Skip to content
GitLab
Commits (1)
Hide whitespace changes
Inline Side-by-side
ttcn/Pki/LibItsPki_Functions.ttcn
View file @ 63ccaf66
...@@ -166,6 +166,27 @@ module LibItsPki_Functions { ...@@ -166,6 +166,27 @@ module LibItsPki_Functions {
} }
} // End of function f_cfHttpUp_ca } // End of function f_cfHttpUp_ca
/**
* @desc Setups default configuration
*/
function f_cfHttpUp_tlm() runs on ItsPkiHttp /* TITAN TODO: system ItsPkiHttpSystem */ {
if (PICS_MULTIPLE_END_POINT == false) {
map(self:httpPort, system:httpPort);
} else {
map(self:httpTlmPort, system:httpTlmPort);
}
f_connect4SelfOrClientSync();
f_initialiseSecuredMode();
if (PICS_MULTIPLE_END_POINT == false) {
activate(a_default_pki_http());
} else {
activate(a_default_pki_http_tlm());
}
} // End of function f_cfHttpUp_tlm
/** /**
* @desc Setups default configuration * @desc Setups default configuration
* @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT * @param p_certificate_id The certificate identifier the TA shall use in case of secured IUT
...@@ -327,6 +348,19 @@ module LibItsPki_Functions { ...@@ -327,6 +348,19 @@ module LibItsPki_Functions {
f_uninitialiseSecuredMode(); f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown_ca } // End of function f_cfHttpDown_ca
/**
* @desc Deletes default configuration
*/
function f_cfHttpDown_tlm() runs on ItsPkiHttp /* TITAN TODO: system ItsPkiHttpSystem */ {
if (PICS_MULTIPLE_END_POINT == false) {
unmap(self:httpPort, system:httpPort);
} else {
unmap(self:httpTlmPort, system:httpTlmPort);
}
f_disconnect4SelfOrClientSync();
f_uninitialiseSecuredMode();
} // End of function f_cfHttpDown_tlm
/** /**
* @desc Deletes default configuration * @desc Deletes default configuration
*/ */
...@@ -680,6 +714,15 @@ module LibItsPki_Functions { ...@@ -680,6 +714,15 @@ module LibItsPki_Functions {
p_http_message.response.header := p_headers; p_http_message.response.header := p_headers;
} }
httpCaPort.send(p_http_message); httpCaPort.send(p_http_message);
} else if (v_content_text == { "tlm_request" }) {
log("f_http_send: Send on TLM end point");
f_set_headers_list({ c_header_host }, { PICS_HEADER_HOST_TLM }, p_headers);
if (ischosen(p_http_message.request)) {
p_http_message.request.header := p_headers;
} else {
p_http_message.response.header := p_headers;
}
httpTlmPort.send(p_http_message);
} else { } else {
log("f_http_send: Invalid header value: ", v_content_text); log("f_http_send: Invalid header value: ", v_content_text);
} }
...@@ -3066,6 +3109,35 @@ module LibItsPki_Functions { ...@@ -3066,6 +3109,35 @@ module LibItsPki_Functions {
return true; return true;
} }
function f_verify_full_ectl(
in ToBeSignedRcaCtl p_to_be_signed_tlm_ectl
) return boolean {
log(">>> f_verify_full_ectl: p_to_be_signed_tlm_ectl= ", p_to_be_signed_tlm_ectl);
// 1. Check mandatory fields
log("f_verify_full_ectl matching= ", match(p_to_be_signed_tlm_ectl, mw_to_be_signed_rca_full_ctl));
if (match(p_to_be_signed_tlm_ectl, mw_to_be_signed_rca_full_ctl) == false) {
return false;
}
log("f_verify_full_ectl: ctlCommands length: ", lengthof(p_to_be_signed_tlm_ectl.ctlCommands));
for (var integer v_i := 0; v_i < lengthof(p_to_be_signed_tlm_ectl.ctlCommands); v_i := v_i + 1) {
var CtlCommand v_ectl_command := p_to_be_signed_tlm_ectl.ctlCommands[v_i];
if (ischosen(v_ectl_command.delete)) {
log("f_verify_full_ectl: ctlCommands shall not contains 'delete' variant");
return false;
} else {
if (f_verify_ectl_entry(v_ectl_command.add) == false) {
log("f_verify_full_ectl: ctlCommands contains inavlid entries");
return false;
}
}
} // End of 'for' statements
return true;
}
function f_verify_ctl_entry( function f_verify_ctl_entry(
in CtlEntry p_ctl_entry in CtlEntry p_ctl_entry
) return boolean { ) return boolean {
...@@ -3085,9 +3157,22 @@ module LibItsPki_Functions { ...@@ -3085,9 +3157,22 @@ module LibItsPki_Functions {
if (match(p_ctl_entry.dc, mw_dc_entry) == false) { if (match(p_ctl_entry.dc, mw_dc_entry) == false) {
return false; return false;
} }
} else if (ischosen(p_ctl_entry.tlm)) { } else {
return false;
}
return true;
}
function f_verify_ectl_entry(
in CtlEntry p_ctl_entry
) return boolean {
if (ischosen(p_ctl_entry.tlm)) {
if (match(p_ctl_entry.tlm, mw_tlm_entry(mw_etsiTs103097Certificate)) == false) { if (match(p_ctl_entry.tlm, mw_tlm_entry(mw_etsiTs103097Certificate)) == false) {
return false; return false;
} else {
// TODO Verify selsigned certificate
return false;
} }
} else { } else {
return false; return false;
...@@ -4297,6 +4382,37 @@ module LibItsPki_Functions { ...@@ -4297,6 +4382,37 @@ module LibItsPki_Functions {
} }
} // End of altstep a_default_pki_http_ca } // End of altstep a_default_pki_http_ca
altstep a_default_pki_http_tlm() runs on ItsPkiHttp {
[PICS_MULTIPLE_END_POINT] httpTlmPort.receive(
mw_http_response(
mw_http_response_ko
)) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Unexpected message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[PICS_MULTIPLE_END_POINT] httpTlmPort.receive(mw_http_request) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Request received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpTlmPort.receive(mw_http_response) {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP Response received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[PICS_MULTIPLE_END_POINT] httpTlmPort.receive {
tc_ac.stop;
log("*** a_default: ERROR: Unexpected HTTP message received ***");
f_selfOrClientSyncAndVerdict("error", e_error);
}
[] a_shutdown() {
log("*** a_default: INFO: TEST COMPONENT NOW STOPPING ITSELF! ***");
stop;
}
} // End of altstep a_default_pki_http_tlm
altstep a_await_ec_http_request_from_iut( altstep a_await_ec_http_request_from_iut(
template HttpMessage p_http_message, template HttpMessage p_http_message,
out HttpMessage p_response out HttpMessage p_response
......
ttcn/Pki/LibItsPki_Pics.ttcn
View file @ 63ccaf66
...@@ -20,6 +20,11 @@ module LibItsPki_Pics { ...@@ -20,6 +20,11 @@ module LibItsPki_Pics {
*/ */
modulepar boolean PICS_IUT_CA_ROLE := true; modulepar boolean PICS_IUT_CA_ROLE := true;
/**
* @desc Does the IUT act as TLM device?
*/
modulepar boolean PICS_IUT_TLM_ROLE := true;
/** /**
* @desc Does the IUT support enrolment? * @desc Does the IUT support enrolment?
