Commit 1c22c3f6 authored by YannGarcia's avatar YannGarcia
Browse files

Review TC_SECPKI_AA_AUTHVAL_RCV_01_BV

parent 81624a5e
......@@ -65,17 +65,29 @@ module LibItsPki_Functions {
group pkiConfigurationFunctions {
function f_cfMtcUp(
out ItsPkiItss p_itss,
out ItsPkiHttp p_pki
) runs on ItsMtc {
function f_cfMtcUp01(
out ItsPkiItss p_itss,
out ItsPkiHttp p_pki
) runs on ItsMtc {
p_itss := ItsPkiItss.create("IUT") alive;
p_pki := ItsPkiHttp.create("TS") alive;
connect(self:syncPort, mtc:syncPort);
connect(p_itss:syncPort, self:syncPort);
connect(p_pki:syncPort, self:syncPort);
}
} // End of function f_cfMtcUp01
function f_cfMtcUp02(
out ItsPkiHttp p_itss,
out ItsPkiHttp p_ea
) runs on ServerSyncComp {
p_itss := ItsPkiItss.create("ITS-S") alive;
p_ea := ItsPkiHttp.create("EA") alive;
connect(self:syncPort, mtc:syncPort);
connect(p_itss:syncPort, self:syncPort);
connect(p_ea:syncPort, self:syncPort);
} // End of function f_cfMtcUp02
/**
* @desc Setups default configuration
......@@ -128,6 +140,100 @@ module LibItsPki_Functions {
}
} // End of function f_cfHttpUp
/**
* @desc Setups default configuration
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfHttpUp_itss(
in charstring p_ea_certificate_id := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_aa_certificate_id := "CERT_TS_A_AA"
) runs on ItsPkiHttp /* TITAN TODO: system ItsPkiHttpSystem */ {
if (PICS_MULTIPLE_END_POINT == false) {
map(self:httpPort, system:httpPort);
} else {
map(self:httpEcPort, system:httpEcPort);
}
f_initialiseSecuredMode(p_ea_certificate_id, p_aa_certificate_id); // TODO To be removed???
// Setup EA certificate shared with PKI EA entity
f_readCertificate(p_ea_certificate_id, vc_eaCertificate);
f_readSigningKey(p_ea_certificate_id, vc_eaPrivateKey); // TODO To be removed
f_readEncryptingKey(p_ea_certificate_id, vc_eaPrivateEncKey);
f_getCertificateDigest(p_ea_certificate_id, vc_eaHashedId8);
f_getCertificateHash(p_ea_certificate_id, vc_eaWholeHash);
log("f_cfHttpUp_itss: vc_eaPrivateKey= ", vc_eaPrivateKey);
log("f_cfHttpUp_itss: vc_eaPrivateEncKey= ", vc_eaPrivateEncKey);
log("f_cfHttpUp_itss: vc_eaHashedId8= ", vc_eaHashedId8);
log("f_cfHttpUp_itss: vc_eaWholeHash= ", vc_eaWholeHash);
// Setup AA certificate shared with PKI AA entity
f_readCertificate(p_aa_certificate_id, vc_aaCertificate);
f_readSigningKey(p_aa_certificate_id, vc_aaPrivateKey); // Required for AuthorizationValidation request
f_readEncryptingKey(p_aa_certificate_id, vc_aaPrivateEncKey);
f_getCertificateDigest(p_aa_certificate_id, vc_aaHashedId8);
f_getCertificateHash(p_aa_certificate_id, vc_aaWholeHash);
log("f_cfHttpUp_itss: vc_aaPrivateKey= ", vc_aaPrivateKey);
log("f_cfHttpUp_itss: vc_aaPrivateEncKey= ", vc_aaPrivateEncKey);
log("f_cfHttpUp_itss: vc_aaHashedId8= ", vc_aaHashedId8);
log("f_cfHttpUp_itss: vc_aaWholeHash= ", vc_aaWholeHash);
if (PICS_MULTIPLE_END_POINT == false) {
activate(a_default_pki_http());
} else {
activate(a_default_pki_http_ec());
}
} // End of function f_cfHttpUp_itss
/**
* @desc Setups default configuration
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
*/
function f_cfHttpUp_ea(
in charstring p_ea_certificate_id := "CERT_TS_A_EA", // TODO Use a constant
in charstring p_aa_certificate_id := "CERT_TS_A_AA"
) runs on ItsPkiHttp /* TITAN TODO: system ItsPkiHttpSystem */ {
if (PICS_MULTIPLE_END_POINT == false) {
map(self:httpPort, system:httpPort);
} else {
map(self:httpAtVPort, system:httpAtVPort);
map(self:httpAtPort, system:httpAtPort);
}
f_initialiseSecuredMode(p_ea_certificate_id, p_aa_certificate_id); // TODO To be removed???
