WeekSTF507: Week #3 (d0e5a279) · Commits · TTCN-3 Libraries / LibIts

ttcn/GeoNetworking/LibItsGeoNetworking_Templates.ttcn

+1 −1

Original line number	Diff line number	Diff line
		@@ -2329,7 +2329,7 @@ module LibItsGeoNetworking_Templates {
		return bit2oct(encvalue(p_gnPayload.decodedPayload.btpPacket.payload));
		}

		return p_gnPayload.rawPayload;
		return valueof(p_gnPayload.rawPayload);
		}
		}

ttcn/Security/LibItsSecurity_Functions.ttcn3

+326 −31

Original line number	Diff line number	Diff line
		@@ -116,6 +116,22 @@ module LibItsSecurity_Functions {
		return substr(v_hash, lengthof(v_hash) - 8, 8);
		} // End of function f_calculateDigestFromCertificate

		function f_duration2time(
		in Duration p_duration
		) return Time32 {
		if (p_duration.unit == e_seconds) {
		return p_duration.duration_;
		} else if (p_duration.unit == e_minutes) {
		return p_duration.duration_ * 60;
		} else if (p_duration.unit == e_hours) {
		return p_duration.duration_ * 3600;
		} else if (p_duration.unit == e_hoursBlock) {
		return p_duration.duration_ * 216000;
		}

		return p_duration.duration_ * 31556925;
		} // End of function f_duration2time

		group hostSignatureHelpers {

		/**
		@@ -440,7 +456,7 @@ module LibItsSecurity_Functions {
		)
		}
		);
		p_securedMessage.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s := not4b(p_securedMessage.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s);
		p_securedMessage.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s := not4b(valueof(p_securedMessage.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s));
		}

		return true;
		@@ -814,6 +830,85 @@ module LibItsSecurity_Functions {
		return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField, v_mandatoryHeaders, p_headerFields);
		} // End of function f_buildGnSecuredOtherMessage

		/**
		* @desc This function build and sign the SecureMessage part covered by the signature process including wrong elements of protocols. It is used for BO test cases
		* @param p_securedMessage The signed SecureMessage part
		* @param p_protocolVersion The protocol version to be set. Default: 2
		* @param p_trailerStatus The Traile behaviour:
		* <li>0 for no trailer</li>
		* <li>1 for invalid trailer</li>
		* <li>2 for duplicated trailer</li>
		* @param p_payloadField Payloads to be included in the message
		* @param p_signerInfoType Add digest or AT certificate or certificate chain
		* @param p_threeDLocation The 3D location
		* @param p_headerFields HeaderFields to be inserted in the message
		* @param p_certificateName The certificate identifier to be used. Default: TA_CERT_A
		* @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields
		* @return true on success, false otherwise
		*/
		function f_buildGnSecuredOtherMessage_Bo(
		out template (value) SecuredMessage p_securedMessage,
		in integer p_protocolVersion := c_protocol_version,
		in integer p_trailerStatus := 0,
		in template (value) SecPayload p_payloadField,
		in template (omit) SignerInfoType p_signerInfoType := e_certificate_digest_with_sha256,
		in ThreeDLocation p_threeDLocation,
		in template (omit) HeaderFields p_headerFields := omit,
		in template (omit) charstring p_certificateName := omit,
		in boolean p_addMissingHeaders := true
		) runs on ItsSecurityBaseComponent return boolean {

		// Local variables
		var Certificate v_aaCertificate, v_atCertificate;
		var HeaderFields v_mandatoryHeaders := {};
		var HeaderField v_signerInfo;

		// Load certificates if required
		if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) {
		return false;
		}

		// Add additional headers if required
		if (p_addMissingHeaders == true) {
		// Prepare mandatory headers
		if (valueof(p_signerInfoType) == e_certificate) { // Add the AT certificate
		v_signerInfo := valueof(
		m_header_field_signer_info(
		m_signerInfo_certificate(
		v_atCertificate
		)));
		}
		if (valueof(p_signerInfoType) == e_certificate_chain) { // Add the AT certificate + AA Certificate
		v_signerInfo := valueof(
		m_header_field_signer_info(
		m_signerInfo_certificates(
		{
		v_aaCertificate,
		v_atCertificate
		}
		)
		));
		}
		if (valueof(p_signerInfoType) == e_certificate_digest_with_sha256) { // Add the AT certificate digest
		v_signerInfo := valueof(
		m_header_field_signer_info(
		m_signerInfo_digest(
		v_atCertificate.signer_info.signerInfo.digest
		)));
		}
		v_mandatoryHeaders := {
		v_signerInfo,
		valueof(m_header_field_generation_time(1000 * f_getCurrentTime())), // In us
		valueof(m_header_field_generation_location(p_threeDLocation))
		}
		}

