ItsSecurity_TestCases.ttcn3 631 KB
Newer Older
3001
3002
3003
3004
3005
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
3006
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_rectangular);
3007
3008
3009
3010
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
3011
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_03_BV
3012
3013
3014
3015
3016
3017
            
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the polygonal region containing in the validity restriction 
             *         of the certificate pointed by the signer_info field     
             * <pre>
3018
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
3019
3020
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
3021
3022
3023
             *   the IUT has been authorized with the AT certificate (CERT_IUT_D)
             *     containing validity_restrictions ['region']
             *       containing region
3024
3025
3026
3027
3028
3029
3030
3031
3032
             *         containing region_type
             *           indicating 'polygon'
             *         containing polygonal_region
             *           indicating REGION
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
garciay's avatar
garciay committed
3033
             *     the IUT sends a SecuredMessage
3034
3035
3036
3037
3038
3039
             *       containing exactly one header_field ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
3040
3041
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_05_04_BV
             * @reference    ETSI TS 103 097 [1], clause 7.2
3042
             */
3043
            testcase TC_SEC_ITSS_SND_DENM_05_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
3044
3045
                // Local variablesl
                
3046
                // Test control
3047
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
garciay's avatar
garciay committed
3048
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
3049
3050
                    stop;
                }
3051
3052
                
                // Test component configuration
3053
                vc_hashedId8ToBeUsed := cc_iutCert_D;
3054
3055
3056
3057
3058
3059
3060
3061
3062
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
3063
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_polygonal);
3064
3065
3066
3067
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
3068
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_04_BV
3069
3070
3071
3072
3073
3074
            
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the identified region containing in the validity restriction 
             *         of the certificate pointed by the signer_info field      
             * <pre>
3075
             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION and PICS_CERTIFICATE_SELECTION
3076
3077
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
3078
3079
3080
             *   the IUT has been authorized with the AT certificate (CERT_IUT_E)
             *     containing validity_restrictions ['region']
             *       containing region
3081
3082
3083
3084
3085
3086
3087
3088
3089
             *         containing region_type
             *           indicating 'id_region'
             *         containing identified_region
             *           indicating REGION
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
garciay's avatar
garciay committed
3090
3091
             *     the IUT sends a SecuredMessage 
             *          containing exactly one header_fields ['generation_location']
3092
3093
3094
3095
3096
             *              containing generation_location
             *                  indicating value inside the REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
3097
3098
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_05_05_BV
             * @reference    ETSI TS 103 097 [1], clause 7.2
3099
             */
3100
            testcase TC_SEC_ITSS_SND_DENM_05_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
3101
3102
3103
3104
                
                // Local variables
                
                //  Test control
3105
                if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION) or not(PICS_CERTIFICATE_SELECTION)) {
garciay's avatar
garciay committed
3106
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
3107
3108
                    stop;
                }
3109
3110
                
                // Test component configuration
3111
                vc_hashedId8ToBeUsed := cc_iutCert_E;
3112
3113
3114
3115
3116
3117
3118
3119
3120
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
3121
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_identified);
3122
3123
3124
3125
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
3126
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_05_BV
3127
3128
3129
3130
            
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the region containing in the validity restriction 
3131
             *         of the certificate pointed by the signer_info field
3132
             * <pre>
garciay's avatar
garciay committed
3133
             * Pics Selection: PICS_GN_SECURITY and not PICS_CERTIFICATE_SELECTION
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing header_fields['signed_info'].certificate {
             *         containing validity_restrictions ['region']
             *         {
             *           containing region.region_type
             *             indicating 'circle'
             *           containing region.circular_region
             *             indicating REGION
             *         } or {
             *           containing region.region_type
             *             indicating 'rectangle'
             *           containing region.rectangular_region
             *             containing array of rectangles
             *               indicating REGION
             *         } or {
             *           containing region.region_type
             *             indicating 'polygonal'
             *           containing region.polygonal_region
             *             indicating REGION
             *         } or {      
             *           containing region.region_type
             *             indicating 'id_region'
             *           containing region.circular_region
             *             indicating REGION
             *         }
             *       }
             *       containing exactly one header_fields['generation_location']
             *         containing generation_location
             *           indicating location inside the REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
3174
3175
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_05_06_BV
             * @reference    ETSI TS 103 097 [1], clause 7.2
3176
             */
3177
            testcase TC_SEC_ITSS_SND_DENM_05_06_BV() runs on ItsGeoNetworking system ItsSecSystem {
3178
3179
3180
                
