ItsSecurity_TestCases.ttcn 1.59 MB
Newer Older
garciay's avatar
garciay committed
             *                      which is not an issuer of currently used AT certificate
garciay's avatar
garciay committed
             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
garciay's avatar
garciay committed
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
garciay's avatar
garciay committed
             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
garciay's avatar
garciay committed
             *      } then {
             *          the IUT sends a SecuredMessage of type EtsiTs103097Data
             *              containing headerInfo
             *                  containing the requestedCertificate
             *                      indicating requested AA certificate CERT_TS_B_AA 
             *      }
             *  }
             * </pre>
             *
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_14_BV
             * @reference    ETSI TS 103 097 [1] Clause 7.1.1
             *               IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3
garciay's avatar
garciay committed
             */
            testcase TC_SEC_ITSS_SND_CAM_14_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 1.0;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                var Certificate v_aa_certificate;
                var HashedId8 v_hashedId8;
                                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_readCertificate(cc_taCert_B_AA, v_aa_certificate);
                f_getCertificateDigest(
                    cc_taCert_B_AA,
                    v_hashedId8
                );
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_certificate // containing certificate
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) {
                        tc_ac.stop;
                        t_maxTransInterval.start;
                        
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***");
garciay's avatar
garciay committed
                                                
                        // Send secured message with request for the currently used AT certificate
                        f_sendSecuredCam(
                            cc_taCert_A,
                            valueof(
                                m_headerInfo_cam(
                                    -, 
                                    f_computeGnTimestamp(),
                                    -,
                                    { f_HashedId3FromHashedId8(v_hashedId8) }
                            )),
                            valueof(
                                m_signerIdentifier_digest(
                                    v_hashedId8
                                )
                            )
                        );
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
garciay's avatar
garciay committed
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam(
                                                -, -, -,
garciay's avatar
garciay committed
                                                v_aa_certificate
                                            )
                                        )
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) -> value v_geoNwInd {
                        tc_ac.stop; 
                        t_maxTransInterval.stop;
                        log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CA message not received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_14_BV
            
            /**
             * @desc    Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate 
             *          headerInfo field when it was previously requested and already received from another ITS-S.
             * <pre>
             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
             *          issued by the AA certificate (CERT_IUT_A_AA)
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent a CAM
             *          containing signer
             *              containing certificate
             *          at TIME_1
             *      and the IUT having received a CAM
             *          containing inlineP2pcdRequest
             *              containing HashedId3 value
             *                  indicating last 3 octets of the digest of CERT_IUT_A_AA
garciay's avatar
garciay committed
             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 0.8sec)
garciay's avatar
garciay committed
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a secured CAM
garciay's avatar
garciay committed
             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 0.9sec)
garciay's avatar
garciay committed
             *      } then {
             *          the IUT sends a SecuredMessage of type EtsiTs103097Data
             *              containing headerInfo
             *                  does not containing requestedCertificate 
             *      }
             *  }
             * </pre>
             *
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_15_BV
             * @reference    ETSI TS 103 097 [1] Clause 7.1.1
             *               IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3
garciay's avatar
garciay committed
             */
            testcase TC_SEC_ITSS_SND_CAM_15_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 0.8;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                var Certificate v_aa_certificate;
                var HashedId8 v_hashedId8;
                                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_readCertificate(cc_taCert_AA, v_aa_certificate);
                f_getCertificateDigest(
                    cc_taCert_AA,
                    v_hashedId8
                );
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_certificate // containing certificate
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) {
                        tc_ac.stop;
                        t_maxTransInterval.start;
                        
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***");
garciay's avatar
garciay committed
                                                
                        // Send secured message with request for the currently used AT certificate
                        f_sendSecuredCam(
                            cc_taCert_A,
                            valueof(
                                m_headerInfo_cam(
                                    -, 
                                    f_computeGnTimestamp(),
                                    -,
                                    { f_HashedId3FromHashedId8(v_hashedId8) }
                            )),
                            valueof(
                                m_signerIdentifier_digest(
                                    v_hashedId8
                                )
                            )
                        );
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
garciay's avatar
garciay committed
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        )
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) -> value v_geoNwInd {
                        tc_ac.stop; 
                        t_maxTransInterval.stop;
                        log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CA message not received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_15_BV
            
            /**
             * @desc    Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate 
             *          headerInfo field when it contains certificate in the signer field.
             * <pre>
             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
             *          issued by the AA certificate (CERT_IUT_A_AA)
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent a CAM
             *          containing signer
             *              containing certificate
             *          at TIME_1
             *      and the IUT having received a CAM
             *          containing inlineP2pcdRequest
             *              containing HashedId3 value
             *                  indicating last 3 octets of the digest of CERT_IUT_A_AA
garciay's avatar
garciay committed
             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 0.9sec)
garciay's avatar
garciay committed
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a secured CAM
garciay's avatar
garciay committed
             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
garciay's avatar
garciay committed
             *      } then {
             *          the IUT sends a SecuredMessage of type EtsiTs103097Data
             *              containing headerInfo
             *                  does not containing requestedCertificate 
             *              and containing signer
             *                  containing certificate
             *      }
             *  }
             * </pre>
             *
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_16_BV
             * @reference    ETSI TS 103 097 [1] Clause 7.1.1
             *               IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3
garciay's avatar
garciay committed
             */
            testcase TC_SEC_ITSS_SND_CAM_16_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 0.8;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                var Certificate v_aa_certificate;
                var HashedId8 v_hashedId8;
                                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_readCertificate(cc_taCert_AA, v_aa_certificate);
                f_getCertificateDigest(
                    cc_taCert_AA,
                    v_hashedId8
                );
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_certificate // containing certificate
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) {
                        tc_ac.stop;
                        t_maxTransInterval.start;
                        
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***");
garciay's avatar
garciay committed
                                                
                        // Send secured message with request for the currently used AT certificate
                        f_sendSecuredCam(
                            cc_taCert_A,
                            valueof(
                                m_headerInfo_cam(
                                    -, 
                                    f_computeGnTimestamp(),
                                    -,
                                    { f_HashedId3FromHashedId8(v_hashedId8) }
                            )),
                            valueof(
                                m_signerIdentifier_digest(
                                    v_hashedId8
                                )
                            )
                        );
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
garciay's avatar
garciay committed
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_certificate // containing certificate
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) -> value v_geoNwInd {
                        tc_ac.stop; 
                        t_maxTransInterval.stop;
                        log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_digest // containing digest
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) {
                        log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate ***"); 
garciay's avatar
garciay committed
                        repeat;
                    }
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CA message not received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_16_BV
            
garciay's avatar
garciay committed
            /**
             * @desc    Check that the IUT send a secured CAM containing the AA certificate in the 
             *          requestedCertificate headerInfo field with the next CAM containing digest 
             *          as a signer info.
             * <pre>
             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
             *          issued by the AA certificate (CERT_IUT_A_AA)
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent a CAM
             *          containing signer
             *              containing certificate
             *          at TIME_1
             *      and the IUT having received a CAM
             *          containing inlineP2pcdRequest
             *              containing HashedId3 value
             *                  indicating last 3 octets of the digest of CERT_IUT_A_AA
             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
             *  }
             *  ensure that {
             *      when {
             *          the IUT is sending a first subsequent secured CAM
             *              containing signer
             *                  containing digest
             *      } then {
             *          this message
             *              containing headerInfo
             *                  containing requestedCertificate 
             *                      indicating requested AA certificate CERT_IUT_A_AA
             *      }
             *  }
             * </pre>
             *
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_17_BV
             * @reference    ETSI TS 103 097 [1] Clause 7.1.1
             *               IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3
garciay's avatar
garciay committed
             */
            testcase TC_SEC_ITSS_SND_CAM_17_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                var Certificate v_aa_certificate;
                var HashedId8 v_hashedId8;
                                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_readCertificate(cc_taCert_AA, v_aa_certificate);
                f_getCertificateDigest(
                    cc_taCert_AA,
                    v_hashedId8
                );
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_certificate // containing certificate
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***");
garciay's avatar
garciay committed
                                                
                        // Send secured message with request for the currently used AT certificate
                        f_sendSecuredCam(
                            cc_taCert_A,
                            valueof(
                                m_headerInfo_cam(
                                    -, 
                                    f_computeGnTimestamp(),
                                    -,
                                    { f_HashedId3FromHashedId8(v_hashedId8) }
                            )),
                            valueof(
                                m_signerIdentifier_digest(
                                    v_hashedId8
                                )
                            )
                        );
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
garciay's avatar
garciay committed
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam(
                                                -, -, -,
garciay's avatar
garciay committed
                                                v_aa_certificate
                                            )
                                        ),
                                        mw_signerIdentifier_digest // containing digest
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) -> value v_geoNwInd {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CA message not received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_17_BV
            
            /**
             * @desc   Check that IUT sends the secured CAM containing generation time and this time is inside the validity period of the signing certificate;
             *         Check that message generation time value is realistic 
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
             * }
             * ensure that {
             *   when {
             *       the IUT is requested to send a CAM
             *   } then {
             *       the IUT sends a SecuredMessage of type EtsiTs103097Data
             *           containing headerInfo
             *               containing generationTime
             *                   indicating TIME_1 (CUR_TIME - 5min <= TIME_1 <= CUR_TIME + 5min)
             *           and containing signer
             *               containing certificate
             *                   containing toBeSigned
             *                       containing validityPeriod
             *                           containing start
             *                               indicating value X_START_VALIDITY (X_START_VALIDITY <= GEN_TIME)
             *                           and containing duration
             *                               indicating value > GEN_TIME - X_START_VALIDITY 
             *   }
             * }
             * </pre>
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_18_BV
             * @reference   ETSI TS 103 097 [1] Clauses 7.1.1
             * @reference   IEEE 1609.2 [2], Clauses 5.2.3.2.2, 5.2.4.2.2, 5.2.4.2.3  
             */
            testcase TC_SEC_ITSS_SND_CAM_18_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                const integer        c_timeLimit := 5 * 60 * 1000000; // us
                var GeoNetworkingInd v_geoNwInd;
                var HeaderInfo       v_headerInfo;
                var Time64           v_generationTime;
                var Time64           v_curTime;
                var SignerIdentifier v_signerIdentifier;
                var ValidityPeriod   v_validityPeriod;
                var Certificate      v_cert;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                geoNetworkingPort.clear;
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_certificate // containing certificate
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_certificate // containing certificate
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) -> value v_geoNwInd {
                        tc_ac.stop;
                        f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo);
                        v_generationTime := v_headerInfo.generationTime;
                        v_curTime := f_getCurrentTime();
                        v_curTime := v_curTime * 1000; // Time64 is in microseconds 
                        log("v_curTime (us)=", v_curTime);
                        // Check generation time
                        if (not match(v_generationTime, Time64:(v_curTime - c_timeLimit, v_curTime + c_timeLimit))) {
                            log("*** " & testcasename() & ": FAIL: CA message generation time is not in 5 min range");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        } else {
                            // Check certificate validity period
                            f_getMsgSignerIdentifier (f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier);
                            if (not match(v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_, Time32:(v_curTime - c_timeLimit, v_curTime + c_timeLimit))) {
                                log("*** " & testcasename() & ": FAIL: CA message certificate validity period is not in 5 min range");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            } else {
                                log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            }
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_digest
                                    )
                                ), 
                                mw_geoNwShbPacket
                    ))) {
                        log("*** " & testcasename() & ": INFO: CA message retransmission with digest ***"); 
                        repeat;
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CA message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_18_BV
            
            /**
             * @desc    Check that IUT sends the secured CAM containing the 'data' field in signed data payload, 
             *          containing the EtsiTs103097Data of type unsecured, contained the CAM payload
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a secured CAM
             *      } then {
             *          the IUT sends a message of type EtsiTs103097Data
             *              contains content
             *                  contains signedData
             *                      containing tbsData
             *                          containing payload
             *                              containing data
             *                                  containing content
             *                                      containing unsecuredData
             *                                          containing not-empty data
             *      }
             *  }
             * </pre>
             *
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_19_BV
             * @reference    ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1
             */
            testcase TC_SEC_ITSS_SND_CAM_19_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload(
                                                mw_ieee1609Dot2Data(
                                                    mw_ieee1609Dot2Data_unsecured
                                            )),
                                            mw_headerInfo_cam
                                        )
                                    )
                                )
                    ))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: CAM received with a well formated payload ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CA message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_19_BV
            
            /**
             * @desc    Check that the IUT sends the secured CAM signed with the certificate containing appPermisions 
             *          allowing to sign CA messages
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a secured CAM
             *      } then {
             *          the IUT sends a message of type EtsiTs103097Data
             *              containing signer
             *                 containing certificate
             *                     containing appPermissions
             *                         containing an item of type PsidSsp
             *                             containing psid = AID_CAM 
             *      }
             *  }
             * </pre>
             *
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_20_BV
             * @reference    ETSI TS 103 097 [1] Clauses 7.2.1
             * @reference    IEEE 1609.2 [2], Clauses 5.2.3.2.2
             */
            testcase TC_SEC_ITSS_SND_CAM_20_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_certificate( // containing certificate
                                            mw_etsiTs103097Certificate(
                                                -,
                                                mw_toBeSignedCertificate_at(
                                                    { mw_appPermissions(c_its_aid_CAM) }
                    ))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: CAM received with a well formated certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mw_etsiTs103097Data_signed(
                                    mw_signedData(
                                        -, 
                                        mw_toBeSignedData(
                                            mw_signedDataPayload,
                                            mw_headerInfo_cam
                                        ),
                                        mw_signerIdentifier_digest
                                    )
                                )
                    ))) {
                        log("*** " & testcasename() & ": INFO: CA message with digest was received ***");
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_20_BV
            
            /**
             * @desc    Check that IUT sends the secured CAM containing signature;
             *          Check that the signature is calculated over the right fields 
             *          and using right hash algorythm by cryptographically verifying the signature
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT is authorized with AT certificate (X_CERTIFICATE) 
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a secured CAM
             *      } then {
             *          the IUT sends a message of type EtsiTs103097Data
             *              containing signedData
             *                  containing signer
             *                       containing digest
             *                           referencing the certificate X_CERTIFICATE
             *                       or containing certificate
             *                           indicating X_CERTIFICATE
             *                  and containing signature
             *                      containing X_SIGNATURE
             *                          verifiable using KEY 
             *      }
             *  }
             * </pre>
             *
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_21_BV
             * @reference    ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1
             * @reference    IEEE 1609.2 [2], Clauses 5.3.1, 6.3.4, 6.3.29, 6.3.30, 6.3.31

             */
            testcase TC_SEC_ITSS_SND_CAM_21_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var EtsiTs103097Certificate v_certificate;
                var Signature               v_signature;
                var GeoNetworkingInd        v_geoNwInd;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");