		// FIXME To be done

		// Build the secured message and return it
		return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField, v_mandatoryHeaders, p_headerFields);
		} // End of function f_buildGnSecuredOtherMessage_Bo

		} // End of group hostSignatureHelpers

		group deviceSignatureHelpers {
		@@ -1235,6 +1330,60 @@ module LibItsSecurity_Functions {

		}// End of group certificateGetters

		group certificatesCaching {

		function f_createCertificatesCaching(
		in CertificateChain p_certificates,
		out CertificatesCaching p_certificatesCaching
		) return boolean {
		p_certificatesCaching := { };
		for (var integer v_counter := 0; v_counter < lengthof(p_certificates); v_counter := v_counter + 1) {
		var CertificatesCachingItem v_item;
		v_item.certificate := p_certificates[v_counter];
		v_item.hashedId8 := f_calculateDigestFromCertificate(v_item.certificate);
		p_certificatesCaching[v_counter] := v_item;
		} // End of 'for' statement

		return true;
		}

		function f_getCertificateFromCaching(
		in CertificatesCaching p_certificatesCaching,
		in HashedId8 p_hashedId8,
		out Certificate p_certificate
		) return boolean {
		for (var integer v_counter := 0; v_counter < lengthof(p_certificatesCaching); v_counter := v_counter + 1) {
		if (match(p_certificatesCaching[v_counter].hashedId8, p_hashedId8) == true) {
		p_certificate := p_certificatesCaching[v_counter].certificate;
		return true;
		}
		} // End of 'for' statement

		return false;
		}

		function f_getCertificatesCachingItem(
		in CertificatesCaching p_certificatesCaching,
		in UInt8 p_index,
		out Certificate p_certificate
		) return boolean {
		if (lengthof(p_certificatesCaching) < p_index) {
		p_certificate := p_certificatesCaching[p_index].certificate;
		return true;
		}

		return false;
		}

		function f_getCertificatesCachingItemSize(
		in CertificatesCaching p_certificatesCaching
		) return UInt8 {
		return lengthof(p_certificatesCaching);
		}

		}// End of group certificatesCaching


		} // End of group helpersFunctions

		group externalFunctions {
		@@ -1390,6 +1539,34 @@ module LibItsSecurity_Functions {
		*/
		external function fx_isLocationInsideIdentifiedRegion(in IdentifiedRegion p_region, in ThreeDLocation p_location) return boolean;


		/**
		* @desc Check that p_circular_region_1 circular region is included into p_circular_region_2 circular region
		* @param p_circular_region_1 Circular region 1
		* @param p_circular_region_2 Circular region 2
		*
		* @return true on success, false otherwise
		*/
		external function fx_areCirclesInside(in CircularRegion p_circular_region_1, in CircularRegion p_circular_region_2) return boolean;

		/**
		* @desc Check that p_rectanglar_region_1 rectangular region is included into p_rectanglar_region_2 rectangular region
		* @param p_rectanglar_region_1 Rectangular region 1
		* @param p_rectanglar_region_2 Rectangular region 2
		*
		* @return true on success, false otherwise
		*/
		external function fx_areRectanglesInside(in RectangularRegions p_rectanglar_region_1, in RectangularRegions p_rectanglar_region_2) return boolean;

		/**
		* @desc Check that p_polygonal_region_1 polygonal region is included into p_polygonal_region_2 polygonal region
		* @param p_polygonal_region_1 Polygonal region 1
		* @param p_polygonal_region_2 Polygonal region 2
		*
		* @return true on success, false otherwise
		*/
		external function fx_arePolygonsInside(in PolygonalRegion p_polygonal_region_1, in PolygonalRegion p_polygonal_region_2) return boolean;

