From 9c5ac04bb47db79d6dc69e4d06924150cffe447d Mon Sep 17 00:00:00 2001
From: Enrique Sabatel Ruiz <enrique.sabatel@dekra.com>
Date: Tue, 26 Nov 2019 14:18:27 +0100
Subject: [PATCH] Added PICS/PIXIT and functions for Security Test Cases
---
LibOneM2M/OneM2M_Functions.ttcn | 61 ++++++++++++++++++++++++----
LibOneM2M/OneM2M_Pics.ttcn | 6 +++
LibOneM2M/OneM2M_Pixits.ttcn | 12 +++++-
LibOneM2M/OneM2M_TypesAndValues.ttcn | 25 ++++++++++++
OneM2M_Testcases_AE_Release_3.ttcn | 38 ++++++++++-------
OneM2M_Testcases_CSE_Release_3.ttcn | 42 +++++++++++--------
6 files changed, 143 insertions(+), 41 deletions(-)
diff --git a/LibOneM2M/OneM2M_Functions.ttcn b/LibOneM2M/OneM2M_Functions.ttcn
index 766b28e..414b630 100644
--- a/LibOneM2M/OneM2M_Functions.ttcn
+++ b/LibOneM2M/OneM2M_Functions.ttcn
@@ -6083,6 +6083,53 @@ module OneM2M_Functions {
}//end group CheckingFunctions
+ group SecurityFunctions {
+
+ /**
+ * @desc Establishes a pairwiseESPrimKey between Receiver and Originator
+ */
+ function f_establish_pairwiseESPrimKey() return octetstring {
+
+ select (PX_PAIRWISEKEY_METHOD) {
+ case (e_establish)
+ {
+ return f_establish();
+ }
+ case else
+ {
+ return ''O;
+ }
+ }
+ }
+
+
+ function f_establish() return octetstring {
+
+ select (PX_KEY_PROVISION) {
+ case (e_preProvisioning)
+ {
+ return PICS_PAIRWISEESPRIMKEY;
+ }
+ case (e_ESCertKE)
+ {
+ return f_esCertKE();
+ }
+ case else
+ {
+ return ''O;
+ }
+ }
+ }
+
+ function f_esCertKE() return octetstring
+ {
+ return ''O;
+ }
+
+
+
+ }//end group SecurityFunctions
+
group CommonFunctions {
group AltstepFunctions {
@@ -6509,12 +6556,6 @@ module OneM2M_Functions {
* Format shall be YYYYMMDDTHHMMSS
*/
external function fx_generateTimestamp() return charstring;
-
-
- /**
- * @desc Establishes a pairwiseESPrimKey between Receiver and Originator
- */
- external function fx_establish_pairwiseESPrimKey() return charstring;
/**
* @desc Generates a ESPrimObject (E2eCompactJWE) containing an inner request primitive
@@ -6539,12 +6580,16 @@ module OneM2M_Functions {
/**
* @desc Provides private key and certificates to ESCertKE endpoints
*/
- external function fx_certificateProvision();
+ external function fx_certificateProvision(charstring certificatePath, charstring certificateName);
/**
* @desc Configures Terminating End-Point and Initiating End-Point
*/
- external function fx_initEndPointsConfiguration();
+ type enumerated endpointRole {
+ e_ini,
+ e_end
+ };
+ external function fx_initEndPointsConfiguration(endpointRole p_role);
/**
* @desc Generates base64 representation of ESCertKE messages
diff --git a/LibOneM2M/OneM2M_Pics.ttcn b/LibOneM2M/OneM2M_Pics.ttcn
index d894285..ddde51f 100644
--- a/LibOneM2M/OneM2M_Pics.ttcn
+++ b/LibOneM2M/OneM2M_Pics.ttcn
@@ -191,4 +191,10 @@ module OneM2M_Pics {
}
}
+ group SecurityAttributes {
+
+ modulepar octetstring PICS_PAIRWISEESPRIMKEY := ''O;
+
+ } //end group SecurityAttributes
+
} // end of module
diff --git a/LibOneM2M/OneM2M_Pixits.ttcn b/LibOneM2M/OneM2M_Pixits.ttcn
index e2dc748..8af29e1 100644
--- a/LibOneM2M/OneM2M_Pixits.ttcn
+++ b/LibOneM2M/OneM2M_Pixits.ttcn
@@ -383,8 +383,18 @@ module OneM2M_Pixits {
/**
* @desc To enable run postamble (for debugging)
*/
- modulepar boolean PX_RUN_POSTAMBLE := true;
+ modulepar boolean PX_RUN_POSTAMBLE := true;
+
+ group SecurityParameters {
+
+ modulepar charstring PX_CERTIFICATE_PATH := "" ;
+ modulepar charstring PX_CERTIFICATE_NAME := "" ;
+ modulepar PairwiseKeyMethod PX_PAIRWISEKEY_METHOD := e_establish;
+ modulepar Provisioned PX_KEY_PROVISION := e_preProvisioning;
+ }
}
+
+
//constant parameters for LOC
modulepar LocationTargetID PX_LOCATION_TARGET_ID := {alt_ := "{LOCATION-TARGET-ID}"}; //SUPPOSE TO BE RECEIVED FROM LOCATION SERVER
diff --git a/LibOneM2M/OneM2M_TypesAndValues.ttcn b/LibOneM2M/OneM2M_TypesAndValues.ttcn
index ba3f641..6e0f752 100644
--- a/LibOneM2M/OneM2M_TypesAndValues.ttcn
+++ b/LibOneM2M/OneM2M_TypesAndValues.ttcn
@@ -200,6 +200,31 @@ module OneM2M_TypesAndValues {
};
type record of AttributeAux AttributeAux_list;
+
+ group ESPrimConfiguration {
+
+ /**
+ *
+ * @desc 8.4.2 Step E
+ */
+ type enumerated PairwiseKeyMethod {
+ e_establish,
+ e_MAFFramework,
+ e_supportIndication
+ };
+
+ /**
+ *
+ * @desc 8.4.2 Step E-A
+ */
+ type enumerated Provisioned {
+ e_preProvisioning,
+ e_RSPF,
+ e_ESCertKE
+ };
+
+ }// end group ESPrimConfiguration
+
/* **********************************
* oneM2M Resource primitives
diff --git a/OneM2M_Testcases_AE_Release_3.ttcn b/OneM2M_Testcases_AE_Release_3.ttcn
index 2cf21e8..56c2d7a 100644
--- a/OneM2M_Testcases_AE_Release_3.ttcn
+++ b/OneM2M_Testcases_AE_Release_3.ttcn
@@ -1154,6 +1154,7 @@ module OneM2M_Testcases_AE_Release_3 {
var integer v_receiverRemoteCseIndex := -1;
var template PrimitiveContent v_receiverRemoteCSE;
var charstring v_poa;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -1167,7 +1168,7 @@ module OneM2M_Testcases_AE_Release_3 {
// Test adapter configuration
// Preamble
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
//Creating resource in Hosting CSE
var E2eSecInfo v_myE2eSecInfo := {{int11},omit,omit}; //sharedReceiverESPrimRandObject not present
@@ -1237,6 +1238,7 @@ module OneM2M_Testcases_AE_Release_3 {
var template PrimitiveContent v_receiverRemoteCSE;
var integer v_receiverRemoteCseIndex := -1;
var charstring v_poa;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -1252,7 +1254,7 @@ module OneM2M_Testcases_AE_Release_3 {
// Preamble
vc_cse2.start(f_cse_registerRemoteCse(m_createRemoteCSEBase));
vc_cse2.done;
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
//Creating resource in Hosting CSE
var AbsRelTimestamp myAbsRelTimestamp;
@@ -1321,6 +1323,7 @@ module OneM2M_Testcases_AE_Release_3 {
var MsgIn v_response;
var XSD.ID v_targetResourceAddress;
var template RequestPrimitive v_notifyRequest;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -1335,7 +1338,7 @@ module OneM2M_Testcases_AE_Release_3 {
// Preamble
vc_remoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase);
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
v_notifyRequest := valueof(m_notify(f_getResourceAddress()));
v_notifyRequest.primitiveContent.securityInfo.securityInfoType := int5;
@@ -1404,6 +1407,7 @@ module OneM2M_Testcases_AE_Release_3 {
var template RequestPrimitive v_notifyRequest;
var PrimitiveContent v_receiverrRemoteCseResource;
var charstring v_poa;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -1417,7 +1421,7 @@ module OneM2M_Testcases_AE_Release_3 {
// Test adapter configuration
// Preamble
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
//Creating resource in Hosting CSE
var AbsRelTimestamp myAbsRelTimestamp;
@@ -1499,6 +1503,7 @@ module OneM2M_Testcases_AE_Release_3 {
var template RequestPrimitive v_notifyRequest;
var PrimitiveContent v_receiverRemoteCseResource;
var charstring v_poa;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -1512,7 +1517,7 @@ module OneM2M_Testcases_AE_Release_3 {
// Test adapter configuration
// Preamble
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
//Creating resource in Hosting CSE
var E2eSecInfo v_myE2eSecInfo := {{int11},omit,omit}; //sharedReceiverESPrimRandObject not present
@@ -1586,6 +1591,7 @@ module OneM2M_Testcases_AE_Release_3 {
var template RequestPrimitive v_notifyRequest;
var PrimitiveContent v_receiverRemoteCseResource;
var charstring v_poa;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -1599,7 +1605,7 @@ module OneM2M_Testcases_AE_Release_3 {
// Test adapter configuration
// Preamble
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
//Creating resource in Hosting CSE
var AbsRelTimestamp myAbsRelTimestamp;
@@ -1680,6 +1686,7 @@ module OneM2M_Testcases_AE_Release_3 {
var integer v_aeIndex := -1;
var XSD.ID v_targetResourceAddress;
var template RequestPrimitive v_notifyRequest;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESC_SUPPORT)) {
@@ -1693,8 +1700,8 @@ module OneM2M_Testcases_AE_Release_3 {
// Test adapter configuration
// Preamble
- fx_certificateProvision();
- fx_initEndPointsConfiguration();
+ fx_certificateProvision(PX_CERTIFICATE_PATH, PX_CERTIFICATE_NAME);
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
vc_remoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase);
v_notifyRequest := valueof(m_notify(f_getResourceAddress()));
@@ -1757,6 +1764,7 @@ module OneM2M_Testcases_AE_Release_3 {
var XSD.ID v_targetResourceAddress;
var RequestPrimitive v_notifyRequest;
var template ResponsePrimitive v_notifyResponse;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESC_SUPPORT)) {
@@ -1770,8 +1778,8 @@ module OneM2M_Testcases_AE_Release_3 {
// Test adapter configuration
// Preamble
- fx_certificateProvision();
- fx_initEndPointsConfiguration();
+ fx_certificateProvision(PX_CERTIFICATE_PATH, PX_CERTIFICATE_NAME);
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
vc_remoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase);
var SecurityInfo secInfo;
@@ -1836,6 +1844,7 @@ module OneM2M_Testcases_AE_Release_3 {
var template RequestPrimitive v_notifyRequest1, v_notifyRequest2;
var ResponsePrimitive v_notifyResponse1, v_notifyResponse2;
var XSD.Base64Binary incomingMessage;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESC_SUPPORT)) {
@@ -1849,8 +1858,8 @@ module OneM2M_Testcases_AE_Release_3 {
// Test adapter configuration
// Preamble
- fx_certificateProvision();
- fx_initEndPointsConfiguration();
+ fx_certificateProvision(PX_CERTIFICATE_PATH, PX_CERTIFICATE_NAME);
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
vc_remoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase);
@@ -1948,6 +1957,7 @@ module OneM2M_Testcases_AE_Release_3 {
var RequestPrimitive v_notifyRequest2;
var template ResponsePrimitive v_notifyResponse2;
var XSD.Base64Binary incomingMessage;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESC_SUPPORT)) {
@@ -1961,8 +1971,8 @@ module OneM2M_Testcases_AE_Release_3 {
// Test adapter configuration
// Preamble
- fx_certificateProvision();
- fx_initEndPointsConfiguration();
+ fx_certificateProvision(PX_CERTIFICATE_PATH, PX_CERTIFICATE_NAME);
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
vc_remoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase);
var SecurityInfo secInfo;
diff --git a/OneM2M_Testcases_CSE_Release_3.ttcn b/OneM2M_Testcases_CSE_Release_3.ttcn
index f24f523..3506954 100644
--- a/OneM2M_Testcases_CSE_Release_3.ttcn
+++ b/OneM2M_Testcases_CSE_Release_3.ttcn
@@ -7728,6 +7728,7 @@ module OneM2M_Testcases_CSE_Release_3 {
var MsgIn v_response;
var integer v_aeIndex := -1;
var XSD.ID v_targetResourceAddress;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -7742,7 +7743,7 @@ module OneM2M_Testcases_CSE_Release_3 {
// Preamble
v_aeIndex := f_cse_preamble_registerAe();
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
// Test Body
var RequestPrimitive v_notifyRequest := valueof(m_notify(f_getResourceAddress())); //Outer primitive
@@ -7799,6 +7800,7 @@ module OneM2M_Testcases_CSE_Release_3 {
// Local variables
var integer v_aeIndex := -1;
var XSD.ID v_targetResourceAddress;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -7813,7 +7815,7 @@ module OneM2M_Testcases_CSE_Release_3 {
// Preamble
v_aeIndex := f_cse_preamble_registerAe();
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
// Test Body
var RequestPrimitive v_retrieveRequest := valueof(m_retrieve(f_getResourceAddress(),f_getOriginator())); //Inner primitive
@@ -7886,6 +7888,7 @@ module OneM2M_Testcases_CSE_Release_3 {
var MsgIn v_response;
var integer v_aeIndex := -1;
var XSD.ID v_targetResourceAddress;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -7900,7 +7903,7 @@ module OneM2M_Testcases_CSE_Release_3 {
// Preamble
v_aeIndex := f_cse_preamble_registerAe();
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
// Test Body
var RequestPrimitive v_retrieveRequest := valueof(m_retrieve(f_getResourceAddress(),f_getOriginator())); //Inner primitive
@@ -7962,6 +7965,7 @@ module OneM2M_Testcases_CSE_Release_3 {
var template RequestPrimitive v_notifyRequest;
var PrimitiveContent v_receiverRemoteCseResource;
var charstring v_poa;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -7976,7 +7980,7 @@ module OneM2M_Testcases_CSE_Release_3 {
// Preamble
vc_remoteCseIndex := f_cse_registrationRemoteCse(mw_createRemoteCSE);
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
//Creating Receiver remoteCSE resource in Hosting CSE (CSE1)
var AbsRelTimestamp myAbsRelTimestamp;
@@ -8055,6 +8059,7 @@ module OneM2M_Testcases_CSE_Release_3 {
var PrimitiveContent v_receiverRemoteCseResource;
var integer v_receiverRemoteCseIndex;
var charstring v_poa;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -8069,7 +8074,7 @@ module OneM2M_Testcases_CSE_Release_3 {
// Preamble
vc_remoteCseIndex := f_cse_registrationRemoteCse(mw_createRemoteCSE);
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
//Creating resource in Hosting CSE
var E2eSecInfo v_myE2eSecInfo := {{int11},omit,omit}; //sharedReceiverESPrimRandObject not present
@@ -8142,6 +8147,7 @@ module OneM2M_Testcases_CSE_Release_3 {
var charstring v_poa;
var PrimitiveContent v_receiverRemoteCseResource;
var integer v_receiverRemoteCseIndex;
+ var octetstring v_pairwiseESPrimKey;
// Test control
if(not(PICS_ESP_SUPPORT)) {
@@ -8156,7 +8162,7 @@ module OneM2M_Testcases_CSE_Release_3 {
// Preamble
vc_remoteCseIndex := f_cse_registrationRemoteCse(mw_createRemoteCSE);
- fx_establish_pairwiseESPrimKey();
+ v_pairwiseESPrimKey := f_establish_pairwiseESPrimKey();
//Creating resource in Hosting CSE
var AbsRelTimestamp myAbsRelTimestamp;
@@ -8878,7 +8884,7 @@ module OneM2M_Testcases_CSE_Release_3 {
v_TRRemoteCseIndex := f_getLatestResourceIndex(vc_cse2);
v_RRRemoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase); //Role Respository
- v_roleResourceID := fx_assign_originatorRole(); //Creates a <role> resource in Role Repository
+ v_roleResourceID := fx_assign_originatorRole(); //Creates a role resource in Role Repository
vc_cse2.start(f_cse_createResourceHandler(v_requestPrimitive));
v_tokenResourceIndex := f_getLatestResourceIndex(vc_cse2);
@@ -8915,9 +8921,9 @@ module OneM2M_Testcases_CSE_Release_3 {
}//end group Update
group Notify {
-
-
- }//end group Update
+
+
+ }//end group Notify
}//end group Roles
@@ -8956,8 +8962,8 @@ module OneM2M_Testcases_CSE_Release_3 {
// Test adapter configuration
// Preamble
- fx_certificateProvision();
- fx_initEndPointsConfiguration();
+ fx_certificateProvision(PX_CERTIFICATE_PATH, PX_CERTIFICATE_NAME);
+ fx_initEndPointsConfiguration(e_end);
vc_remoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase);
v_notifyRequest := valueof(m_notify(f_getResourceAddress()));
@@ -9033,8 +9039,8 @@ module OneM2M_Testcases_CSE_Release_3 {
// Test adapter configuration
// Preamble
- fx_certificateProvision();
- fx_initEndPointsConfiguration();
+ fx_certificateProvision(PX_CERTIFICATE_PATH, PX_CERTIFICATE_NAME);
+ fx_initEndPointsConfiguration(e_ini);
vc_remoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase);
var SecurityInfo secInfo;
@@ -9112,8 +9118,8 @@ module OneM2M_Testcases_CSE_Release_3 {
// Test adapter configuration
// Preamble
- fx_certificateProvision();
- fx_initEndPointsConfiguration();
+ fx_certificateProvision(PX_CERTIFICATE_PATH, PX_CERTIFICATE_NAME);
+ fx_initEndPointsConfiguration(e_end);
vc_remoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase);
@@ -9223,8 +9229,8 @@ module OneM2M_Testcases_CSE_Release_3 {
// Test adapter configuration
// Preamble
- fx_certificateProvision();
- fx_initEndPointsConfiguration();
+ fx_certificateProvision(PX_CERTIFICATE_PATH, PX_CERTIFICATE_NAME);
+ fx_initEndPointsConfiguration(e_ini);
vc_remoteCseIndex := f_cse_registerRemoteCse(m_createRemoteCSEBase);
var SecurityInfo secInfo;
--
GitLab