-
Notifications
You must be signed in to change notification settings - Fork 5
/
all_pkits_parameters.yml
59 lines (51 loc) · 7.39 KB
/
all_pkits_parameters.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
testObject:
name: "HasToBeDefined_name" # Name of the test object, for better identification in logs and configuration files.
testObjectType: HasToBeDefined_testObjectType # one of: IdpFachdienst, IntermediaerServer, KimFachdienst, VsdmFachdienst, VpnKonzentrator, VpnRegServer
ipAddressOrFqdn: "HasToBeDefined_ipAddressOrFqdn" # FQDN or IP address to connect to the test object.
port: HasToBeDefined_port # Port where the test object listens on.
ocspGracePeriodSeconds: 30 # OCSP grace period in seconds configured in the test object.
ocspToleranceProducedAtPastSeconds: 5 # OCSP tolerance for producedAt in the past, in seconds configured in the test object.
ocspToleranceProducedAtFutureSeconds: 3 # OCSP tolerance for producedAt in the future, in seconds configured in the test object.
tslDownloadIntervalSeconds: HasToBeDefined_tslDownloadIntervalSeconds # TSL download interval in seconds configured in the test object.
tslGracePeriodDays: 0 # Duration in days after expiration of the TSL during which the TSL is still regarded as valid.
tslProcessingTimeSeconds: 3 # Amount of seconds to wait after a TSL update for processing inside the test object.
ocspProcessingTimeSeconds: 1 # Amount of seconds to wait for OCSP requests to be processed by the test object and corresponding network.
ocspTimeoutSeconds: 10 # Amount of seconds after OCSP responses are not accepted by the test object anymore.
scriptUseCase:
scriptPath: "unused by default" # Absolute or relative path to the use case script when test object type is set to 'Script'.
sendReceiveApplicationData: true # Parameter can be used to differentiate code inside a script
appDataHttpFwdSocket: "HasToBeDefined_appDataHttpFwdSocket" # send AppData over http-forwarder (to gematik OCSP-sim, as defined in bash script)
cryptMethod: "ECC" # Parameter is used as an argument for the called script. It can be used for handling different implementations in RSA or ECC.
sshConfig:
username: "HasToBeDefined_username" # Username for the SSH login
password: "HasToBeDefined_password" # Passwort in case of password based authentication.
host: "HasToBeDefined_host" # IP address to connect to via SSH.
port: 22 # Port for the SSH connect.
privateKey: "HasToBeDefined_privateKey" # Private key in case of key based authentication.
privateKeyPassphrase: "HasToBeDefined_privateKeyPassphrase" # Password for the private key in case of key based authentication.
connectTimeoutSeconds: 60 # Timeout for the SSH session.
authTimeoutSeconds: 60 # Timeout for the verification phase during the session connection establishment.
channelOpenTimeoutSeconds: 60 # Timeout during channel establishment.
channelCloseTimeoutSeconds: 60 # Timeout during SSH channel.
sshUseCaseParameters:
filesToCopyRootDir: "HasToBeDefined_filesToCopyRootDir" # Directory containing files, that should be copied to the remote SSH machine.
filesToCopyPattern: "HasToBeDefined_filesToCopyPattern" # Wildcard filter for selecting files from the 'filesToCopyRootDir'. See https://docs.oracle.com/javase/8/docs/api/java/nio/file/FileSystem.html#getPathMatcher-java.lang.String-
remoteTargetDir: "HasToBeDefined_remoteTargetDir" # Target directory on the SSH remote machine, where files are copied to.
remoteLogFile: "HasToBeDefined_remoteLogFile" # Filename of a log file on the remote SSH machine. This file is copied back from the remote machine.
ocspResponder:
ipAddressOrFqdn: "HasToBeDefined_ipAddressOrFqdn" # FQDN or IP address where the OCSP responder is running. This will be used as the ServiceSupplyPoint in the TSLs.
port: HasToBeDefined_port # Port where the OCSP responder is listening.
id: "OCSP Responder" # Name of the OCSP responder for better identification in log files.
appPath: "./bin/pkits-ocsp-responder-exec.jar" # Path to the OCSP responder jar which should be started during tests. This can be skipped with the keyword "externalStartup".
tslProvider:
ipAddressOrFqdn: "HasToBeDefined_ipAddressOrFqdn" # FQDN or IP address where the tsl provider is running. This will be used as the PointersToOther field in the TSLs.
port: HasToBeDefined_port # Port where the TSL provider is listening.
id: "TSL Provider" # Name of the TSL provider for better identification in log files.
appPath: "./bin/pkits-tsl-provider-exec.jar" # Path to the TSL provider jar which should be started during tests. This can be skipped with the keyword "externalStartup".
testSuiteParameter:
performInitialState: true # Execute smoke test (TSL and use case including OCSP) before each test.
captureNetworkTraffic: false # Capture network traffic in pcap file format. Configuration of interfaces to sniff on is done by parameter "captureInterfaces" If OCSP responder and TSL provider are not started externally, sniffing on there interfaces is activated as well.
captureInterfaces: "HasToBeDefined_captureInterfaces" # Comma separated list of IP addresses for interfaces to sniff communication with the test object from.
ocspSettings:
timeoutDeltaMilliseconds: 1500 # Amount of milliseconds to add/subtract from OCSP timeout during the test to get a result inside/outside the timeout.
gracePeriodExtraDelay: 5 # Amount of seconds to add to the OCSP grace period as a buffer.