                // Local variables
                
3181
                //  Test control
garciay's avatar
garciay committed
3182
3183
                if (not(PICS_GN_SECURITY) or PICS_CERTIFICATE_SELECTION) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and not PICS_CERTIFICATE_SELECTION ' required for executing the TC ***");
3184
3185
                    stop;
                }
3186
3187
3188
3189
3190
3191
3192
3193
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
3194
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); 
3195
3196
                
                // Test Body
3197
                f_TC_SEC_ITSS_SND_DENM_05_BV(); // any type of regions
3198
3199
3200
3201
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
3202
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_06_BV
3203
            
garciay's avatar
garciay committed
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
            // TODO To be removed
//            /**
//             * @desc   Check that the sent Secured DENM contains exactly one HeaderField its_aid that is set to 'AID_DENM' 
//             * <pre>
//             * Pics Selection: PICS_GN_SECURITY
//             * Config Id: CF01
//             * Initial conditions:
//             * with {
//             *     the IUT being in the 'authorized' state
//             * }
//             * Expected results:
//             * ensure that {
//             *     when {
//             *         the IUT is requested to send a DENM
//             *     } then {
//             *         the IUT sends a SecuredMessage {
//             *             containing header_fields ['its_aid'] {
//             *                 containing its_aid
//             *                     indicating 'AID_DENM' (37)
//             *              }
//             *         }
//             *     }
//             * }
//             * </pre>
//             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_06_01_BV
//             * @reference   ETSI TS 103 097 [1], clauses 5.4 and 7.2
//             */
//            testcase TC_SEC_ITSS_SND_DENM_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
//                // Local variables
//                var ItsDenm v_denmComponent;
//                
//                //  Test control
//                if (not(PICS_GN_SECURITY)) {
//                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
//                    stop;
//                }
//                
//                // Test component configuration
//                f_cf01Up();
//                
//                // Test adapter configuration
//                
//                // Preamble
//                f_prNeighbour();
//                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); 
//                
//                // Test Body
//                v_denmComponent := f_triggerDenmEvent();
//                tc_ac.start;
//                alt {
//                    [] geoNetworkingPort.receive(
//                        mw_geoNwInd(
//                            mw_geoNwSecPdu(
//                                mdw_securedMessage_DENMs
//                    ))) {
//                        log("*** " & testcasename() & ": PASS: DENM ITS AID is right");
//                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//                    }
//                    [] geoNetworkingPort.receive(
//                        mw_geoNwInd(
//                            mw_geoNwSecPdu(
//                                mdw_securedMessage_CAMs
//                    ))) {
//                        log("*** " & testcasename() & ": INFO: Skip CAM");
//                        repeat;
//                    }
//                    [] geoNetworkingPort.receive(
//                        mw_geoNwInd(
//                            mw_geoNwSecPdu(
//                                mdw_securedMessage
//                    ))) {
//                        log("*** " & testcasename() & ": FAIL: DENM ITS AID is wrong");
//                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//                    }
//                    [] tc_ac.timeout {
//                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
//                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
//                    }
//                } // End of 'alt' statement 
//                
//                // Postamble
//                f_cancelDenmEvent(v_denmComponent);
//                f_poNeighbour();
//                f_cf01Down();
//            } // End of testcase TC_SEC_ITSS_SND_DENM_06_01_BV
//            
3290
            /**
garciay's avatar
garciay committed
3291
             * @desc   Check that the Secured DENM contains exactly one non-empty payload of type signed
3292
             * <pre>
3293
             * Pics Selection: PICS_GN_SECURITY
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             * }
             * Expected results:
             * ensure that {
             *     when {
             *         the IUT is requested to send a DENM
             *     } then {
garciay's avatar
garciay committed
3304
3305
3306
3307
3308
3309
             *         the IUT sends a SecuredMessage
             *             containing payload_field
             *                 containing exactly one element of type Payload
             *                     containing type
             *                         indicating 'signed'
             *                             containing not-empty data
3310
3311
3312
             *     }
             * }
             * </pre>
garciay's avatar
garciay committed
3313
3314
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_08_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.2
3315
             */
garciay's avatar
garciay committed
3316
            testcase TC_SEC_ITSS_SND_DENM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
3317
3318
3319
                // Local variables
                var ItsDenm v_denmComponent;
                
