From ff84c1626c1bdd2075b6ae797e0546c2b899b379 Mon Sep 17 00:00:00 2001
From: garciay <yann.garcia@fscom.fr>
Date: Mon, 14 Dec 2020 09:08:13 +0100
Subject: [PATCH] Enhance TLS support
---
LibOneM2M/OneM2M_Functions.ttcn | 12 ++++--
LibOneM2M/OneM2M_Pixits.ttcn | 57 ++++++++++++++--------------
LibOneM2M/OneM2M_TypesAndValues.ttcn | 33 +++++++++++++---
3 files changed, 64 insertions(+), 38 deletions(-)
diff --git a/LibOneM2M/OneM2M_Functions.ttcn b/LibOneM2M/OneM2M_Functions.ttcn
index 21ca94d..a3b972f 100644
--- a/LibOneM2M/OneM2M_Functions.ttcn
+++ b/LibOneM2M/OneM2M_Functions.ttcn
@@ -5284,7 +5284,7 @@ module OneM2M_Functions {
log(">>> f_getLocalPoA: ", p_portDesc);
if (ischosen(p_portDesc.binding.httpBindingDesc)) {
- if (ispresent(p_portDesc.binding.httpBindingDesc.bindingDesc.useTls) and (p_portDesc.binding.httpBindingDesc.bindingDesc.useTls == true)) {
+ if (ispresent(p_portDesc.security)) {
v_poa := "https://" & p_portDesc.binding.httpBindingDesc.bindingDesc.tsAddress;
} else {
v_poa := "http://" & p_portDesc.binding.httpBindingDesc.bindingDesc.tsAddress;
@@ -5293,7 +5293,11 @@ module OneM2M_Functions {
v_poa := v_poa & ":" & int2str(p_portDesc.binding.httpBindingDesc.bindingDesc.localPort);
}
} else if (ischosen(p_portDesc.binding.coapBindingDesc)) {
- v_poa := "coap://" & p_portDesc.binding.coapBindingDesc.bindingDesc.tsAddress;
+ if (ispresent(p_portDesc.security)) {
+ v_poa := "coaps://" & p_portDesc.binding.coapBindingDesc.bindingDesc.tsAddress;
+ } else {
+ v_poa := "coap://" & p_portDesc.binding.coapBindingDesc.bindingDesc.tsAddress;
+ }
if (ispresent(p_portDesc.binding.coapBindingDesc.bindingDesc.localPort)) {
v_poa := v_poa & ":" & int2str(p_portDesc.binding.coapBindingDesc.bindingDesc.localPort);
}
@@ -5908,7 +5912,7 @@ module OneM2M_Functions {
p_targetIutAddress := p_sendingPort.binding.wsBindingDesc.bindingDesc.sutAddress & ":" & int2str(p_sendingPort.binding.wsBindingDesc.bindingDesc.remotePort);
}
- if (ischosen(p_receivingPort.binding.httpBindingDesc)) {
+ if (ischosen(p_receivingPort.binding.httpBindingDesc)) {
p_protocolBindingIn := "HTTP";
} else if (ischosen(p_receivingPort.binding.coapBindingDesc)) {
p_protocolBindingIn := "COAP";
@@ -6942,7 +6946,7 @@ module OneM2M_Functions {
in InterfaceIds p_interfaceIds,
in template MsgOut p_msgOut
) runs on Tester {
- log(">>> f_send: ", p_interfaceIds);
+ log(">>> f_send: ", p_interfaceIds, " - ", p_msgOut);
p_msgOut.host := vc_myInterfaces[enum2int(p_interfaceIds)].myHost;
p_msgOut.protocolBinding := vc_myInterfaces[enum2int(p_interfaceIds)].myProtocolBinding;
diff --git a/LibOneM2M/OneM2M_Pixits.ttcn b/LibOneM2M/OneM2M_Pixits.ttcn
index ac4c5be..50bed0e 100644
--- a/LibOneM2M/OneM2M_Pixits.ttcn
+++ b/LibOneM2M/OneM2M_Pixits.ttcn
@@ -173,11 +173,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort := 8080, // SUT CoAP/HTTP port
localPort := 3031, // Test Adapter client port (for debug purpose only)
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
},
mcaPortIn := {
@@ -188,11 +188,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort := omit,
localPort := 3041, // Test Adapter listener port (AeSimu acts as server)
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
}
};
@@ -207,11 +207,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort := 8080, // SUT CoAP/HTTP port
localPort := 3032, // Test Adapter client port (for debug purpose only)
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
},
mcaPortIn := {
@@ -222,11 +222,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort := omit,
localPort := 3042, // Test Adapter listener port (AeSimu acts as server)
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
}
};
@@ -244,11 +244,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort:= 8080,
localPort := 3131,
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
},
mcaPortIn := {
@@ -259,11 +259,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort:= omit,