		/**
		* @desc Convert a spacial coordinate from DMS to Dms
		* @param p_degrees The degrees (D)
		@@ -1407,6 +1584,124 @@ module LibItsSecurity_Functions {

		group geometryFunctions {

		function f_checkRegionValidityRestiction(
		in Certificate p_cert,
		in Certificate p_cert_issuer
		) return boolean {
		var ValidityRestriction v_cert_region, v_cert_issuer_region;
		var boolean v_cert_issuer_region_result;

		v_cert_issuer_region_result := f_getCertificateValidityRestriction(p_cert_issuer, e_region, v_cert_issuer_region);
		if (f_getCertificateValidityRestriction(p_cert, e_region, v_cert_region) == false) {
		if (v_cert_issuer_region_result == true) {
		if (not match(v_cert_issuer_region.validity.region.region_type, e_none)) {
		return false;
		}
		}
		} else if (
		(v_cert_issuer_region_result == true) and
		(not match(v_cert_issuer_region.validity.region.region_type, e_none))
		) {
		if (match(v_cert_region.validity.region.region_type, e_circle)) {
		if (match(v_cert_issuer_region.validity.region.region_type, e_circle)) {
		// Check v_cert_region 'circle' is inside v_cert_issuer_region 'circle'
		if (f_areCirclesInside(v_cert_region.validity.region.region.circular_region, v_cert_issuer_region.validity.region.region.circular_region) == false) {
		log("* " & testcasename() & ": FAIL: Issuer and issuing certificates circle area does not match *");
		return false;
		}
		}
		} else if (match(v_cert_region.validity.region.region_type, e_rectangle)) {
		if (match(v_cert_issuer_region.validity.region.region_type, e_rectangle)) {
		// Check v_cert_region 'rectangle' is inside v_cert_issuer_region 'rectangle'
		if (f_areRectanglesInside(v_cert_region.validity.region.region.rectangular_region, v_cert_issuer_region.validity.region.region.rectangular_region) == false) {
		log("* " & testcasename() & ": FAIL: Issuer and issuing certificates rectangle area does not match *");
		return false;
		}
		}
		} else if (match(v_cert_region.validity.region.region_type, e_polygon)) {
		if (match(v_cert_issuer_region.validity.region.region_type, e_polygon)) {
		// Check v_cert_region 'polygon' is inside v_cert_issuer_region 'polygon'
		if (f_arePolygonsInside(v_cert_region.validity.region.region.polygonal_region, v_cert_issuer_region.validity.region.region.polygonal_region) == false) {
		log("* " & testcasename() & ": FAIL: Issuer and issuing certificates polygon area does not match *");
		return false;
		}
		}
		} else if (match(v_cert_region.validity.region.region_type,e_id)) {
		// Check id_region
		if (not match (v_cert_region.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) {
		log("* " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 *");
		return false;
		}
		if (not match (v_cert_region.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) {
		log("* " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division *");
		return false;
		}
		// Check region_dictionary
		if (not match (v_cert_region.validity.region.region.id_region.region_dictionary, v_cert_issuer_region.validity.region.region.id_region.region_dictionary)) {
		log("* " & testcasename() & ": FAIL: Issuer and issuing 'region_dictionary' field does not match *");
		return false;
		}
		// Check region_identifier
		if (not match (v_cert_region.validity.region.region.id_region.region_identifier, v_cert_issuer_region.validity.region.region.id_region.region_identifier)) {
		log("* " & testcasename() & ": FAIL: Issuer and issuing 'region_identifier' field does not match *");
		return false;
		}
		// Check local_region
		if (
		(not match (v_cert_issuer_region.validity.region.region.id_region.local_region, v_cert_region.validity.region.region.id_region.local_region)) or
		(not match (v_cert_issuer_region.validity.region.region.id_region.local_region, 0))
		) {
		return false;
		log("* " & testcasename() & ": FAIL: Issuer and issuing 'local_region' field does not match *");
		}
		}
		}

		return true;
		} // End of function f_checkRegionValidityRestiction

		/**
		* @desc Check that p_circular_region_1 circular region is included into p_circular_region_2 circular region
		* @param p_circular_region_1 Circular region 1
		* @param p_circular_region_2 Circular region 2
		*
		* @return true on success, false otherwise
		*/
		function f_areCirclesInside(
		in CircularRegion p_circular_region_1,
		in CircularRegion p_circular_region_2
		) return boolean {
		return fx_areCirclesInside(p_circular_region_1, p_circular_region_2);
		}

		/**
		* @desc Check that p_rectanglar_region_1 rectangular region is included into p_rectanglar_region_2 rectangular region
		* @param p_rectanglar_region_1 Rectangular region 1
		* @param p_rectanglar_region_2 Rectangular region 2
		*
		* @return true on success, false otherwise
		*/
		function f_areRectanglesInside(
		in RectangularRegions p_rectanglar_region_1,
		in RectangularRegions p_rectanglar_region_2
		) return boolean {
		return fx_areRectanglesInside(p_rectanglar_region_1, p_rectanglar_region_2);
		}