*/ */
...@@ -110,6 +115,11 @@ module LibItsPki_Pics { ...@@ -110,6 +115,11 @@ module LibItsPki_Pics {
*/ */
modulepar charstring PICS_HEADER_HOST_CA := "www.its.ca.org"; modulepar charstring PICS_HEADER_HOST_CA := "www.its.ca.org";
/**
* @desc End point for the TLM
*/
modulepar charstring PICS_HEADER_HOST_TLM := "www.its.tlm.org";
/** /**
* @desc Certificate used by the Test System * @desc Certificate used by the Test System
*/ */
...@@ -156,6 +166,11 @@ module LibItsPki_Pics { ...@@ -156,6 +166,11 @@ module LibItsPki_Pics {
*/ */
modulepar charstring PICS_HTTP_GET_URI_CRL := "/dc/getcrl"; modulepar charstring PICS_HTTP_GET_URI_CRL := "/dc/getcrl";
/**
* @desc HTTP GET URI for Certificate Trusted List
*/
modulepar charstring PICS_HTTP_GET_URI_ECTL := "/tlm/getectl";
/** /**
* @desc Factory private key for verification Nist P256 * @desc Factory private key for verification Nist P256
*/ */
......
ttcn/Pki/LibItsPki_Templates.ttcn
View file @ 63ccaf66
...@@ -111,12 +111,12 @@ module LibItsPki_Templates { ...@@ -111,12 +111,12 @@ module LibItsPki_Templates {
} }
} // End of template m_etsiTs102941Data_authorization_validation_response } // End of template m_etsiTs102941Data_authorization_validation_response
template (present) EnrolmentRequestMessage mw_enrolmentRequestMessage( template (present) EtsiTs103097Data/*EnrolmentRequestMessage*/mw_enrolmentRequestMessage(
template (present) EncryptedData p_encryptedData := ? template (present) EncryptedData p_encryptedData := ?
) modifies mw_etsiTs103097Data_encrypted := { ) modifies mw_etsiTs103097Data_encrypted := {
} // End of template mw_enrolmentRequestMessage } // End of template mw_enrolmentRequestMessage
template (present) EnrolmentResponseMessage mw_enrolmentResponseMessage( template (present) EtsiTs103097Data/*EnrolmentResponseMessage*/mw_enrolmentResponseMessage(
template (present) EncryptedData p_encryptedData := ? template (present) EncryptedData p_encryptedData := ?
) modifies mw_etsiTs103097Data_encrypted := { ) modifies mw_etsiTs103097Data_encrypted := {
} // End of template mw_enrolmentResponseMessage } // End of template mw_enrolmentResponseMessage
...@@ -131,6 +131,26 @@ module LibItsPki_Templates { ...@@ -131,6 +131,26 @@ module LibItsPki_Templates {
) modifies mw_etsiTs103097Data_encrypted := { ) modifies mw_etsiTs103097Data_encrypted := {
} // End of template mw_authorizationValidationResponseMessage } // End of template mw_authorizationValidationResponseMessage
template (value) EtsiTs103097Data/*AuthorizationRequestMessage*/ m_authorizationRequestMessage(
in template (value) EncryptedData p_encryptedData
) modifies m_etsiTs103097Data_encrypted := {
} // End of template m_authorizationRequestMessage
template (present) EtsiTs103097Data/*AuthorizationRequestMessage*/ mw_authorizationRequestMessage(
template (present) EncryptedData p_encryptedData := ?
) modifies mw_etsiTs103097Data_encrypted := {
} // End of template mw_authorizationRequestMessage
template (value) EtsiTs103097Data/*AuthorizationResponseMessage*/ m_authorizationResponseMessage(
in template (value) EncryptedData p_encryptedData
) modifies m_etsiTs103097Data_encrypted := {
} // End of template m_authorizationResponseMessage
template (present) EtsiTs103097Data/*AuthorizationResponseMessage*/ mw_authorizationResponseMessage(
template (present) EncryptedData p_encryptedData := ?