localPort := 3141,
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
},
mccPort := {
@@ -274,11 +274,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort:= 8080,
localPort := 4131,
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
},
mccPortIn := {
@@ -289,11 +289,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort:= omit,
localPort := 4141,
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
}
};
@@ -311,11 +311,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort:= 8080,
localPort := 3132,
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "json"
},
mcaPortIn := {
@@ -326,11 +326,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort:= 8080,
localPort := 3142,
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "json"
},
mccPort := {
@@ -341,11 +341,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort:= 8080,
localPort := 4132,
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "json"
},
mccPortIn := {
@@ -356,11 +356,12 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort:= 8080,
localPort := 4142,
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
+
}
}
},
+ security := omit,
serialization := "json"
}
};
@@ -377,11 +378,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort := 8080, // SUT CoAP/HTTP port
localPort := 3033, // Test Adapter client port (for debug purpose only)
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
},
mcaPortIn := {
@@ -392,11 +393,11 @@ module OneM2M_Pixits {
tsAddress := "127.0.0.1",
remotePort := omit,
localPort := 3043, // Test Adapter listener port (AeSimu acts as server)
- sutAddress := "127.0.0.1",
- useTls := omit
+ sutAddress := "127.0.0.1"
}
}
},
+ security := omit,
serialization := "xml"
}
};
diff --git a/LibOneM2M/OneM2M_TypesAndValues.ttcn b/LibOneM2M/OneM2M_TypesAndValues.ttcn
index 32d16ba..d79fa76 100644
--- a/LibOneM2M/OneM2M_TypesAndValues.ttcn
+++ b/LibOneM2M/OneM2M_TypesAndValues.ttcn
@@ -4325,15 +4325,12 @@ group OtherTypes {
* The local client port. In this case, the value 'omit' is interpreted as random port number by the Test Adapter
* @member sutAddress SUT IP address, optional.
* If omitted, the SUT IP address defined in SutDesc data structure will be used by the Test Adapter
- * @member useTls Set to true if HTTPS shall be used, optional.
- * If omitted, regular HTTP is used
*/
type record BindingDesc {
charstring tsAddress,
integer remotePort optional,
integer localPort optional,
- charstring sutAddress,
- boolean useTls optional
+ charstring sutAddress
}
/**
@@ -4362,8 +4359,8 @@ group OtherTypes {
type record MqttBindingDesc {
ProtocolBindings bindingProtocol (e_mqtt),
BindingDesc bindingDesc,
- XSD.ID originator,
- XSD.ID receiver
+ XSD.ID originator,
+ XSD.ID receiver
}
/**
@@ -4389,8 +4386,32 @@ group OtherTypes {
*/
type record PortDesc {
BindingProtocolsSelect binding,
+ TransportSecurity security optional,
SerializationRepresentations serialization
}
+
+ /**
+ * @desc Transport Layer security description
+ * Apply for both TSL and DTLS
+ * @member rootCert Test System root ca or internmediate root CA
+ * @member trustedCerts IUT cerver certificate, including IUT root ca or internmediate root CA
+ * @member serverSign Signature Test System certificate for the server side
+ * @member serverEnc Encryption Test System certificate for the server side
+ * @member clientSign Signature Test System certificate for the client side
+ * @member clientEnc Encryption Test System certificate for the client side
+ * @member psk_identity TLS-PSK identity
+ * @member psk_key TLS-PSK shared secret
+ */
+ type record TransportSecurity {
+ charstring rootCert,
+ charstring trustedCerts,
+ charstring serverSign,
+ charstring serverEnc,
+ charstring clientSign,
+ charstring clientEnc,
+ octetstring psk_identity optional,
+ octetstring psk_key optional
+ }
/**
* @desc UpperTester component settings
--
GitLab