3320
3321
3322
3323
3324
                //  Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
3325
3326
3327
3328
3329
3330
3331
3332
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
3333
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
3334
3335
3336
3337
3338
3339
3340
3341
                
                // Test Body
                v_denmComponent := f_triggerDenmEvent();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
3342
3343
3344
3345
3346
                                mdw_securedMessage_DENMs(
                                    ?,
                                    mw_payload(e_signed)
                    )))) {
                        log("*** " & testcasename() & ": PASS: DENM payload is 'signed'");
3347
3348
3349
3350
3351
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
3352
3353
3354
3355
3356
3357
                                mdw_securedMessage_DENMs(
                                    ?,
                                    mw_payload()
                    )))) {
                         log("*** " & testcasename() & ": FAIL: DENM payload is not 'signed'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
3358
3359
3360
3361
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
3362
                                mdw_securedMessage_DENMs
3363
                    ))) {
garciay's avatar
garciay committed
3364
                         log("*** " & testcasename() & ": FAIL: DENM payload is not exist");
3365
3366
3367
3368
3369
3370
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
garciay's avatar
garciay committed
3371
                } // End of 'alt' statement
3372
3373
3374
3375
3376
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
3377
            } // End of testcase TC_SEC_ITSS_SND_DENM_08_01_BV
3378
3379
            
            /**
garciay's avatar
garciay committed
3380
3381
3382
             * @desc   Check that the secured DENM contains only one TrailerField of type signature.
             *         Check that the signature contained in the SecuredMessage is calculated 
             *         over the right fields by cryptographically verifying the signature.     
3383
             * <pre>
3384
             * Pics Selection: PICS_GN_SECURITY
3385
3386
3387
             * Config Id: CF01
             * Initial conditions:
             * with {
garciay's avatar
garciay committed
3388
             *   the IUT being in the 'authorized' state
3389
3390
             * }
             * ensure that {
garciay's avatar
garciay committed
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_field ['signer_info']
             *             containing signer
             *                 containing type
             *                   indicating 'certificate'
             *             containing certificate
             *                 containing subject_info.subject_type
             *                     indicating 'authorization_ticket' (2)
             *                 and containing subject_attributes['verification key'] (KEY)
             *                     containing trailer_fields
             *                         containing single instance of type TrailerField
             *                             containing type
             *                                 indicating 'signature'
             *                             and containing signature
             *                                 verifiable using KEY
             *   }
3410
3411
             * }
             * </pre>
garciay's avatar
garciay committed
3412
3413
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_10_01_BV
             * @reference   ETSI TS 103 097 [1], clause 7.2
3414
             */
garciay's avatar
garciay committed
3415
3416
3417
3418
3419
            testcase TC_SEC_ITSS_SND_DENM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                //  Local variables
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
                var Certificate v_certificate;
3420
3421
                var ItsDenm v_denmComponent;
                
3422
3423
3424
3425
3426
3427
                //  Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
3428
                //  Test component configuration
3429
3430
3431
3432
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
3433
                v_denmComponent := f_triggerDenmEvent();
3434
3435
3436
3437
3438
3439
3440
3441
3442
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
garciay's avatar
garciay committed
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
                                    mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: DENM message with certificate received ***");
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        
                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) {
                            log("*** " & testcasename() & ": FAIL: DENM received with invalide signature");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
3453
                    }
garciay's avatar
garciay committed
3454
                    
3455
3456
3457
3458
3459
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs
                    ))) {
garciay's avatar
garciay committed
3460
                         log("*** " & testcasename() & ": FAIL: DENM doesn't contain signature");
3461
3462
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
garciay's avatar
garciay committed
3463
                    
