Add TLS support

31b3b032 · Yann Garcia · b036be1e · 31b3b032 · 31b3b032 · 31b3b032
Commit 31b3b032 authored 4 years ago by Yann Garcia
--- a/LibOneM2M/OneM2M_Pixits.ttcn
+++ b/LibOneM2M/OneM2M_Pixits.ttcn
@@ -166,7 +166,8 @@ module OneM2M_Pixits {
 									tsAddress  := "127.0.0.1",
 									remotePort := 8080,														// SUT CoAP/HTTP port
 									localPort  := 3031,														// Test Adapter client port (for debug purpose only)
-									sutAddress := "127.0.0.1"
+									sutAddress := "127.0.0.1",
+									useTls     := omit
 								}
 						}
 					},
@@ -180,7 +181,8 @@ module OneM2M_Pixits {
 								tsAddress  := "127.0.0.1",
 								remotePort := omit,
 								localPort  := 3041,															// Test Adapter listener port (AeSimu acts as server)
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -198,7 +200,8 @@ module OneM2M_Pixits {
 									tsAddress  := "127.0.0.1",
 									remotePort := 8080,														// SUT CoAP/HTTP port
 									localPort  := 3032,														// Test Adapter client port (for debug purpose only)
-									sutAddress := "127.0.0.1"
+									sutAddress := "127.0.0.1",
+									useTls     := omit
 								}
 						}
 					},
@@ -212,7 +215,8 @@ module OneM2M_Pixits {
 								tsAddress  := "127.0.0.1",
 								remotePort := omit,
 								localPort  := 3042,														// Test Adapter listener port (AeSimu acts as server)
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -233,7 +237,8 @@ module OneM2M_Pixits {
 								tsAddress := "127.0.0.1",
 								remotePort:= 8080,
 								localPort := 3131,
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -247,7 +252,8 @@ module OneM2M_Pixits {
 								tsAddress := "127.0.0.1",
 								remotePort:= omit,
 								localPort  := 3141,
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -261,7 +267,8 @@ module OneM2M_Pixits {
 								tsAddress := "127.0.0.1",
 								remotePort:= 8080,
 								localPort := 4131,
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -275,7 +282,8 @@ module OneM2M_Pixits {
 								tsAddress := "127.0.0.1",
 								remotePort:= omit,
 								localPort  := 4141,
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -296,7 +304,8 @@ module OneM2M_Pixits {
 								tsAddress := "127.0.0.1",
 								remotePort:= 8080,
 								localPort := 3132,
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -310,7 +319,8 @@ module OneM2M_Pixits {
 								tsAddress := "127.0.0.1",
 								remotePort:= 8080,
 								localPort  := 3142,
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -324,7 +334,8 @@ module OneM2M_Pixits {
 								tsAddress := "127.0.0.1",
 								remotePort:= 8080,
 								localPort := 4132,
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -338,7 +349,8 @@ module OneM2M_Pixits {
 								tsAddress := "127.0.0.1",
 								remotePort:= 8080,
 								localPort  := 4142,
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},
@@ -358,7 +370,8 @@ module OneM2M_Pixits {
 									tsAddress  := "127.0.0.1",
 									remotePort := 8080,														// SUT CoAP/HTTP port
 									localPort  := 3033,														// Test Adapter client port (for debug purpose only)
-									sutAddress := "127.0.0.1"
+									sutAddress := "127.0.0.1",
+									useTls     := omit
 								}
 						}
 					},
@@ -372,7 +385,8 @@ module OneM2M_Pixits {
 								tsAddress  := "127.0.0.1",
 								remotePort := omit,
 								localPort  := 3043,															// Test Adapter listener port (AeSimu acts as server)
-								sutAddress := "127.0.0.1"
+								sutAddress := "127.0.0.1",
+								useTls     := omit
 							}
 						}
 					},

--- a/LibOneM2M/OneM2M_TypesAndValues.ttcn
+++ b/LibOneM2M/OneM2M_TypesAndValues.ttcn
@@ -4325,12 +4325,15 @@ group OtherTypes {
 	 *                    The local client port. In this case, the value 'omit' is interpreted as random port number by the Test Adapter
 	 * @member sutAddress SUT IP address, optional.
 	 *                    If omitted, the SUT IP address defined in SutDesc data structure will be used by the Test Adapter
+	 * @member useTls     Set to true if HTTPS shall be used, optional.
+	 *                    If omitted, regular HTTP is used
 	 */
 	type record BindingDesc {
 		charstring       tsAddress,
 		integer          remotePort optional,
 		integer          localPort optional,
-		charstring       sutAddress
+		charstring       sutAddress,
+		boolean          useTls optional
 	}
 	/**