) modifies mw_etsiTs103097Data_encrypted := {
} // End of template mw_authorizationResponseMessage
template (present) EtsiTs102941Data mw_etsiTs102941Data_to_be_signed_rca_ctl( template (present) EtsiTs102941Data mw_etsiTs102941Data_to_be_signed_rca_ctl(
template (present) ToBeSignedRcaCtl p_to_be_signed_rca_ctl := ? template (present) ToBeSignedRcaCtl p_to_be_signed_rca_ctl := ?
) := { ) := {
...@@ -149,26 +169,6 @@ module LibItsPki_Templates { ...@@ -149,26 +169,6 @@ module LibItsPki_Templates {
} }
} // End of template mw_etsiTs102941Data_to_be_signed_crl } // End of template mw_etsiTs102941Data_to_be_signed_crl
template (value) AuthorizationRequestMessage m_authorizationRequestMessage(
in template (value) EncryptedData p_encryptedData
) modifies m_etsiTs103097Data_encrypted := {
} // End of template m_authorizationRequestMessage
template (present) AuthorizationRequestMessage mw_authorizationRequestMessage(
template (present) EncryptedData p_encryptedData := ?
) modifies mw_etsiTs103097Data_encrypted := {
} // End of template mw_authorizationRequestMessage
template (value) AuthorizationResponseMessage m_authorizationResponseMessage(
in template (value) EncryptedData p_encryptedData
) modifies m_etsiTs103097Data_encrypted := {
} // End of template m_authorizationResponseMessage
template (present) AuthorizationResponseMessage mw_authorizationResponseMessage(
template (present) EncryptedData p_encryptedData := ?
) modifies mw_etsiTs103097Data_encrypted := {
} // End of template mw_authorizationResponseMessage
template (value) EtsiTs102941DataContent m_enrolmentRequest( template (value) EtsiTs102941DataContent m_enrolmentRequest(
in template (value) InnerEcRequestSignedForPop p_enrolmentRequest in template (value) InnerEcRequestSignedForPop p_enrolmentRequest
) := { ) := {
......
ttcn/Pki/LibItsPki_TestSystem.ttcn
View file @ 63ccaf66
...@@ -64,6 +64,7 @@ module LibItsPki_TestSystem { ...@@ -64,6 +64,7 @@ module LibItsPki_TestSystem {
port HttpPort httpAtVPort; /** Authorization Validation end point */ port HttpPort httpAtVPort; /** Authorization Validation end point */
port HttpPort httpAtPort; /** Authorization end point */ port HttpPort httpAtPort; /** Authorization end point */
port HttpPort httpCaPort; /** CA CTL/CRL end point */ port HttpPort httpCaPort; /** CA CTL/CRL end point */
port HttpPort httpTlmPort; /** TLM ECTL end point */
} // End of component ItsPkiHttpSystem } // End of component ItsPkiHttpSystem
/** /**
...@@ -75,6 +76,7 @@ module LibItsPki_TestSystem { ...@@ -75,6 +76,7 @@ module LibItsPki_TestSystem {
port HttpPort httpAtVPort; /** Authorization Validation end point */ port HttpPort httpAtVPort; /** Authorization Validation end point */
port HttpPort httpAtPort; /** Authorization end point */ port HttpPort httpAtPort; /** Authorization end point */
port HttpPort httpCaPort; /** CA CTL/CRL end point */ port HttpPort httpCaPort; /** CA CTL/CRL end point */
port HttpPort httpTlmPort; /** TLM ECTL end point */
var Certificate vc_eaCertificate; /** Test Adapter EA certificate */ var Certificate vc_eaCertificate; /** Test Adapter EA certificate */
var octetstring vc_eaPrivateKey; /** Test Adapter EA private key for signature */ var octetstring vc_eaPrivateKey; /** Test Adapter EA private key for signature */
var octetstring vc_eaPrivateEncKey; /** Test Adapter EA private key for encryption */ var octetstring vc_eaPrivateEncKey; /** Test Adapter EA private key for encryption */
......