3464
3465
3466
3467
3468
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
garciay's avatar
garciay committed
3469
3470
                log("*** " & testcasename() & ": PASS: DENM received with correct signature");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
3471
3472
3473
3474
3475
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
3476
3477
3478
3479
3480
3481
3482
3483
3484
            } // End of testcase TC_SEC_ITSS_SND_DENM_10_01_BV
                
        } // End of group sendDENMProfile
        
        /**
         * @desc Sending behaviour test cases for DENM profile
         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.6 Generic signed message profile
         */
        group sendOtherProfile {
3485
3486
            
            /**
garciay's avatar
garciay committed
3487
             * @desc        Check that the secured message contains of type signed 
3488
             * <pre>
garciay's avatar
garciay committed
3489
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
3490
3491
3492
             * Config Id: CF01
             * Initial conditions:
             * with {
garciay's avatar
garciay committed
3493
             *     the IUT being in the 'authorized' state
3494
             * }
garciay's avatar
garciay committed
3495
             * Expected results:
3496
             * ensure that {
garciay's avatar
garciay committed
3497
3498
3499
3500
3501
3502
3503
             *     when {
             *         the IUT is requested to send a Beacon
             *     } then {
             *         the IUT sends a SecuredMessage {
             *            not containing header_field ['its_aid']
             *              indicating 'AID_CAM'
             *            not containing header_field ['its_aid']
3504
             *              indicating 'AID_DENM'
garciay's avatar
garciay committed
3505
3506
3507
3508
3509
3510
             *            containing payload_fields
             *              containing exactly one element of type Payload {
             *                containing type
             *                  indicating 'signed'
             *              }
             *         }
3511
3512
3513
             *     }
             * }
             * </pre>
garciay's avatar
garciay committed
3514
3515
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_06_01_BV
             * @reference    ETSI TS 103 097 [1], clause 5.4 and 7.3
3516
             */
garciay's avatar
garciay committed
3517
            testcase TC_SEC_ITSS_SND_GENMSG_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
3518
                
garciay's avatar
garciay committed
3519
3520
3521
3522
3523
3524
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
3525
3526
3527
                    stop;
                }
                
garciay's avatar
garciay committed
3528
                // Test component configuration
3529
                f_cf01Up();
garciay's avatar
garciay committed
3530
3531
3532
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
3533
3534
3535
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
3536
3537
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
3538
3539
3540
3541
3542
3543
3544
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
3545
3546
3547
3548
3549
3550
3551
3552
                                mdw_securedMessage(
                                    superset(
                                        ?, 
                                        ?, 
                                        mw_header_field_its_aid_Other
                                    )
                                ), 
                                ?
3553
                    ))) {
garciay's avatar
garciay committed
3554
3555
3556
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: 'its_aid' is neither set to 'AID_CAM' nor 'AID_DENM'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
3557
                    }
3558
                    [] tc_ac.timeout {
garciay's avatar
garciay committed
3559
                        log("*** " & testcasename() & ": INCONC: Expected Message not received ***");
3560
3561
3562
3563
3564
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
garciay's avatar
garciay committed
3565
                f_acTriggerEvent(m_stopPassBeaconing);
3566
3567
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
3568
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_01_01_BV
3569
3570
3571
3572
3573
3574
3575
            
            /**
             * @desc   Check that the generic secured message contains exactly one element of these header fields: 
             *             signer_info, generation_time, generation_location.
             *         Check that the header fields are in the ascending order according to the numbering of the enumeration
             *             except of the signer_info, which is encoded first.   
             * <pre>
3576
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected Results:
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
3587
3588
3589
3590
3591
3592
3593
3594
             *     the IUT sends a SecuredMessage
             *         containing header_fields [0].type
             *             indicating 'signer_info'
             *         and containing header_fields [1..n] 
             *             where header_fields [v_counter].type < header_fields [v_counter + 1].type
             *         and containing header_fields ['generation_time']
             *         and containing header_fields ['generation_location']
             *         and containing header_field ['its_aid']
3595
3596
3597
3598
             *     }
             *   }  
             * }
             * </pre>
garciay's avatar
garciay committed
3599
3600
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_02_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.3
3601
             */
3602
            testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
3603
3604
3605
3606
3607
3608
3609
3610
3611
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                var GeoNetworkingInd v_geoNwInd;
                var HeaderFields v_headersFields;
                var HeaderFieldType v_previousHeaderType;
                var integer v_counter;
                
                // Test control
3612
3613
3614
3615
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(e_generation_time), 
                                        mw_header_field(e_generation_location),
3638
                                        mw_header_field_its_aid_Other
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
                                    )
                                ), 
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) -> value v_geoNwInd {
                        tc_ac.stop;
                        
                        // Process header fields manually
                        v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
                        
                        // Check that signerInfo is first header
                        if (lengthof(v_headersFields) < 1 or not match(v_headersFields[0].type_, e_signer_info)) {
                            log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);    
                        }
                        
                        for (v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
                            // Check that no header is duplicated
                            if (match(v_headersFields[v_counter].type_, e_signer_info)) {
                                log("*** " & testcasename() & ": FAIL: multiple instances of signer_info");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            if (v_counter > 1) {
                                // Check that headers are ordered
                                if (v_headersFields[v_counter].type_ == v_previousHeaderType) {
                                    log("*** " & testcasename() & ": FAIL: multiple instances of same Header");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                                if (v_headersFields[v_counter].type_  < v_previousHeaderType) {
                                    log("*** " & testcasename() & ": FAIL: headers not in correct order");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                            }
                            v_previousHeaderType := v_headersFields[v_counter].type_;
                        } // End of 'for' statement
                        
                        log("*** " & testcasename() & ": PASS: correct secured packet received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
3689
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV
3690
3691
3692
3693
            
            /**
             * @desc   Check that generic secured message contains the certificate as a signer_info
             * <pre>
3694
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
             * Config Id: CF01
             * Initial Conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected Behaviour
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
3705
3706
3707
3708
3709
3710
             *     the IUT sends a SecuredMessage
             *         containing exactly one header_fields ['signer_info']
             *             containing signer
             *                 containing type
             *                     indicating 'certificate'
             *         and containing certificate
3711
3712
3713
3714
             *     }
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
3715
3716
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_03_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.3
3717
             */
3718
            testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
3719
3720
3721
3722
3723
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
                // Test control
3724
3725
3726
3727
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                 mdw_securedMessage_Others(
                                    mw_header_field_signer_info_certificate
                                ), 
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: Beacon signed with certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    mw_header_field(
                                        e_signer_info
                                    )
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        log("*** " & testcasename() & ": INFO: Beacon signed with digest ***");
                        repeat;
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
3780
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV
3781
3782
3783
            
            /**
             * @desc   Check that message generation time is inside the validity period of the signing certificate
garciay's avatar
garciay committed
3784
             *         Check that message generation time value is realistic
3785
             * <pre>
3786
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected behaviour:
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
             *     the IUT sends a SecuredMessage
             *       containing exactly one header_fields['generation_time']
             *           containing generation_time
             *               indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
             *       containing header_fields['signer_info']
             *           containing signer
             *               containing type
             *                   indicating 'certificate'
             *           containing certificate
             *               containing validity_restrictions['time_end']
                                 containing end_validity
                                     indicating value > GEN_TIME
             *               and containing validity_restrictions['time_start_and_end']
             *                   containing start_validity
             *                       indicating value <= TIME_1
             *                   and containing end_validity
             *                       indicating value > TIME_1
             *               or containing validity_restrictions['time_start_and_duration']
             *                   containing start_validity (CERT_START_VALIDITY)
             *                       indicating value <= GEN_TIME
             *                   and containing duration
             *                       indicating value > GEN_TIME - CERT_START_VALIDITY
3819
3820
3821
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
3822
3823
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_04_01_BV
             * @reference    ETSI TS 103 097 [1], clauses 5.4 and 7.3
3824
             */
3825
            testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
3826
3827
3828
3829
3830
3831
3832
                