// Setup EA certificate shared with PKI EA entity
f_readCertificate(p_ea_certificate_id, vc_eaCertificate);
f_readSigningKey(p_ea_certificate_id, vc_eaPrivateKey); // TODO To be removed
f_readEncryptingKey(p_ea_certificate_id, vc_eaPrivateEncKey);
f_getCertificateDigest(p_ea_certificate_id, vc_eaHashedId8);
f_getCertificateHash(p_ea_certificate_id, vc_eaWholeHash);
log("f_cfHttpUp_ea: vc_eaPrivateKey= ", vc_eaPrivateKey);
log("f_cfHttpUp_ea: vc_eaPrivateEncKey= ", vc_eaPrivateEncKey);
log("f_cfHttpUp_ea: vc_eaHashedId8= ", vc_eaHashedId8);
log("f_cfHttpUp_ea: vc_eaWholeHash= ", vc_eaWholeHash);
// Setup AA certificate shared with PKI AA entity
f_readCertificate(p_aa_certificate_id, vc_aaCertificate);
f_readSigningKey(p_aa_certificate_id, vc_aaPrivateKey); // Required for AuthorizationValidation request
f_readEncryptingKey(p_aa_certificate_id, vc_aaPrivateEncKey);
f_getCertificateDigest(p_aa_certificate_id, vc_aaHashedId8);
f_getCertificateHash(p_aa_certificate_id, vc_aaWholeHash);
log("f_cfHttpUp_ea: vc_aaPrivateKey= ", vc_aaPrivateKey);
log("f_cfHttpUp_ea: vc_aaPrivateEncKey= ", vc_aaPrivateEncKey);
log("f_cfHttpUp_ea: vc_aaHashedId8= ", vc_aaHashedId8);
log("f_cfHttpUp_ea: vc_aaWholeHash= ", vc_aaWholeHash);
if (PICS_MULTIPLE_END_POINT == false) {
activate(a_default_pki_http());
} else {
activate(a_default_pki_http_atv());
activate(a_default_pki_http_at());
}
} // End of function f_cfHttpUp_ea
function f_cfUp_itss(
in charstring p_certificate_id := "CERT_TS_A_EA" // TODO Use a constant
) runs on ItsPkiItss /* TITAN TODO: system ItsPkiItssSystem */ {
......@@ -144,10 +250,10 @@ module LibItsPki_Functions {
/**
* @desc Deletes default configuration
*/
function f_cfMtcDown(
inout ItsPkiItss p_itss,
inout ItsPkiHttp p_pki
) runs on ItsMtc {
function f_cfMtcDown01(
inout ItsPkiItss p_itss,
inout ItsPkiHttp p_pki
) runs on ItsMtc {
disconnect(self:syncPort, mtc:syncPort);
disconnect(p_itss:syncPort, self:syncPort);
disconnect(p_pki:syncPort, self:syncPort);
......@@ -156,6 +262,18 @@ module LibItsPki_Functions {
p_pki.done;
}
function f_cfMtcDown02(
inout ItsPkiHttp p_itss,
inout ItsPkiHttp p_ea
) runs on ServerSyncComp {
disconnect(self:syncPort, mtc:syncPort);
disconnect(p_itss:syncPort, self:syncPort);
disconnect(p_ea:syncPort, self:syncPort);
p_itss.done;
p_ea.done;
}
/**
* @desc Deletes default configuration
*/
......@@ -171,6 +289,33 @@ module LibItsPki_Functions {
f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown
/**
* @desc Deletes default configuration
*/
function f_cfHttpDown_itss() runs on ItsPkiHttp /* TITAN TODO: system ItsPkiHttpSystem */ {
if (PICS_MULTIPLE_END_POINT == false) {
unmap(self:httpPort, system:httpPort);
} else {
unmap(self:httpEcPort, system:httpEcPort);
}
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown_itss
/**
* @desc Deletes default configuration
*/
function f_cfHttpDown_ea() runs on ItsPkiHttp /* TITAN TODO: system ItsPkiHttpSystem */ {
if (PICS_MULTIPLE_END_POINT == false) {
unmap(self:httpPort, system:httpPort);
} else {
unmap(self:httpAtVPort, system:httpAtVPort);
unmap(self:httpAtPort, system:httpAtPort);
}
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown_ea
/**
* @desc Deletes default configuration
*/
......
......@@ -82,7 +82,7 @@ module LibItsPki_TestSystem {
var octetstring vc_aaPrivateEncKey; /** Test Adapter AA private key for encryption */
var HashedId8 vc_aaHashedId8; /** Test Adapter AA HashedId8 for decryption of IUT's response */
var octetstring vc_aaWholeHash; /** Test Adapter AA whole-hash for signature check */
} // End of component ItsPki
} // End of component ItsPkiHttp
/**
* @desc Test component for ITS-S entity
......
......@@ -1993,7 +1993,7 @@ module LibItsSecurity_Functions {
log(">>> f_verifyGnSecuredMessageSignatureWithCertificate: p_certificate=", p_certificate);
if (f_getCertificateHash(valueof(p_certificate_id), v_issuer) == false) {
log("f_verifyCertificateSignatureWithPublicKey: Invalid certificate id: " & p_certificate_id);
log("f_verifyCertificateSignatureWithPublicKey: Invalid certificate id: " & valueof(p_certificate_id));
return false;
}
if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment