Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
TTCN-3 Libraries
LibIts
Commits
ca69dcbb
Commit
ca69dcbb
authored
Feb 26, 2018
by
garciay
Browse files
STF538: Certificate TPs implementation
parent
755c231a
Changes
5
Hide whitespace changes
Inline
Side-by-side
ttcn/GeoNetworking/LibItsGeoNetworking_Functions.ttcn
View file @
ca69dcbb
...
...
@@ -2581,24 +2581,6 @@ module LibItsGeoNetworking_Functions {
}
}
// End of altstep a_securedMessageWithCertificate
/**
* @desc Receive GN message with security containing certificate chain as a signer info
* @param p_cert returns the certificate used for sign received message
*/
/* FIXME To be reviewed altstep a_securedMessageWithCertificateChain(
out EtsiTs103097Data p_received
) runs on ItsGeoNetworking {
[] a_securedMessage (
mw_securedMessage(
superset(
mw_header_field_signer_info_certificate_chain
)),
p_received
) {
// Nothing to do
}
}*/
// End of altstep a_securedMessageWithCertificateChain
/**
* @desc Receive GN message with security containing digest as a signer info
* @param p_cert returns the certificate used for sign received message
...
...
@@ -2641,8 +2623,8 @@ module LibItsGeoNetworking_Functions {
var
SignerIdentifier
v_signerIdentifier
;
if
(
f_getMsgSignerIdentifier
(
v_recv
,
v_signerIdentifier
)
==
true
)
{
if
(
ischosen
(
v_signerIdentifier
.
certificate
))
{
p_cert
:=
v_signerIdentifier
.
certificate
[
0
];
v_ret
:=
true
;
p_cert
:=
v_signerIdentifier
.
certificate
[
0
];
v_ret
:=
true
;
}
}
}
...
...
@@ -2651,28 +2633,6 @@ module LibItsGeoNetworking_Functions {
return
v_ret
;
}
// End of function f_waitForCertificate
/**
* @desc Wait for GN message with security containing certificate chain as a signer info
* @return the certificate used for sign received message
*/
function
f_waitForCertificateChain
(
out
SequenceOfCertificate
p_chain
)
runs
on
ItsGeoNetworking
return
boolean
{
var
EtsiTs103097Data
v_recv
;
var
boolean
v_ret
:=
false
;
/* FIXME To be reviewed alt {
[] a_securedMessageWithCertificateChain(v_recv) {
var SignerIdentifier v_si;
if(f_getMsgSignerInfo(v_recv, v_si)) {
p_chain := v_si.signerInfo.certificates;
v_ret := true;
}
}
}*/
return
v_ret
;
}
/**
* @desc Ask for the certificate chain and wait for GN message with security containing certificate chain as a signer info
* @return the certificate chain used for sign received message
...
...
@@ -2686,11 +2646,12 @@ module LibItsGeoNetworking_Functions {
alt
{
[]
a_securedMessageWithCertificate
(
v_recv
)
{
var
SignerIdentifier
v_signerIdentifier
;
if
(
f_getMsgSignerIdentifier
(
v_recv
,
v_signerIdentifier
)
==
true
)
{
if
(
f_getMsgSignerIdentifier
(
v_recv
,
v_signerIdentifier
)
==
true
)
{
// Get AT certificate
if
(
ischosen
(
v_signerIdentifier
.
digest
))
{
f_sendCertificateRequest
(
v_signerIdentifier
.
digest
,
p_CamPayload
);
f_sendCertificateRequest
(
v_signerIdentifier
.
digest
,
p_CamPayload
);
// Request issuer
if
(
tc_ac
.
running
)
{
tc_ac
.
stop
;
tc_ac
.
start
;
tc_ac
.
stop
;
tc_ac
.
start
;
}
v_ret
:=
true
;
}
...
...
@@ -2712,56 +2673,21 @@ module LibItsGeoNetworking_Functions {
var
EtsiTs103097Data
v_recv
;
var
SignerIdentifier
v_signerIdentifier
;
var
boolean
v_ret
:=
false
;
f_askForCertificateChain
(
p_CamPayload
);
// Get AT certificate and request for the issuer
alt
{
[]
a_securedMessageWithCertificate
(
v_recv
)
{
[]
a_securedMessageWithCertificate
(
v_recv
)
{
// Get AA certificate
tc_ac
.
stop
;
if
(
f_getMsgSignerIdentifier
(
v_recv
,
v_signerIdentifier
)
==
true
)
{
if
(
ischosen
(
v_signerIdentifier
.
digest
))
{
f_sendCertificateRequest
(
v_signerIdentifier
.
digest
,
p_CamPayload
);
f_sendCertificateRequest
(
v_signerIdentifier
.
digest
,
p_CamPayload
);
tc_ac
.
start
;
repeat
;
}
p_chain
:=
v_signerIdentifier
.
certificate
;
}
}
/* FIXME To be done [] a_securedMessageWithCertificateChain(v_recv) {
tc_ac.stop;
if (f_getMsgSignerIdentifier(v_recv, v_signerIdentifier) == true) { // FIXME How to receive chain of certificate
p_chain := v_signerIdentifier.certificate;
v_ret := true;
}
}*/
}
// End of 'alt' statement
return
v_ret
;
}
// End of function f_askAndWaitForCertificateChain
/**
* @desc Wait for GN message with security containing digest as a signer info
* @return the digest of the certificate been used to sign received message
*/
function
f_waitForDigest
(
out
HashedId8
p_digest
)
runs
on
ItsGeoNetworking
return
boolean
{
// Local variables
var
EtsiTs103097Data
v_recv
;
var
boolean
v_ret
:=
false
;
/* FIXME To be reviewed alt {
[] a_securedMessageWithDigest(v_recv) {
var SignerIdentifier v_si;
if(f_getMsgSignerInfo(v_recv, v_si)) {
p_digest := v_si.signerInfo.digest;
v_ret := true;
}
}
}*/
// End of 'alt' statement
return
v_ret
;
}
// End of function f_waitForDigest
/**
* @desc Send a CAM message with a certificate and wait the certificate chain request message
* @remark This function is used only for testing against another ATS
...
...
ttcn/Security/LibItsSecurity_Functions.ttcn
View file @
ca69dcbb
...
...
@@ -1452,8 +1452,8 @@ module LibItsSecurity_Functions {
*/
function
f_unloadCertificates
()
runs
on
ItsSecurityBaseComponent
return
boolean
{
// Reset security component variables
vc_signingPrivateKey
:=
'
0000000000000000000000000000000000000000000000000000000000000000
'O
;
vc_encryptPrivateKey
:=
'
0000000000000000000000000000000000000000000000000000000000000000
'O
;
vc_signingPrivateKey
:=
''
O
;
vc_encryptPrivateKey
:=
''
O
;
// Clear certificates memory cache
return
fx_unloadCertificates
();
}
// End of function f_unloadCertificates
...
...
ttcn/Security/LibItsSecurity_Templates.ttcn
View file @
ca69dcbb
...
...
@@ -1204,7 +1204,7 @@ module LibItsSecurity_Templates {
template
(
present
)
SequenceOfPsidGroupPermissions
p_certIssuePermissions
:=
?
,
template
(
present
)
SequenceOfPsidGroupPermissions
p_certRequestPermissions
:=
?
,
template
(
present
)
VerificationKeyIndicator
p_verifyKeyIndicator
:=
?
,
template
ValidityPeriod
p_validityPeriod
:=
*
,
template
(
present
)
ValidityPeriod
p_validityPeriod
:=
?
,
template
GeographicRegion
p_region
:=
*
,
template
SubjectAssurance
p_assuranceLevel
:=
*
,
template
PublicEncryptionKey
p_encryptionKey
:=
*
...
...
@@ -1215,10 +1215,10 @@ module LibItsSecurity_Templates {
validityPeriod
:=
p_validityPeriod
,
region
:=
p_region
,
assuranceLevel
:=
p_assuranceLevel
,
appPermissions
:=
*
,
appPermissions
:=
omit
,
certIssuePermissions
:=
p_certIssuePermissions
,
certRequestPermissions
:=
p_certRequestPermissions
,
canRequestRollover
:=
*
,
canRequestRollover
:=
omit
,
encryptionKey
:=
p_encryptionKey
,
verifyKeyIndicator
:=
p_verifyKeyIndicator
}
// End of template mw_toBeSignedCertificate
...
...
@@ -1270,9 +1270,9 @@ module LibItsSecurity_Templates {
region
:=
p_region
,
assuranceLevel
:=
p_assuranceLevel
,
appPermissions
:=
p_appPermissions
,
certIssuePermissions
:=
*
,
certRequestPermissions
:=
*
,
canRequestRollover
:=
*
,
certIssuePermissions
:=
omit
,
certRequestPermissions
:=
omit
,
canRequestRollover
:=
omit
,
encryptionKey
:=
p_encryptionKey
,
verifyKeyIndicator
:=
p_verifyKeyIndicator
}
// End of template mw_toBeSignedCertificate_ea
...
...