                // Local variables
                var LongPosVector    v_longPosVectorIut;
                var GeoNetworkingInd v_geoNwInd;
                var HeaderField      v_headerField;
                var Time64           v_generationTime;
                var Time64           v_curTime;
garciay's avatar
garciay committed
3833
                var Time64           v_startTime, v_endTime, v_duration;
3834
3835
3836
3837
                var Certificate      v_cert;
                var integer          v_counter;
                
                // Test control
3838
3839
3840
3841
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(
                                            e_generation_time
                                        ),
                                        mw_header_field_signer_info_certificate,
3866
                                        mw_header_field_its_aid_Other
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
                                    )
                                ), 
                                mw_geoNwBeaconPacket(
                                    ?
                                )
                            )
                    )) -> value v_geoNwInd { 
                        const integer c_deltaTime := 2 * 3600 * 1000000; // Two hours, in microsecoonds
                        
                        tc_ac.stop;
                        v_curTime := f_getCurrentTime();
                        v_curTime := v_curTime * 1000; // Clause 4.2.16 Time64: is in microseconds
                        
                        if (
                            f_getMsgHeaderField(
                                v_geoNwInd.msgIn.gnPacket.securedMsg,
                                e_generation_time, 
                                v_headerField
                        )) {
                            v_generationTime := v_headerField.headerField.generation_time;  
                            log("v_generationTime=", v_generationTime);
                            log("v_curTime=", v_curTime);
                            log("v_curTime - c_deltaTime=", v_curTime - c_deltaTime);
                            if (v_generationTime < (v_curTime - c_deltaTime)) {
                                log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the past");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            if (v_generationTime > (v_curTime + c_deltaTime)) {
                                log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the future");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            // Check that generation time is inside the certificate validation period
                            if (
                                f_getMsgHeaderField(
                                    v_geoNwInd.msgIn.gnPacket.securedMsg,
                                    e_signer_info, 
                                    v_headerField
                            )) {
                                v_cert := v_headerField.headerField.signer.signerInfo.certificate;
                                
                                for (v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
                                    if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
                                        v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
                                        if (v_generationTime > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    }
garciay's avatar
garciay committed
3917
3918
3919
3920
3921
3922
3923
                                    if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
                                        v_endTime   := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
                                        if (v_generationTime > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
3924
3925
3926
3927
3928
3929
                                        v_endTime   := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity   * 1000000;
                                        v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
                                        if (v_generationTime < v_startTime or v_generationTime > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
garciay's avatar
garciay committed
3930
3931
                                    } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
                                        v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
garciay's avatar
garciay committed
3932
                                        v_duration  := f_duration2time(v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
garciay's avatar
garciay committed
3933
3934
3935
3936
3937
3938
3939
                                        if (v_generationTime < v_startTime or (v_startTime + v_duration) > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    } else {
                                        log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
                                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
                                    }
                                } // End of 'for' statement
                                log("*** " & testcasename() & ": PASS: Beacon generation time is inside the validity of the certificate");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            } else {
                                log("*** " & testcasename() & ": INCONC: DENM signer info is not available");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
3960
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV
3961
3962
3963
3964
3965

            /**
             * @desc   Check that the secured GN Beacon contains exactly one HeaderField generation_location
             *         when AT certificate does not contain any region restrictions    
             * <pre>
3966
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION
3967
3968
             * Config Id: CF01
             * with {
3969
             *   the IUT has been authorized with the AT certificate (CERT_IUT_A)
garciay's avatar
garciay committed
3970
             *       not containing validity_restrictions['region']
3971
3972
3973
3974
3975
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
3976
3977
3978
             *     the IUT sends a SecuredMessage
             *         containing exactly one header_fields ['generation_location']
             *             containing generation_location
3979
3980
3981
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
3982
3983
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_05_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.3
3984
             */
3985
            testcase TC_SEC_ITSS_SND_GENMSG_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
3986
3987
3988
3989
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
3990
3991
3992
3993
3994
3995
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY', 'PICS_ITS_AID_OTHER_PROFILE' and 'PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
                    stop;
                }
                
3996
                // Test component configuration
3997
                // CERT_IUT_A is the default one
3998
3999
4000
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
For faster browsing, not all history is shown. View entire blame