dexter has uploaded this change for review. (
https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/41250?usp=email )
Change subject: ES2Plus_Tests: cleanup/add module parameters
......................................................................
ES2Plus_Tests: cleanup/add module parameters
The ES2Plus_Tests only have minimal configuration options. Let's remove
hardcoded options and replace them with module parameters. Let's also
document the module parameters.
Change-Id: Ib8e128e4af8e819799c4d7ea3e6a36189462f382
Related: SYS#7339
---
M smdpp/ES2Plus_Tests.ttcn
1 file changed, 41 insertions(+), 17 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-ttcn3-hacks
refs/changes/50/41250/1
diff --git a/smdpp/ES2Plus_Tests.ttcn b/smdpp/ES2Plus_Tests.ttcn
index c6e84cd..8d35670 100644
--- a/smdpp/ES2Plus_Tests.ttcn
+++ b/smdpp/ES2Plus_Tests.ttcn
@@ -30,22 +30,46 @@
const charstring c_eid1 := "89049032123451234512345678901235";
const charstring c_eid2 := "89049032123451234512345678901236";
-// Client certificate paths
-const charstring c_cert_path := "./test_certs/CERT_MNO_ECDSA_NIST.pem";
-const charstring c_key_path := "./test_certs/SK_MNO_ECDSA_NIST.pem";
-
-// Wrong certificate for testing
+// Wrong certificate for testing (randomly picked from the sgp26 directory)
const charstring c_wrong_cert_path :=
"./sgp26/eUICC/CERT_EUICC_ECDSA_NIST.der";
const charstring c_wrong_key_path := "./sgp26/eUICC/SK_EUICC_ECDSA_NIST.pem";
+// The external function ext_RSPClient_create requires a path and a name
filter as input to load test certificates.
+// While those certfiicates are required for the ES9+ interface related tests
(smdpp_Tests.ttcn), for the ES2+
+// interface tests those certificates have no relevance.
+const charstring c_es2plus_cert_path := "./sgp26/";
+const charstring c_es2plus_cert_name_filter := "NIST";
+
// Module parameters
modulepar {
+ //The server host name must match the host name in the SSL certificate of
the server. To bind the
+
+ // The SMDP server host name (FQDN) must match the host name of the SSL
certificate of the server. To resolve the
+ // server host name to an IP address, an entry in /etc/hosts is
sufficient. It should also be pointed out that this
+ // testsuite (libcurl) will also verify the presented server certificate
against the related CA. To ensure that
+ // the server certificate verification is possible, ensure that the
related CA certificates are made available in
+ // /etc/ssl/certs
charstring mp_es2plus_server_host := "testsmdpplus1.example.com";
- integer mp_es9_server_port := 8000;
- integer mp_es2plus_server_port := 8000; // NIST tests use port 8000
+
+ // Sets the server port of the ES2+ server (SM-DP+).
+ integer mp_es2plus_server_port := 8000;
+
+ // Sets the client certificate to be used to authenticate towards the ES2+
server (SM-DP+)
+ charstring mp_es2plus_client_cert_path :=
"./test_certs/CERT_MNO_ECDSA_NIST.pem";
+
+ // Sets the private key to be used to authenticate towards the ES2+ server
(SM-DP+)
+ charstring mp_es2plus_client_key_path :=
"./test_certs/SK_MNO_ECDSA_NIST.pem";
+
+ // Sets the operator ID to be used on the ES2+ interface. (this parameter
has no relation to SSL/TLS)
charstring mp_operator_id := "test.operator.com";
- charstring mp_nist_rsp_cert_path := "./sgp26/";
+
+ // ES2+ normally uses SSL with client authentication, however for debug
purposes it is possible to disable
+ // SSL entirely.
boolean mp_use_ssl := true; // SSL with mutual TLS authentication enabled
+
+ // ES2+ normally uses SSL with client authentication, however for debug
purposes it is possible to disable
+ // mutual authentication.
+ boolean mp_use_mutual_tls := true;
}
// Test component - extend smdpp_ConnHdlr to reuse RSPClient functionality
@@ -175,8 +199,8 @@
g_rsp_client_handle := smdpp_Tests.ext_RSPClient_create(
mp_es2plus_server_host,
mp_es2plus_server_port,
- mp_nist_rsp_cert_path,
- "NIST"
+ c_es2plus_cert_path,
+ c_es2plus_cert_name_filter
);
if (g_rsp_client_handle < 0) {
@@ -187,9 +211,9 @@
// Set authentication parameters once for all ES2+ operations
var integer result := smdpp_Tests.ext_RSPClient_setAuthParams(
g_rsp_client_handle,
- true, // useMutualTLS
- c_cert_path,
- c_key_path
+ mp_use_mutual_tls,
+ mp_es2plus_client_cert_path,
+ mp_es2plus_client_key_path
);
if (result != 0) {
@@ -961,7 +985,7 @@
// Temporarily set wrong authentication parameters
var integer result := smdpp_Tests.ext_RSPClient_setAuthParams(
g_rsp_client_handle,
- true, // useMutualTLS
+ mp_use_mutual_tls,
c_wrong_cert_path, // Using wrong certificate
c_wrong_key_path // Using wrong key
);
@@ -994,9 +1018,9 @@
// Restore correct auth params for cleanup
smdpp_Tests.ext_RSPClient_setAuthParams(
g_rsp_client_handle,
- true,
- c_cert_path,
- c_key_path
+ mp_use_mutual_tls,
+ mp_es2plus_client_cert_path,
+ mp_es2plus_client_key_path
);
}
--
To view, visit https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/41250?usp=email
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings?usp=email
Gerrit-MessageType: newchange
Gerrit-Project: osmo-ttcn3-hacks
Gerrit-Branch: master
Gerrit-Change-Id: Ib8e128e4af8e819799c4d7ea3e6a36189462f382
Gerrit-Change-Number: 41250
Gerrit-PatchSet: 1
Gerrit-Owner: dexter <[email protected]>