--- a/OneM2M_Testcases_CSE_Release_4.ttcn
+++ b/OneM2M_Testcases_CSE_Release_4.ttcn
@@ -1084,6 +1084,7 @@ module OneM2M_Testcases_CSE_Release_4 {
 										var XSD.ID v_ae1ResourceId;
 										var template RequestPrimitive v_groupRequest := m_createGroup(1, -, omit, int2, -, -, -);
 										var template RequestPrimitive v_createRequest := valueof(m_createAcpBase);
+										var integer v_state := 0; // Sequencing of received message
 										// Test control
 										if(not(PICS_ACP_SUPPORT)) {
@@ -1114,15 +1115,16 @@ module OneM2M_Testcases_CSE_Release_4 {
 										v_groupIndex := f_cse_createResource(int3, v_groupRequest, v_aeIndex); 
-										v_createRequest := m_createAcp(-, {f_getResourceId(vc_resourcesList[v_groupIndex].resource)} , -);
+										v_createRequest := m_createDynamicAuthorizationConsultationBase(omit, true); //dynamicAuthorizationEnable set to TRUE
+										v_createRequest.primitiveContent.dynamicAuthorizationConsultation.dynamicAuthorizationPoA := {f_getResourceAddress(v_aeIndex)};
 										// Test Body
-										v_createRequest := f_getCreateRequestPrimitive(int1, v_createRequest, v_aeIndex);
+										v_createRequest := f_getCreateRequestPrimitive(int34, v_createRequest, v_aeIndex); // dynamicAuthorizationConsultation, TS-0004 Table 6.3.4.2.1 1: Interpretation of resourceType
 										f_send(e_mcaPort, m_request(valueof(v_createRequest)));
 										tc_ac.start;
 										alt {
-											[] mcaPort.receive(mw_response(mw_responsePrimitive(int2001))) -> value vc_response {
+											[v_state == 0] mcaPort.receive(mw_response(mw_responsePrimitiveOK)) -> value vc_response {
 												tc_ac.stop;
 												//Check mandatory fields
 												if (ischosen(vc_response.primitive.responsePrimitive.primitiveContent.securityInfo)) {
@@ -1136,13 +1138,27 @@ module OneM2M_Testcases_CSE_Release_4 {
 														setverdict(fail, __SCOPE__ & ": authorSignReqInfo element is not set to 'true' (Steps 6-8 not applied)");
 													}
 													if (
-														ispresent(vc_response.primitive.responsePrimitive.primitiveContent.securityInfo.dasResponse) and 
+														ispresent(vc_response.primitive.responsePrimitive.primitiveContent.securityInfo.dynAuthRelMapResponse) and 
 														(
 															ispresent(vc_response.primitive.responsePrimitive.primitiveContent.securityInfo.dynAuthRelMapResponse.tokens) or
 															ispresent(vc_response.primitive.responsePrimitive.primitiveContent.securityInfo.dynAuthRelMapResponse.tokenIDs)
 														)
 													) {
+														var SignatureList v_authorSigns;
+														var template RequestPrimitive v_notifyRequest := m_notifyNotification(f_getResourceAddress(v_aeIndex));
 														setverdict(pass, __SCOPE__ & ": Tokens/TokenIDs were created");
+														v_state := v_state + 1;
+														// TODO Process signature of MIC???
+														// TODO Send Notify to the IUT (step 6.1 & 6.2)
+														//fx_generateAuthorSignForTokens(vc_response.primitive.responsePrimitive, v_authorSigns);
+														v_notifyRequest.authorSigns := v_authorSigns;
+														v_notifyRequest.tokens := vc_response.primitive.responsePrimitive.primitiveContent.securityInfo.dynAuthRelMapResponse.tokens;
+														v_notifyRequest.tokenIDs := vc_response.primitive.responsePrimitive.primitiveContent.securityInfo.dynAuthRelMapResponse.tokenIDs;
+														v_notifyRequest.authorSignIndicator := true;
+														f_send(e_mcaPort, m_request(valueof(v_notifyRequest)));
+														tc_ac.start;
+														repeat;
 													} else {
 														setverdict(fail, __SCOPE__ & ": Direct Dynamic Authorization failure");
 													}
@@ -1150,6 +1166,10 @@ module OneM2M_Testcases_CSE_Release_4 {
 													setverdict(fail, __SCOPE__ & ": Direct Dynamic Authorization failure");
 												}
 											}
+											[v_state == 1] mcaPort.receive(mw_response(mw_responseNotify(int2000))) -> value vc_response {
+												tc_ac.stop;
+												setverdict(pass, __SCOPE__ & ": Step 6-8 were applied");
+											}
 											[] mcaPort.receive(mw_response) -> value vc_response {
 												tc_ac.stop;
 												setverdict(fail, __SCOPE__ & ": Wrong response status code");
@@ -1167,12 +1187,50 @@ module OneM2M_Testcases_CSE_Release_4 {
 									}//end TC_CSE_SEC_DDA_CRE_002
+									/**
+									 * @desc	Check that the IUT processes properly Direct Dynamic Authorization with no DynamicAuthorizationConsultation attribute (Steps 6-8 not applied)
+									 */
+									testcase TC_CSE_SEC_DDA_CRE_003() runs on Tester system CseSystem {
+										var AeSimu v_ae1 := AeSimu.create("AE1") alive;
+										v_ae1.start(f_CSE_SEC_DDA_CRE_003());
+										v_ae1.done;
+									}
+									function f_CSE_SEC_DDA_CRE_003() runs on AeSimu system CseSystem {
+										// TODO
+									}//end TC_CSE_SEC_DDA_CRE_003
 								}// end of group Create
 							}//end group DirectDynamic_Authorization
 							group Indirect_Dynamic_Authorization {
+								group Create {
+									/**
+									 * @desc	Check that the IUT processes properly basic Indirect Dynamic Authorization (Only mandatories steps applied)
+									 */
+									testcase TC_CSE_SEC_DDA_CRE_004() runs on Tester system CseSystem {
+										var AeSimu v_ae1 := AeSimu.create("AE1") alive;
+										v_ae1.start(f_CSE_SEC_DDA_CRE_004());
+										v_ae1.done;
+									}
+									function f_CSE_SEC_DDA_CRE_004() runs on AeSimu system CseSystem {
+										// TODO
+									}//end TC_CSE_SEC_DDA_CRE_004
+								}// end of group Create
 							}//end group IndirectDynamic_Authorization
 					}//end group Dynamic_Authorization