		/**
		* @desc Check that p_polygonal_region_1 polygonal region is included into p_polygonal_region_2 polygonal region
		* @param p_polygonal_region_1 Polygonal region 1
		* @param p_polygonal_region_2 Polygonal region 2
		*
		* @return true on success, false otherwise
		*/
		function f_arePolygonsInside(
		in PolygonalRegion p_polygonal_region_1,
		in PolygonalRegion p_polygonal_region_2
		) return boolean {
		return fx_arePolygonsInside(p_polygonal_region_1, p_polygonal_region_2);
		}

		/**
		* @desc Check that given location is valid
		* @param p_location location to be checked

ttcn/Security/LibItsSecurity_Pixits.ttcn3

+15 −0

Original line number	Diff line number	Diff line
		@@ -39,4 +39,19 @@ module LibItsSecurity_Pixits {
		*/
		modulepar UInt8 PX_WRONG_PROTOCOL_VERSION := 1;

		/**
		* @desc Invalid protocol version. Default: 1
		*/
		modulepar WGSLongitude PX_WGSLONGITUDE := 0;

		/**
		* @desc Invalid protocol version. Default: 1
		*/
		modulepar WGSLatitude PX_WGSLATITUDE := 0;

		/**
		* @desc Invalid protocol version. Default: 1
		*/
		modulepar HashedId8 PX_OTHER_CERT_DIGEST := '0000000000000000'O;

		} // End of module LibItsSecurity_Pixits
		No newline at end of file

ttcn/Security/LibItsSecurity_Templates.ttcn3

+22 −6

Original line number	Diff line number	Diff line
		@@ -376,6 +376,22 @@ module LibItsSecurity_Templates {
		} // End of field signerInfo
		} // End of template m_signerInfo_certificates

		template (value) SignerInfo m_signerInfo_other_certificates(
		in template (value) CertificateWithAlgo p_certificateWithAlgo
		) := {
		type_ := e_certificate_digest_with_other_algorithm,
		signerInfo := {
		certificateWithAlgo := p_certificateWithAlgo
		} // End of field signerInfo
		} // End of template m_signerInfo_other_certificates

		template (value) CertificateWithAlgo m_certificateWithAlgo_ecdsa(
		in template (value) HashedId8 p_digest
		) := {
		algorithm := e_ecdsa_nistp256_with_sha256,
		digest := p_digest
		} // End of m_certificateWithAlgo

		} // End of group signerInfos

		/**
		@@ -401,7 +417,7 @@ module LibItsSecurity_Templates {
		in template (value) Int13 p_duration
		) := {
		unit := e_seconds,
		duration := p_duration
		duration_ := p_duration
		} // End of template m_duration_in_seconds

		/**
		@@ -613,7 +629,7 @@ module LibItsSecurity_Templates {
		signerInfo := {
		certificates := p_certificates
		} // End of field signerInfo
		} // End of template m_signerInfo_certificates
		} // End of template mw_signerInfo_certificates

		} // End of group signerInfos

		@@ -676,7 +692,7 @@ module LibItsSecurity_Templates {
		in template (present) Int13 p_duration
		) := {
		unit := e_seconds,
		duration := p_duration
		duration_ := p_duration
		} // End of template mw_duration_in_seconds

		/**

ttcn/Security/LibItsSecurity_TestSystem.ttcn3

+2 −0

Original line number	Diff line number	Diff line
		@@ -44,6 +44,8 @@ module LibItsSecurity_TestSystem {
		const charstring cc_taCert_G := "CERT_TS_G_AT"; /** to be defined */
		const charstring cc_taCert_EC := "CERT_TS_A_EC"; /** Certificate with a subject type indicating 'enrolment_credentials', to be used when secured messages are sent from TA to IUT */
		const charstring cc_taCert_AA := "CERT_TS_A_AA"; /** Certificate with a subject type indicating 'authorisation_authority', to be used when secured messages are sent from TA to IUT */
		const charstring cc_taCert_EA := "CERT_TS_A_EA"; /** Certificate with a subject type indicating 'enrolment_authority', to be used when secured messages are sent from TA to IUT */
		const charstring cc_taCert_CA := "CERT_TS_A_CA"; /** Certificate with a subject type indicating 'root_ca', to be used when secured messages are sent from TA to IUT */
		// Test Adapter certificates & private keys - Inoportune behavior
		const charstring cc_taCert_B_BO := "CERT_TS_B_BO_AT"; /** Certificate with a circular region, the IUT position is outside of the region */
		const charstring cc_taCert_C_BO := "CERT_TS_C_BO_AT"; /** Certificate with a rectangular region, the IUT position is outside of the region */