@@ -1386,9 +1386,9 @@ module LibItsSecurity_Templates {
region
:=
p_region
,
assuranceLevel
:=
p_assuranceLevel
,
appPermissions
:=
p_appPermissions
,
certIssuePermissions
:=
*
,
certRequestPermissions
:=
*
,
canRequestRollover
:=
*
,
certIssuePermissions
:=
omit
,
certRequestPermissions
:=
omit
,
canRequestRollover
:=
omit
,
encryptionKey
:=
p_encryptionKey
,
verifyKeyIndicator
:=
p_verifyKeyIndicator
}
// End of template mw_toBeSignedCertificate_at
...
...
@@ -1513,12 +1513,30 @@ module LibItsSecurity_Templates {
eeType
:=
p_eeType
}
// End of template m_psidGroupPermissions
template
(
present
)
PsidGroupPermissions
mw_psidGroupPermissions
(
template
(
present
)
SubjectPermissions
p_subjectPermissions
:=
?
,
integer
p_minChainLength
:=
1
,
integer
p_chainLengthRange
:=
0
,
template
(
present
)
EndEntityType
p_eeType
:=
?
)
:=
{
subjectPermissions
:=
p_subjectPermissions
,
minChainLength
:=
p_minChainLength
,
chainLengthRange
:=
p_chainLengthRange
,
eeType
:=
p_eeType
}
// End of template mw_psidGroupPermissions
template
(
value
)
SubjectPermissions
m_subjectPermissions_explicit
(
in
template
(
value
)
SequenceOfPsidSspRange
p_certIssuePermissions
)
:=
{
explicit
:=
p_certIssuePermissions
}
// End of template m_subjectPermissions_explicit
template
(
present
)
SubjectPermissions
mw_subjectPermissions_explicit
(
template
(
present
)
SequenceOfPsidSspRange
p_certIssuePermissions
:=
?
)
:=
{
explicit
:=
p_certIssuePermissions
}
// End of template mw_subjectPermissions_explicit
template
(
value
)
SubjectPermissions
m_subjectPermissions_all
:=
{
all_
:=
NULL
}
// End of template m_subjectPermissions_all
...
...
ttcn/Security/LibItsSecurity_TestSystem.ttcn
View file @
ca69dcbb
...
...
@@ -37,8 +37,8 @@ module LibItsSecurity_TestSystem {
var
charstring
vc_hashedId8ToBeUsed
:=
PX_IUT_DEFAULT_CERTIFICATE
;
/** Digest value of the AT certificate to be used by the IUT. Default: CERT_IUT_A_AT */
// Private keys
var
O
ct
32
vc_signingPrivateKey
;
var
O
ct
32
vc_encryptPrivateKey
;
var
o
ct
etstring
vc_signingPrivateKey
;
var
o
ct
etstring
vc_encryptPrivateKey
;
// Generation position. See Draft ETSI TS 103 097 V1.1.14 Clause 7.2 Security profiles for DENMs
var
ThreeDLocation
vc_location
;
...
...
ttcn/SremSsem/LibItsSremSsem_Templates.ttcn
View file @
ca69dcbb
...
...
@@ -133,7 +133,7 @@ module LibItsSremSsem_Templates {
* @param p_ssemMsg The expected SSEM Message
*/
template
(
present
)
SsemInd
mw_ssemInd
(
template
(
present
)
SSEM
p_ssemMsg
template
(
present
)
SSEM
p_ssemMsg
:=
?
)
:=
{
msgIn
:=
p_ssemMsg
,
gnNextHeader
:=
*
,
...
...
@@ -540,7 +540,7 @@ module LibItsSremSsem_Templates {
* @desc Receive template for SSEM Message
*/
template
(
present
)
SignalStatusMessage
mw_defaultSsem
(
template
MsgCount
p_sequenceNumber
:=
*
template
(
present
)
MsgCount
p_sequenceNumber
:=
?
)
:=
{
timeStamp
:=
*
,
second
:=
?
,
...
...
@@ -550,12 +550,12 @@ module LibItsSremSsem_Templates {
}
template
(
present
)
SignalStatusMessage
mw_ssemWellFormatted
(
template
MsgCount
p_sequenceNumber
:=
*
template
(
present
)
MsgCount
p_sequenceNumber
:=
?
)
modifies
mw_defaultSsem
:=
{
}
template
(
present
)
SignalStatusMessage
mw_ssem_with_region_id
(
template
MsgCount
p_sequenceNumber
:=
*
,
template
(
present
)
MsgCount
p_sequenceNumber
:=
?
,
template
(
present
)
SignalStatusMessage
.
regional
p_regional
:=
?
)
modifies
mw_defaultSsem
:=
{
regional
:=
p_regional
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment