cfg_ b/etc/AtsPki/AtsPki_Microsec.cfg_ index 8d8d5d4..b51c5f2 100644 --- a/etc/AtsPki/AtsPki_Microsec.cfg_ +++ b/etc/AtsPki/AtsPki_Microsec.cfg_ @@ -21,7 +21,7 @@ LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/v2x_aa_nistp256/atRequest" LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/v2x_ea_nistp256/authValRequest" LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/v2x_rootca_nistp256/getctl/B65E3B8FBBEC3910" LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/v2x_rootca_nistp256/getcrl/B65E3B8FBBEC3910" -LibItsPki_Pics.PICS_HTTP_GET_URI_ECTL := "/v2x_rootca_brainpoolp256r1" +LibItsPki_Pics.PICS_HTTP_GET_URI_TLM := "/v2x_rootca_brainpoolp256r1" #LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "MICROSEC_EA_77C0DE13A375774D" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set @@ -50,9 +50,6 @@ LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '038038f5490cd5a58ff5465d3 # Required for SECPKI_AA_AUTH_RCV_02_BV #LibItsPki_Pics.PICS_SECPKI_REENROLMENT := false # Check in logs the pattern '==> EC ' to find the required information for re-enrolment -# URI to request CTL -LibItsPki_Pics.PICS_HTTP_POST_URI_DC := "/ctl" - #LibItsPki_Pixits.PX_INCLUDE_ENCRYPTION_KEYS := false # No encryption key in Authorization request #LibItsPki_Pixits.PX_VE_ALG := e_brainpool_p256_r1 # e_nist_p256 or e_brainpool_p384_r1 diff --git a/ttcn/AtsPki b/ttcn/AtsPki index 710005f..ba3b34d 160000 --- a/ttcn/AtsPki +++ b/ttcn/AtsPki @@ -1 +1 @@ -Subproject commit 710005fbc65dd5656d95cd9af4ed335609e4f751 +Subproject commit ba3b34d02b0307ee7419053eb79f13dae07cf530 diff --git a/ttcn/AtsSecurity b/ttcn/AtsSecurity index 84ba216..cbc1dbc 160000 --- a/ttcn/AtsSecurity +++ b/ttcn/AtsSecurity @@ -1 +1 @@ -Subproject commit 84ba2164d26a0c8f744efaf89db3f715de9484ac +Subproject commit cbc1dbc66fee3f870193fc5b5dc761e121351c51 diff --git a/ttcn/LibIts b/ttcn/LibIts index 5e2726a..735e798 160000 --- a/ttcn/LibIts +++ b/ttcn/LibIts @@ -1 +1 @@ -Subproject commit 5e2726ae7230c722263dc1d875db10893f6a073e +Subproject commit 735e79877b87097c2476bdcf4a71bf48fafdc737 diff --git a/virtualization/docker/home/etc/init.d/45-certgen.sh b/virtualization/docker/home/etc/init.d/45-certgen.sh index f6a54f1..f7d5972 100644 --- a/virtualization/docker/home/etc/init.d/45-certgen.sh +++ b/virtualization/docker/home/etc/init.d/45-certgen.sh @@ -13,7 +13,7 @@ cd certgen/ && make && cd - echo -e "*****************************\n* Generate ETSI ITS certificates \n*****************************\n" cd ${HOME}/dev/TTF011_Its/data/certificates -make +CERTGEN=${HOME}/dev make cd ${HOME} -- GitLab From e16e83848607f7fb3d70d9280721843860f6a700 Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Tue, 14 Jun 2022 09:00:11 +0200 Subject: [PATCH 4/5] Reduce size of virtualization images; Bug fixed in certificate Makefile; Review README files --- .jenkins.sh | 12 +++- .../GeoNetworking/encoding_context.hh | 66 +++++++++---------- ccsrc/Protocols/Tcp/tcp_layer.cc | 3 +- data/certificates/Makefile | 4 +- etc/AtsGeoNetworking/AtsGeoNetworking.cfg | 12 ++-- etc/AtsPki/AtsPki.cfg | 2 +- etc/AtsPki/AtsPki_Etas.cfg_ | 39 ++++++----- ttcn/AtsSecurity | 2 +- ttcn/LibIts | 2 +- virtualization/docker/Dockerfile | 5 +- virtualization/docker/Dockerfile.stfubuntu | 31 ++------- virtualization/docker/README.md | 42 +----------- virtualization/docker/build.sh | 4 +- .../docker/home/etc/init.d/20-eclipse.sh | 26 -------- .../docker/home/etc/init.d/40-ttf011.sh | 6 -- .../docker/home/etc/init.d/45-certgen.sh | 2 +- virtualization/vagrant/provisioner.bash | 26 +------- 17 files changed, 96 insertions(+), 188 deletions(-) delete mode 100755 virtualization/docker/home/etc/init.d/20-eclipse.sh mode change 100644 => 100755 virtualization/docker/home/etc/init.d/45-certgen.sh diff --git a/.jenkins.sh b/.jenkins.sh index c502697..ee78b86 100755 --- a/.jenkins.sh +++ b/.jenkins.sh @@ -12,6 +12,14 @@ run_dir=`pwd` # Docker version 2 cd ./virtualization/docker ./build.sh #--force-stfubuntu +ret_code=`echo $?` + +if [ $ret_code != 0 ] +then + cd $run_dir + exit -1 +fi + #./run.sh if [ "$1" == "--remove" ] @@ -19,4 +27,6 @@ then docker rmi --force etsiforge/etsi-its-ts:latest fi -cd - +cd $run_dir + +exit 0 diff --git a/ccsrc/Protocols/GeoNetworking/encoding_context.hh b/ccsrc/Protocols/GeoNetworking/encoding_context.hh index 82130c3..74ace5c 100644 --- a/ccsrc/Protocols/GeoNetworking/encoding_context.hh +++ b/ccsrc/Protocols/GeoNetworking/encoding_context.hh @@ -1,33 +1,33 @@ -#pragma once - -#include - -class encoding_context { - unsigned char _basic_header; - unsigned char _next_header; - unsigned char _header_type; - unsigned int _length_position; - unsigned int _length; - -public: - explicit encoding_context() { reset(); } - inline void reset() { - _basic_header = 0xff; - _next_header = 0xff; - _header_type = 0xff; - _length_position = -1; - _length = -1; - } - -public: - inline unsigned char get_basic_header() { return _basic_header; }; - inline void set_basic_header(const unsigned char p_basic_header) { _basic_header = p_basic_header; }; - inline unsigned char get_next_header() { return _next_header; }; - inline void set_next_header(const unsigned char p_next_header) { _next_header = p_next_header; }; - inline unsigned char get_header_type() { return _header_type; }; - inline void set_header_type(const unsigned char p_header_type) { _header_type = p_header_type; }; - inline unsigned int get_length_position() { return _length_position; }; - inline void set_length_position(const unsigned int p_length_position) { _length_position = p_length_position; }; - inline unsigned int get_length() { return _length; }; - inline void set_length(const unsigned int p_length) { _length = p_length; }; -}; // End of class encoding_context +#pragma once + +#include + +class encoding_context { + unsigned char _basic_header; + unsigned char _next_header; + unsigned char _header_type; + unsigned int _length_position; + unsigned int _length; + +public: + explicit encoding_context() { reset(); } + inline void reset() { + _basic_header = 0xff; + _next_header = 0xff; + _header_type = 0xff; + _length_position = -1; + _length = -1; + } + +public: + inline unsigned char get_basic_header() { return _basic_header; }; + inline void set_basic_header(const unsigned char p_basic_header) { _basic_header = p_basic_header; }; + inline unsigned char get_next_header() { return _next_header; }; + inline void set_next_header(const unsigned char p_next_header) { _next_header = p_next_header; }; + inline unsigned char get_header_type() { return _header_type; }; + inline void set_header_type(const unsigned char p_header_type) { _header_type = p_header_type; }; + inline unsigned int get_length_position() { return _length_position; }; + inline void set_length_position(const unsigned int p_length_position) { _length_position = p_length_position; }; + inline unsigned int get_length() { return _length; }; + inline void set_length(const unsigned int p_length) { _length = p_length; }; +}; // End of class encoding_context diff --git a/ccsrc/Protocols/Tcp/tcp_layer.cc b/ccsrc/Protocols/Tcp/tcp_layer.cc index a2e8a89..3d24493 100644 --- a/ccsrc/Protocols/Tcp/tcp_layer.cc +++ b/ccsrc/Protocols/Tcp/tcp_layer.cc @@ -85,7 +85,8 @@ void tcp_layer::init() { } parameter_set(use_connection_ASPs_name(), (!server_mode) ? "yes" : "no"); - parameter_set(server_backlog_name(), "1024"); + loggers::get_instance().warning("tcp_layer::set_parameter: Limit to one simultanneous accepted connection (server_backlog == 1"); + parameter_set(server_backlog_name(), "1"); // Limit to one simultanneous accepted connection loggers::get_instance().log("tcp_layer::init: server_mode=%x", server_mode); set_server_mode(server_mode); if (server_mode) { diff --git a/data/certificates/Makefile b/data/certificates/Makefile index 2d8024e..d1c4a9a 100644 --- a/data/certificates/Makefile +++ b/data/certificates/Makefile @@ -23,8 +23,8 @@ else asn1certgen=$(CERTGEN)/build/$(ARCH)-d/certgen endif -xsl_cvt=$(CERTGEN)/itscertgen/certgen/asn1certgen.xslt -xsl_dep=$(CERTGEN)/itscertgen/certgen/prof2dep.xsl +xsl_cvt=$(CERTGEN)/certgen/asn1certgen.xslt +xsl_dep=$(CERTGEN)/certgen/prof2dep.xsl profiles=$(wildcard $(in)/*.xml) certificates_oer=$(patsubst $(in)/%.xml, $(outdir)/%.oer, $(profiles)) diff --git a/etc/AtsGeoNetworking/AtsGeoNetworking.cfg b/etc/AtsGeoNetworking/AtsGeoNetworking.cfg index 5ceb139..5b1c158 100644 --- a/etc/AtsGeoNetworking/AtsGeoNetworking.cfg +++ b/etc/AtsGeoNetworking/AtsGeoNetworking.cfg @@ -10,7 +10,7 @@ LibItsGeoNetworking_Pics.PICS_GN_LOCAL_GN_ADDR := { mid := '001C6B0D0201'O } -LibItsGeoNetworking_Pics.PICS_GN_IS_MOBILE := false +LibItsGeoNetworking_Pics.PICS_GN_IS_MOBILE := true LibItsGeoNetworking_Pics.PICS_GN_DEFAULT_HOP_LIMIT := 10 LibItsGeoNetworking_Pics.PICS_GN_SECURITY := false @@ -101,14 +101,14 @@ mtc.geoNetworkingPort.params := "GN(ll_address=00000000000B,latitude=515340240,l NodeA.geoNetworkingPort.params := "GN(ll_address=00000000000A,latitude=515340240,longitude=139274330)/ETH(mac_src=080027500f9a)/PCAP(mac_src=080027500f9a,nic=wlp0s20f3,filter=and ether proto 0x8947)" NodeB.geoNetworkingPort.params := "GN(ll_address=00000000000B,latitude=515340240,longitude=139274330)/ETH(mac_src=080027500f9b)/PCAP(mac_src=080027500f9b,nic=wlp0s20f3,filter=and ether proto 0x8947)" NodeC.geoNetworkingPort.params := "GN(ll_address=00000000000C,latitude=515340240,longitude=139274330)/ETH(mac_src=080027500f9c)/PCAP(mac_src=080027500f9c,nic=wlp0s20f3,filter=and ether proto 0x8947)" -NodeD.geoNetworkingPort.params := "GN(ll_address=00000000000D,latitude=515340240,longitude=139274330)/ETH(mac_src=080027500f9d)/PCAP(mac_src=080027500f9d,nic=wlp0s20f3,filter=and ether proto 0x8947 and not ether src 080027500f9b)" +NodeD.geoNetworkingPort.params := "GN(ll_address=00000000000D,latitude=515340240,longitude=139274330)/ETH(mac_src=080027500f9d)/PCAP(mac_src=080027500f9d,nic=wlp0s20f3,filter=and ether proto 0x8947 and not ether src 8c554ac1eee1)" # UpperTester port based on UDP #system.utPort.params := "UT_GN/UDP(dst_ip=192.168.2.2)" mtc.utPort.params := "UT_GN/UDP(dst_ip=192.168.1.43,dst_port=12345,src_port=12346)" -NodeA.utPort.params := "UT_GN/UDP(dst_ip=192.168.1.43,dst_port=12345,src_port=12346)" +#NodeA.utPort.params := "UT_GN/UDP(dst_ip=192.168.1.43,dst_port=12345,src_port=12346)" NodeB.utPort.params := "UT_GN/UDP(dst_ip=192.168.1.43,dst_port=12345,src_port=12346)" -NodeC.utPort.params := "UT_GN/UDP(dst_ip=192.168.1.43,dst_port=12345,src_port=12346)" +#NodeC.utPort.params := "UT_GN/UDP(dst_ip=192.168.1.43,dst_port=12345,src_port=12346)" NodeD.utPort.params := "UT_GN/UDP(dst_ip=192.168.1.43,dst_port=12345,src_port=12346)" [EXECUTE] @@ -126,7 +126,7 @@ NodeD.utPort.params := "UT_GN/UDP(dst_ip=192.168.1.43,dst_port=12345,src_port=12 #ItsGeoNetworking_TestCases.TC_GEONW_FDV_GAC_BV_01 #ItsGeoNetworking_TestCases.TC_GEONW_FDV_SHB_BV_01 #ItsGeoNetworking_TestCases.TC_GEONW_FDV_TSB_BV_01 -ItsGeoNetworking_TestCases.TC_GEONW_PON_SHB_BV_01 +#ItsGeoNetworking_TestCases.TC_GEONW_PON_SHB_BV_01 #ItsGeoNetworking_TestCases.TC_GEONW_PON_SHB_BV_05 #ItsGeoNetworking_TestCases.TC_GEONW_PON_TSB_BV_01 #ItsGeoNetworking_TestCases.TC_GEONW_PON_TSB_BV_05 @@ -151,7 +151,7 @@ ItsGeoNetworking_TestCases.TC_GEONW_PON_SHB_BV_01 #ItsGeoNetworking_TestCases.TC_GEONW_PON_LOS_TI_06 #ItsGeoNetworking_TestCases.TC_GEONW_PON_LOS_BV_07 #ItsGeoNetworking_TestCases.TC_GEONW_PON_LOS_BV_08 -#ItsGeoNetworking_TestCases.TC_GEONW_PON_LOS_BO_09 +ItsGeoNetworking_TestCases.TC_GEONW_PON_LOS_BO_09 #ItsGeoNetworking_TestCases.TC_GEONW_PON_LOS_BV_10 #ItsGeoNetworking_TestCases.TC_GEONW_PON_LOS_BV_11 #ItsGeoNetworking_TestCases.TC_GEONW_PON_LOS_BV_12 diff --git a/etc/AtsPki/AtsPki.cfg b/etc/AtsPki/AtsPki.cfg index 5996708..68e18b6 120000 --- a/etc/AtsPki/AtsPki.cfg +++ b/etc/AtsPki/AtsPki.cfg @@ -1 +1 @@ -AtsPki_Atos.cfg_ \ No newline at end of file +AtsPki_Etas.cfg_ \ No newline at end of file diff --git a/etc/AtsPki/AtsPki_Etas.cfg_ b/etc/AtsPki/AtsPki_Etas.cfg_ index bde3214..be2fa0b 100644 --- a/etc/AtsPki/AtsPki_Etas.cfg_ +++ b/etc/AtsPki/AtsPki_Etas.cfg_ @@ -2,6 +2,12 @@ [MODULE_PARAMETERS] # This section shall contain the values of all parameters that are defined in your TTCN-3 modules. +# Reduce LibCom Timeout +LibCommon_Sync.PX_TSYNC_TIME_LIMIT := 40.0 +LibCommon_Sync.PX_TSHUT_DOWN_TIME_LIMIT := 40.0 +LibCommon_Time.PX_TDONE := 40.0 +LibCommon_Time.PX_TWAIT := 40.0 + # Enable Security support LibItsGeoNetworking_Pics.PICS_GN_SECURITY := true # Root path to access certificate stored in files, identified by certficate ID @@ -16,20 +22,21 @@ LibItsHttp_Pics.PICS_HEADER_CTL_CONTENT_TYPE := "application/x-its-crl" LibItsHttp_Pics.PICS_HEADER_CONTENT_TYPE := "application/x-its-request" LibItsPki_Pics.PICS_MULTIPLE_END_POINT := false -LibItsHttp_Pics.PICS_HEADER_HOST := "plugtest.staging-eu.cycurv2x-pki.com" +LibItsHttp_Pics.PICS_HEADER_HOST := "eta01s.staging.cycurv2x.com" LibItsPki_Pics.PICS_HTTP_POST_URI_EC := "/ea/enrolment" LibItsPki_Pics.PICS_HTTP_POST_URI_AT := "/aa/authorization" LibItsPki_Pics.PICS_HTTP_POST_URI_ATV := "/ea/validation" -#LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/getctl/1D3C7B499A054F8C"; -#LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/getcrl/1D3C7B499A054F8C"; +#LibItsPki_Pics.PICS_HTTP_GET_URI_DC := "/dc/getcertificate/BB81777EC895ADAD" +#LibItsPki_Pics.PICS_HTTP_GET_URI_CTL := "/dc/getctl/BB81777EC895ADAD" +#LibItsPki_Pics.PICS_HTTP_GET_URI_CRL := "/dc/getcrl/BB81777EC895ADAD" #LibItsPki_Pics.PICS_HTTP_GET_URI_TLM := "/data/certificates/ectl/ECTL_TEST_ETSI-PLUGTEST_6.0_2019-11-07.oer" #LibItsPki_Pics.PICS_SIMULATE_EA_ENTITY := true # CERT_TS_A_EA shall be trusted by the PKI -LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "ETAS_EA_c155ccf01bc5e6ad" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set +LibItsPki_Pics.PICS_TS_EA_CERTIFICATE_ID := "ETAS_EA_F87F85D310863027" # Use CERT_TS_A_EA when the TS simulate the EA (TC_SECPKI_AA_AUTHVAL_01_BV) with PICS_SIMULATE_EA_ENTITY set LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI -LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "ETAS_AA_719a79daba61c1d6" -LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "ETAS_RCA_0375DB7CD62CF6B2" +LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := "ETAS_AA_290CACBD9E56E0F3" +LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := "ETAS_RCA_BB81777EC895ADAD" LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492d5465737453797374656d2d'O #LibItsPki_Pics.PICS_ITS_S_CANONICAL_ID := '455453492d5465737453797374656d2e'O # Brainpool-P256 r1 @@ -44,7 +51,7 @@ LibItsPki_Pics.PICS_ITS_S_SIGN_NITSP256_PRIVATE_KEY := '5dca486322033315e1791ee2 LibItsPki_Pics.PICS_ITS_S_SIGN_NISTP256_PUBLIC_KEY := '02278aafdf017b60c8244e56c2458350510444a22a92c6d0484e865eceaf4ba723'O; # Set to true if the IUT support CertificateId shall be set to the choice name, false if it shall be omitted -#LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted +LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_ID := false # requestedSubjectAttributes.id is omitted # Set to true if the IUT support geographical region LibItsPki_Pics.PICS_EC_SUBJECT_ATTRIBUT_REGION := false # requestedSubjectAttributes.region is omitted @@ -80,10 +87,9 @@ LogEventTypes:= Yes [TESTPORT_PARAMETERS] # Single HTTP component port -system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=plugtest.staging-eu.cycurv2x-pki.com)" - -system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=plugtest.staging-eu.cycurv2x-pki.com)" -#system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43)" +#system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server=eta01s.staging.cycurv2x.com)" +# Single HTTP component port TC_PKI_PLTF_RCV_BV_01 +system.httpPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/TCP(debug=1,server_mode=1,server=192.168.1.43)" [EXECUTE] # Config: @@ -92,7 +98,7 @@ system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/ # LibItsPki_Pics.PICS_TS_AA_CERTIFICATE_ID := "CERT_TS_A_AA" # CERT_TS_A_AA & CERT_IUT_A_RCA shall be trusted by the PKI # LibItsPki_Pics.PICS_IUT_AA_CERTIFICATE_ID := PKI AA cert # LibItsPki_Pics.PICS_TS_CA_CERTIFICATE_ID := PKI RCA cert -# system.httpAtVPort.params := TCP(server=0.atos-ea.l0.c-its-pki.eu) +# system.httpPort.params := TCP(server=eta01s.staging.cycurv2x.com) # The EnrolmentResponse message shall be sent by the EA to the ITS-S across the interface at reference point S3 in response to a received EnrolmentRequest message #ItsPki_TestCases.TC_SECPKI_EA_ENR_RCV_01_BV @@ -146,10 +152,10 @@ system.httpCaPort.params := "HTTP(codecs=http_its:http_etsi_ieee1609dot2_codec)/ # Check that signing of Enrolment response message is permitted by the EA certificate #ItsPki_TestCases.TC_SECPKI_EA_ENR_11_BV # Check that generated EC certificate contains only allowed permissions -ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV +#ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV # The AuthorizationValidationResponse message shall be sent by the EA to the AA across the interface at reference point S4 in response to a received AuthorizationValidationRequest message -#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV +#ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_01_BV <===== # Check that EA doesn't accept Authorization Validation Request when SharedAtRequest is signed with certificate without appropriate permissions #ItsPki_TestCases.TC_SECPKI_EA_AUTHVAL_RCV_02_BI @@ -211,7 +217,7 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV #ItsPki_TestCases.TC_SECPKI_AA_AUTHVAL_01_BV # Config: -# system.httpCaPort.params := TCP(debug=1,server=plugtest.staging-eu.cycurv2x-pki.com) +# system.httpCaPort.params := TCP(debug=1,server=eta01s.staging.cycurv2x.com) # Check that the RootCA generates the Full CTL when new EA is about to be added to the Root CTL #ItsPki_TestCases.TC_RCA_CTLGEN_01_BV # Check that the RootCA generates the CRL when CA certificate is about to be revoked @@ -267,7 +273,8 @@ ItsPki_TestCases.TC_SECPKI_EA_ENR_12_BV # Config: # system.httpCaPort.params := TCP(debug=1,server_mode=1,server=192.168.1.43) # Await CTL request and provides "CERT_IUT_A_RCA", "CERT_TS_A_AA", "CERT_TS_A_EA" certificates -ItsPki_TestCases.TC_RCA_CTLGEN_xx_BV +# PKI platform simu +ItsPki_TestCases.TC_PKI_PLTF_RCV_BV_01 [MAIN_CONTROLLER] # The options herein control the behavior of MC. diff --git a/ttcn/AtsSecurity b/ttcn/AtsSecurity index cbc1dbc..7dc348f 160000 --- a/ttcn/AtsSecurity +++ b/ttcn/AtsSecurity @@ -1 +1 @@ -Subproject commit cbc1dbc66fee3f870193fc5b5dc761e121351c51 +Subproject commit 7dc348f631c1ce89adf120fb2925fe5810463305 diff --git a/ttcn/LibIts b/ttcn/LibIts index 735e798..d431152 160000 --- a/ttcn/LibIts +++ b/ttcn/LibIts @@ -1 +1 @@ -Subproject commit 735e79877b87097c2476bdcf4a71bf48fafdc737 +Subproject commit d4311521a528842673b0b0c0404cfe38649f16ed diff --git a/virtualization/docker/Dockerfile b/virtualization/docker/Dockerfile index dbe21cb..df97008 100644 --- a/virtualization/docker/Dockerfile +++ b/virtualization/docker/Dockerfile @@ -1,7 +1,6 @@ -FROM stfubuntu:18.04 - -MAINTAINER ETSI TTF 011 +FROM stfubuntu:20.04 +LABEL ETSI TTF 011 LABEL description="TTF011 Docker Image" ENV TERM=linux \ diff --git a/virtualization/docker/Dockerfile.stfubuntu b/virtualization/docker/Dockerfile.stfubuntu index b6529e9..9fa6645 100644 --- a/virtualization/docker/Dockerfile.stfubuntu +++ b/virtualization/docker/Dockerfile.stfubuntu @@ -1,7 +1,6 @@ -FROM ubuntu:18.04 - -MAINTAINER ETSI STF +FROM ubuntu:20.04 +LABEL ETSI CTI LABEL description="STF Docker Ubuntu image" ENV TERM=linux \ @@ -10,11 +9,8 @@ ENV TERM=linux \ RUN echo "docker-STF-dev" > /etc/hostname \ && DEBIAN_FRONTEND=noninteractive apt-get update \ && DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y \ - && DEBIAN_FRONTEND=noninteractive apt-get install software-properties-common -y \ - && DEBIAN_FRONTEND=noninteractive add-apt-repository ppa:linuxuprising/java -y \ && DEBIAN_FRONTEND=noninteractive apt-get update \ - && ( echo "oracle-java17-installer shared/accepted-oracle-license-v1-3 boolean true" | debconf-set-selections -v ) \ - && DEBIAN_FRONTEND=noninteractive apt-get --allow-unauthenticated install -y \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y \ autoconf \ bison \ build-essential \ @@ -25,10 +21,9 @@ RUN echo "docker-STF-dev" > /etc/hostname \ emacs \ expect \ flex \ - g++-8 \ - gcc-8 \ - gdb \ - git-core \ + g++-9 \ + gcc-9 \ + git \ gnutls-bin \ graphviz \ iputils-ping \ @@ -40,41 +35,27 @@ RUN echo "docker-STF-dev" > /etc/hostname \ libjsoncpp-dev \ libncurses5-dev \ libpcap-dev \ - libqt5svg5-dev \ libssl-dev \ libtool-bin \ libtool \ - libwireshark-dev \ libxml2-dev \ libxml2-utils \ libyaml-dev \ lsof \ - net-tools \ ntp \ - oracle-java17-installer \ - oracle-java17-set-default \ openssh-server \ pkg-config \ python3-dev \ python3-pip \ python3-setuptools \ - qt5-default \ - qtmultimedia5-dev \ - subversion \ sudo \ sshpass \ tcpdump \ texlive-font-utils \ texlive-latex-extra \ - tshark \ tzdata \ valgrind \ - vim \ - vsftpd \ xutils-dev \ - tree \ - unzip \ - wget \ xsltproc \ && DEBIAN_FRONTEND=noninteractive apt-get autoremove --purge -y \ && DEBIAN_FRONTEND=noninteractive apt-get autoclean \ diff --git a/virtualization/docker/README.md b/virtualization/docker/README.md index b446f49..04012fc 100644 --- a/virtualization/docker/README.md +++ b/virtualization/docker/README.md @@ -52,7 +52,7 @@ inet6:localhost Execute ```run.cmd``` or launch a command line window and run the command -```docker run -it --net=host -e DISPLAY=192.168.99.1:0 stf525_its:latest``` +```docker run -it --net=host -e DISPLAY=192.168.99.1:0 etsiforge/etsi-its-ts``` NOTE: Modify the IP address in the command for the address of 'VirtualBox Hot-Only Network'. @@ -61,44 +61,6 @@ NOTE: Modify the IP address in the command for the address of 'VirtualBox Hot-On Execute ```run.sh``` or launch a command line window and run the command ```sh -docker run -it --net=host -e DISPLAY=$DISPLAY \ --v /tmp/.X11-unix:/tmp/.X11-unix stf525_its:latest +docker run -it --net=host -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix etsiforge/etsi-its-ts ``` -### Import eclipse project - -1. Whithin the docker container, on the linux command prompt type: - - ```eclipse -data ~/dev/Workspace``` - - Eclipse IDE shall be shown on the hosts Screen. - Possible problems: - - eclipse not found: check the PATH environment variable. It shall contain $HOME/bin path. Otherwise add it: - ```export PATH=$HOME/bin:$PATH``` - -2. Run "File -> Import" and import the ```~/dev/TTF011_Its/TTF011.tpd``` file. - - This can take a time, be patient. - **Do not run build in eclipse**, we don't have enough time. - -### Build the project - -```cd ~/Workspace/TTF011/bin``` - -```make``` - -Possible problems: - - Error in AbstractSocket build: Build it explicitly: - ```cd ~/Workspace/Abstract_Socket_CNL113384/bin_ssl && make``` - -### Execute tests -1. Launch eclipse: ```eclipse -data ~/dev/Workspace``` -2. Select configuration from the /etc/folder: - - AtsCAM/AtsCAM.cfg - CAM test suite. - - AtsDENM/AtsDENM.cfg - DENM test suite. - - AtsGeoNetworking/AtsGeoNetworking.cfg - GeoNetworking test suite - - AtsSecurity/AtsSecurity.cfg - IEEE1609.2 ITS Security test suite - - AtsPki/AtsPki.cfg - PKI test suite - - AtsIS/AtsIS.cfg - Infrastructure Services test suite (IVI, MAP/SPaT, RTCME, SxRE) -3. Right-click on the configuration file and select **Run As -> TITAN Parallel launcher** - diff --git a/virtualization/docker/build.sh b/virtualization/docker/build.sh index 1dd69b0..122590f 100755 --- a/virtualization/docker/build.sh +++ b/virtualization/docker/build.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Copyright ETSI 2018-2021 +# Copyright ETSI 2020-2021 # See: https://forge.etsi.org/etsi-forge-copyright-statement.txt set -e @@ -13,7 +13,7 @@ if [ "$1" == "--force-stfubuntu" ]; then fi # Check and build stfubuntu image if [ -z `docker images -q stfubuntu` ]; then - docker build --no-cache --tag stfubuntu:18.04 -f Dockerfile.stfubuntu --force-rm . || exit 1 + docker build --no-cache --tag stfubuntu:20.04 -f Dockerfile.stfubuntu --force-rm . || exit 1 fi docker build --no-cache --tag etsiforge/etsi-its-ts --force-rm . || ( echo "Docker build failed: $?"; exit 1 ) diff --git a/virtualization/docker/home/etc/init.d/20-eclipse.sh b/virtualization/docker/home/etc/init.d/20-eclipse.sh deleted file mode 100755 index c336c6d..0000000 --- a/virtualization/docker/home/etc/init.d/20-eclipse.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -#set -e -set -vx - -echo -e "*****************************\n* Install eclipse\n*****************************\n" - -ECLIPSE_URL='http://www.mirrorservice.org/sites/download.eclipse.org/eclipseMirror/technology/epp/downloads/release/2021-12/R/eclipse-cpp-2021-12-R-linux-gtk-x86_64.tar.gz' -TITAN_URL='https://www.eclipse.org/downloads/download.php?file=/titan/TITAN_Designer_and_Executor_plugin-8.1.0.zip' - -mkdir -p ${HOME}/frameworks -cd ${HOME}/frameworks || exit 1 -wget --progress=dot:mega $ECLIPSE_URL -Oeclipse-cpp-2021-12-R-linux-gtk-x86_64.tar.gz || exit 1 -tar -zxvf ./eclipse-cpp-2021-12-R-linux-gtk-x86_64.tar.gz || exit 1 -ln -sf ${HOME}/frameworks/eclipse/eclipse ${HOME}/bin/eclipse -rm -f ./eclipse-cpp-2021-12-R-linux-gtk-x86_64.tar.gz - -if wget --progress=dot:mega $TITAN_URL -OTITAN_Designer_and_Executor_plugin.zip; then - eclipse/eclipse -noSplash -application org.eclipse.equinox.p2.director \ - -destination /home/etsi/frameworks/eclipse \ - -repository 'jar:file:///home/etsi/frameworks/TITAN_Designer_and_Executor_plugin.zip' \ - -installIU TITAN_Designer.feature.group,TITAN_Executor.feature.group,TITAN_Log_Viewer.feature.group,Titan_external_dependencies.feature.group,Titanium.feature.group,Titanium_external_dependencies.feature.group - rm -f TITAN_Designer_and_Executor_plugin.zip -fi - -cd ${HOME} diff --git a/virtualization/docker/home/etc/init.d/40-ttf011.sh b/virtualization/docker/home/etc/init.d/40-ttf011.sh index fe47046..7c1dfd6 100755 --- a/virtualization/docker/home/etc/init.d/40-ttf011.sh +++ b/virtualization/docker/home/etc/init.d/40-ttf011.sh @@ -38,12 +38,6 @@ cd ${HOME} ln -sf ${HOME}/dev/TTF011_Its/scripts/devenv.bash.ubuntu ${HOME}/devenv.bash ls -ltr ${HOME} -echo -e "*****************************\n* Init Workspace\n*****************************\n" -mkdir -p ${HOME}/dev/Workspace/TTF011/bin/asn1 -cd ${HOME}/dev/Workspace/TTF011 -#ln -s ../../TTF011_Its/testdata -#ln -s ../../TTF011_Its/data - cd ${HOME} exit 0 diff --git a/virtualization/docker/home/etc/init.d/45-certgen.sh b/virtualization/docker/home/etc/init.d/45-certgen.sh old mode 100644 new mode 100755 index f7d5972..b810f8e --- a/virtualization/docker/home/etc/init.d/45-certgen.sh +++ b/virtualization/docker/home/etc/init.d/45-certgen.sh @@ -13,7 +13,7 @@ cd certgen/ && make && cd - echo -e "*****************************\n* Generate ETSI ITS certificates \n*****************************\n" cd ${HOME}/dev/TTF011_Its/data/certificates -CERTGEN=${HOME}/dev make +CERTGEN=${HOME}/dev/itscertgen make cd ${HOME} diff --git a/virtualization/vagrant/provisioner.bash b/virtualization/vagrant/provisioner.bash index 4b16f8c..08ec25a 100755 --- a/virtualization/vagrant/provisioner.bash +++ b/virtualization/vagrant/provisioner.bash @@ -7,19 +7,15 @@ sudo DEBIAN_FRONTEND=noninteractive apt-get update sudo DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y sudo DEBIAN_FRONTEND=noninteractive apt-get install software-properties-common -y -sudo DEBIAN_FRONTEND=noninteractive add-apt-repository ppa:linuxuprising/java -y sudo DEBIAN_FRONTEND=noninteractive apt-get update -sudo DEBIAN_FRONTEND=noninteractive apt-get --allow-unauthenticated install emacs openjdk-11-jre gcc-8 g++-8 git subversion lsof ntp gdb make cmake flex bison autoconf doxygen graphviz libtool libncurses5-dev expect libssl-dev libgcrypt-dev libxml2-dev libedit2 libedit-dev xutils-dev libjsoncpp-dev tcpdump libpcap-dev libwireshark-dev wget tree unzip sshpass kubuntu-desktop valgrind qt5-default qttools5-dev qtmultimedia5-dev libqt5svg5-dev vim tzdata dos2unix xsltproc -y -# Install java -#sudo DEBIAN_FRONTEND=noninteractive apt-get install oracle-java17-installer oracle-java17-set-default -y -#echo "oracle-java17-installer shared/accepted-oracle-license-v1-3 boolean true" | debconf-set-selections -v +sudo DEBIAN_FRONTEND=noninteractive apt-get --allow-unauthenticated install emacs gcc-9 g++-9 git subversion lsof ntp gdb make cmake flex bison autoconf doxygen graphviz libtool libncurses5-dev expect libssl-dev libgcrypt-dev libxml2-dev libedit2 libedit-dev xutils-dev libjsoncpp-dev tcpdump libpcap-dev unzip sshpass kubuntu-desktop valgrind vim tzdata dos2unix xsltproc -y +#sudo DEBIAN_FRONTEND=noninteractive apt --fix-broken install -y sudo DEBIAN_FRONTEND=noninteractive apt-get autoremove --purge -y sudo DEBIAN_FRONTEND=noninteractive apt-get clean gcc --version g++ --version valgrind --version -java -version export HOME=/home/vagrant @@ -152,22 +148,6 @@ echo ". ~/devenv.bash" >> /home/vagrant/.bashrc . /home/vagrant/.bashrc -# Install eclipse -cd ${HOME_FRAMEWORKS} - -wget --progress=dot:mega 'http://www.mirrorservice.org/sites/download.eclipse.org/eclipseMirror/technology/epp/downloads/release/2021-12/R/eclipse-cpp-2021-12-R-linux-gtk-x86_64.tar.gz' -Oeclipse-cpp-2021-12-R-linux-gtk-x86_64.tar.gz -tar -zxvf ./eclipse-cpp-2021-12-R-linux-gtk-x86_64.tar.gz -ln -sf /home/vagrant/frameworks/eclipse/eclipse /home/vagrant/bin/eclipse -rm -f ./eclipse-cpp-2021-12-R-linux-gtk-x86_64.tar.gz - -if wget --progress=dot:mega 'https://www.eclipse.org/downloads/download.php?file=/titan/TITAN_Designer_and_Executor_plugin-8.1.0.zip' -OTITAN_Designer_and_Executor_plugin.zip; then - eclipse/eclipse -noSplash -application org.eclipse.equinox.p2.director \ - -destination /home/vagrant/frameworks/eclipse \ - -repository 'jar:file:///home/vagrant/frameworks/TITAN_Designer_and_Executor_plugin.zip' \ - -installIU TITAN_Designer.feature.group,TITAN_Executor.feature.group,TITAN_Log_Viewer.feature.group,Titan_external_dependencies.feature.group,Titanium.feature.group,Titanium_external_dependencies.feature.group - rm -f TITAN_Designer_and_Executor_plugin.zip -fi - # Build Titan cd /home/vagrant/dev/TTF011_Its/scripts ./build_titan.bash @@ -194,7 +174,7 @@ cd cshared && make && cd - cd certgen/ && make && cd - # Generate ETSI ITS certificates cd /home/vagrant/dev/TTF011_Its/data/certificates -make +CERTGEN=${HOME}/dev/itscertgen make cd ${OLD_PWD} -- GitLab From 392ed0cf441cef04e8fadae3a56af2eb31ade8be Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Wed, 15 Jun 2022 09:48:25 +0200 Subject: [PATCH 5/5] Setup devel branch --- TTF011_win.tpd => TS.ITS.tpd | 10 +++---- ttcn/AtsBTP | 2 +- ttcn/AtsIPv6OverGeoNetworking | 2 +- virtualization/docker/Dockerfile | 6 ++-- virtualization/docker/README.md | 2 +- .../docker/home/etc/init.d/40-ttf011.sh | 14 +++++----- .../docker/home/etc/init.d/45-certgen.sh | 2 +- .../docker/home/etc/init.d/50-ats.sh | 6 ++-- .../docker/home/etc/init.d/60-doxygen.sh | 4 +-- virtualization/vagrant/provisioner.bash | 28 +++++++++---------- 10 files changed, 38 insertions(+), 38 deletions(-) rename TTF011_win.tpd => TS.ITS.tpd (99%) diff --git a/TTF011_win.tpd b/TS.ITS.tpd similarity index 99% rename from TTF011_win.tpd rename to TS.ITS.tpd index d33af87..3685372 100644 --- a/TTF011_win.tpd +++ b/TS.ITS.tpd @@ -1,4 +1,4 @@ - +\0;136;0c - TTF011_Its + TS.ITS @@ -201,8 +201,8 @@ - - + + @@ -6354,4 +6354,4 @@ - \ No newline at end of file + diff --git a/ttcn/AtsBTP b/ttcn/AtsBTP index 8220384..8fb9b43 160000 --- a/ttcn/AtsBTP +++ b/ttcn/AtsBTP @@ -1 +1 @@ -Subproject commit 8220384412a2ed89fb798e322a27ae8c1b71016e +Subproject commit 8fb9b439d6f4f84598a4f4ce52f6e420cf111832 diff --git a/ttcn/AtsIPv6OverGeoNetworking b/ttcn/AtsIPv6OverGeoNetworking index 066a09a..d809854 160000 --- a/ttcn/AtsIPv6OverGeoNetworking +++ b/ttcn/AtsIPv6OverGeoNetworking @@ -1 +1 @@ -Subproject commit 066a09ac1f915e76eb628d1501755196ec39ff47 +Subproject commit d809854002df6eb2ebb5cb120a51e11ee6277c25 diff --git a/virtualization/docker/Dockerfile b/virtualization/docker/Dockerfile index df97008..69a8282 100644 --- a/virtualization/docker/Dockerfile +++ b/virtualization/docker/Dockerfile @@ -1,11 +1,11 @@ FROM stfubuntu:20.04 -LABEL ETSI TTF 011 -LABEL description="TTF011 Docker Image" +LABEL ETSI ITS +LABEL description="TS.ITS Docker Image" ENV TERM=linux \ HOME=/home/etsi \ - HOSTNAME=docker-titan-TTF011 + HOSTNAME=docker-titan-TS.ITS COPY home /home/etsi diff --git a/virtualization/docker/README.md b/virtualization/docker/README.md index 04012fc..7e6b794 100644 --- a/virtualization/docker/README.md +++ b/virtualization/docker/README.md @@ -32,7 +32,7 @@ There are several build stages: 2. Install Titan from Github 3. Install Eclipse and Titan Eclipse plugin into ~/frameworks/titan 4. Install asn1c into ~/frameworks/asn1c -5. Checkout TTF011 sources from ETSI svn repository using default credentials +5. Checkout TS.ITS sources from ETSI svn repository using default credentials 6. Build ASN.1 recoder library 7. Build certificate generation tool diff --git a/virtualization/docker/home/etc/init.d/40-ttf011.sh b/virtualization/docker/home/etc/init.d/40-ttf011.sh index 7c1dfd6..f7ac5fb 100755 --- a/virtualization/docker/home/etc/init.d/40-ttf011.sh +++ b/virtualization/docker/home/etc/init.d/40-ttf011.sh @@ -3,11 +3,11 @@ #set -e set -vx -echo -e "*****************************\n* Checkout TTF011 sources\n*****************************\n" +echo -e "*****************************\n* Checkout TS.ITS sources\n*****************************\n" cd ${HOME}/dev || exit 1 -git clone --recurse-submodules --single-branch https://forge.etsi.org/rep/ITS/TS.ITS.git TTF011_Its -cd ./TTF011_Its +git clone --recurse-submodules --single-branch https://forge.etsi.org/rep/ITS/TS.ITS.git TS.ITS +cd ./TS.ITS for i in `find ./ttcn -type d -name "Ats*"` do cd $i @@ -30,12 +30,12 @@ do fi cd - done -cd ${HOME}/dev/TTF011_Its/ttcn/LibIts -git checkout TTF011 -cd ${HOME}/dev/TTF011_Its/scripts +cd ${HOME}/dev/TS.ITS/ttcn/LibIts +git checkout TS.ITS +cd ${HOME}/dev/TS.ITS/scripts chmod 775 *.bash devenv.bash.* cd ${HOME} -ln -sf ${HOME}/dev/TTF011_Its/scripts/devenv.bash.ubuntu ${HOME}/devenv.bash +ln -sf ${HOME}/dev/TS.ITS/scripts/devenv.bash.ubuntu ${HOME}/devenv.bash ls -ltr ${HOME} cd ${HOME} diff --git a/virtualization/docker/home/etc/init.d/45-certgen.sh b/virtualization/docker/home/etc/init.d/45-certgen.sh index b810f8e..1e1c23b 100755 --- a/virtualization/docker/home/etc/init.d/45-certgen.sh +++ b/virtualization/docker/home/etc/init.d/45-certgen.sh @@ -12,7 +12,7 @@ cd cshared && make && cd - cd certgen/ && make && cd - echo -e "*****************************\n* Generate ETSI ITS certificates \n*****************************\n" -cd ${HOME}/dev/TTF011_Its/data/certificates +cd ${HOME}/dev/TS.ITS/data/certificates CERTGEN=${HOME}/dev/itscertgen make cd ${HOME} diff --git a/virtualization/docker/home/etc/init.d/50-ats.sh b/virtualization/docker/home/etc/init.d/50-ats.sh index ce475fd..0587d6c 100755 --- a/virtualization/docker/home/etc/init.d/50-ats.sh +++ b/virtualization/docker/home/etc/init.d/50-ats.sh @@ -5,12 +5,12 @@ set -vx echo -e "*****************************\n* Change user in cfg files\n*****************************\n" . /home/etsi/devenv.bash -cd ${HOME}/dev/TTF011_Its/scripts || exit 1 +cd ${HOME}/dev/TS.ITS/scripts || exit 1 ./update_user_name.sh || exit 1 echo -e "*****************************\n* Build test suites\n*****************************\n" -cd ${HOME}/dev/TTF011_Its +cd ${HOME}/dev/TS.ITS ATS_LIST="AtsCAM AtsDENM AtsGeoNetworking AtsPki AtsSecurity AtsIS" for i in ${ATS_LIST} do @@ -19,7 +19,7 @@ do done echo -e "*****************************\n* Change sudo in command line\n*****************************\n" -cd /home/etsi/dev/TTF011_Its/scripts +cd /home/etsi/dev/TS.ITS/scripts sed --in-place 's/sudo/echo "etsi" \| sudo -S/' ./run_mtc.bash sed --in-place 's/sudo/echo "etsi" \| sudo -S/' ./run_ptcs.bash diff --git a/virtualization/docker/home/etc/init.d/60-doxygen.sh b/virtualization/docker/home/etc/init.d/60-doxygen.sh index 2bc360c..f5ceeae 100755 --- a/virtualization/docker/home/etc/init.d/60-doxygen.sh +++ b/virtualization/docker/home/etc/init.d/60-doxygen.sh @@ -5,11 +5,11 @@ set -vx echo -e "*****************************\n* Build docs \n*****************************\n" . /home/etsi/devenv.bash -cd ${HOME}/dev/TTF011_Its/docs || exit 1 +cd ${HOME}/dev/TS.ITS/docs || exit 1 doxygen ./o2.cfg || exit 1 # Generate PDF file -cd ${HOME}/dev/TTF011_Its/docs/AtsDocs/latex +cd ${HOME}/dev/TS.ITS/docs/AtsDocs/latex make && mv refman.pdf ${HOME}/docs/etsi_its_help.pdf cd ${HOME} diff --git a/virtualization/vagrant/provisioner.bash b/virtualization/vagrant/provisioner.bash index 08ec25a..12024d2 100755 --- a/virtualization/vagrant/provisioner.bash +++ b/virtualization/vagrant/provisioner.bash @@ -69,8 +69,8 @@ then fi cd /home/vagrant/dev -git clone --recurse-submodules --single-branch https://forge.etsi.org/rep/ITS/TS.ITS.git TTF011_Its -cd ./TTF011_Its +git clone --recurse-submodules --single-branch https://forge.etsi.org/rep/ITS/TS.ITS.git TS.ITS +cd ./TS.ITS for i in `find ./ttcn -type d -name "Ats*"` do cd $i @@ -93,18 +93,18 @@ do fi cd - done -cd /home/vagrant/dev/TTF011_Its/ttcn/LibIts -git checkout TTF011 +cd /home/vagrant/dev/TS.ITS/ttcn/LibIts +git checkout TS.ITS -cd /home/vagrant/dev/TTF011_Its/scripts +cd /home/vagrant/dev/TS.ITS/scripts chmod 775 *.bash devenv.bash.* ./update_user_name.sh -cd /home/vagrant/dev/TTF011_Its/docker +cd /home/vagrant/dev/TS.ITS/docker chmod 775 *.sh -cd /home/vagrant/dev/TTF011_Its +cd /home/vagrant/dev/TS.ITS chmod 775 ./.jenkins.sh cd /home/vagrant -ln -sf /home/vagrant/dev/TTF011_Its/scripts/devenv.bash.ubuntu /home/vagrant/devenv.bash +ln -sf /home/vagrant/dev/TS.ITS/scripts/devenv.bash.ubuntu /home/vagrant/devenv.bash . /home/vagrant/devenv.bash # Install all frameworks @@ -142,19 +142,19 @@ coveralls-lcov -h cd /home/vagrant echo "" >> /home/vagrant/.bashrc -echo "export LD_LIBRARY_PATH=/home/vagrant/dev/TTF011_Its/lib:$LD_LIBRARY_PATH" >> /home/vagrant/.bashrc +echo "export LD_LIBRARY_PATH=/home/vagrant/dev/TS.ITS/lib:$LD_LIBRARY_PATH" >> /home/vagrant/.bashrc echo "export PATH=/home/vagrant/bin:$PATH" >> /home/vagrant/.bashrc echo ". ~/devenv.bash" >> /home/vagrant/.bashrc . /home/vagrant/.bashrc # Build Titan -cd /home/vagrant/dev/TTF011_Its/scripts +cd /home/vagrant/dev/TS.ITS/scripts ./build_titan.bash . /home/vagrant/devenv.bash # Build ATSs -cd /home/vagrant/dev/TTF011_Its/ +cd /home/vagrant/dev/TS.ITS/ ATS_LIST="AtsCAM AtsDENM AtsGeoNetworking AtsPki AtsSecurity AtsIS" for i in ${ATS_LIST} do @@ -163,8 +163,8 @@ do done # Change user in cfg files -cd ${HOME}/dev/TTF011_Its/scripts -./update_user_name.sh TTF011_Its +cd ${HOME}/dev/TS.ITS/scripts +./update_user_name.sh TS.ITS # Build ETSI ITS certificate generation tools cd /home/vagrant/dev @@ -173,7 +173,7 @@ cd ./itscertgen cd cshared && make && cd - cd certgen/ && make && cd - # Generate ETSI ITS certificates -cd /home/vagrant/dev/TTF011_Its/data/certificates +cd /home/vagrant/dev/TS.ITS/data/certificates CERTGEN=${HOME}/dev/itscertgen make cd ${OLD_PWD} -- GitLab