ItsSecurity_TestCases.ttcn3 631 KB
Newer Older
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_rectangular);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_03_BV
            
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the polygonal region containing in the validity restriction 
             *         of the certificate pointed by the signer_info field     
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
             *   the IUT has been authorized with the AT certificate (CERT_IUT_D)
             *     containing validity_restrictions ['region']
             *       containing region
             *         containing region_type
             *           indicating 'polygon'
             *         containing polygonal_region
             *           indicating REGION
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *       containing exactly one header_field ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_05_04_BV
             * @reference    ETSI TS 103 097 [1], clause 7.2
            testcase TC_SEC_ITSS_SND_DENM_05_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_D;
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_polygonal);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_04_BV
            
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the identified region containing in the validity restriction 
             *         of the certificate pointed by the signer_info field      
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION and PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
             *   the IUT has been authorized with the AT certificate (CERT_IUT_E)
             *     containing validity_restrictions ['region']
             *       containing region
             *         containing region_type
             *           indicating 'id_region'
             *         containing identified_region
             *           indicating REGION
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage 
             *          containing exactly one header_fields ['generation_location']
             *              containing generation_location
             *                  indicating value inside the REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_05_05_BV
             * @reference    ETSI TS 103 097 [1], clause 7.2
            testcase TC_SEC_ITSS_SND_DENM_05_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                
                //  Test control
                if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION) or not(PICS_CERTIFICATE_SELECTION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_E;
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_identified);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_05_BV
            
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the region containing in the validity restriction 
             *         of the certificate pointed by the signer_info field
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and not PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing header_fields['signed_info'].certificate {
             *         containing validity_restrictions ['region']
             *         {
             *           containing region.region_type
             *             indicating 'circle'
             *           containing region.circular_region
             *             indicating REGION
             *         } or {
             *           containing region.region_type
             *             indicating 'rectangle'
             *           containing region.rectangular_region
             *             containing array of rectangles
             *               indicating REGION
             *         } or {
             *           containing region.region_type
             *             indicating 'polygonal'
             *           containing region.polygonal_region
             *             indicating REGION
             *         } or {      
             *           containing region.region_type
             *             indicating 'id_region'
             *           containing region.circular_region
             *             indicating REGION
             *         }
             *       }
             *       containing exactly one header_fields['generation_location']
             *         containing generation_location
             *           indicating location inside the REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_05_06_BV
             * @reference    ETSI TS 103 097 [1], clause 7.2
            testcase TC_SEC_ITSS_SND_DENM_05_06_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or PICS_CERTIFICATE_SELECTION) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and not PICS_CERTIFICATE_SELECTION ' required for executing the TC ***");
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); 
                f_TC_SEC_ITSS_SND_DENM_05_BV(); // any type of regions
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_06_BV
garciay's avatar
garciay committed
            // TODO To be removed
//            /**
//             * @desc   Check that the sent Secured DENM contains exactly one HeaderField its_aid that is set to 'AID_DENM' 
//             * <pre>
//             * Pics Selection: PICS_GN_SECURITY
//             * Config Id: CF01
//             * Initial conditions:
//             * with {
//             *     the IUT being in the 'authorized' state
//             * }
//             * Expected results:
//             * ensure that {
//             *     when {
//             *         the IUT is requested to send a DENM
//             *     } then {
//             *         the IUT sends a SecuredMessage {
//             *             containing header_fields ['its_aid'] {
//             *                 containing its_aid
//             *                     indicating 'AID_DENM' (37)
//             *              }
//             *         }
//             *     }
//             * }
//             * </pre>
//             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_06_01_BV
//             * @reference   ETSI TS 103 097 [1], clauses 5.4 and 7.2
//             */
//            testcase TC_SEC_ITSS_SND_DENM_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
//                // Local variables
//                var ItsDenm v_denmComponent;
//                
//                //  Test control
//                if (not(PICS_GN_SECURITY)) {
//                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
//                    stop;
//                }
//                
//                // Test component configuration
//                f_cf01Up();
//                
//                // Test adapter configuration
//                
//                // Preamble
//                f_prNeighbour();
//                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); 
//                
//                // Test Body
//                v_denmComponent := f_triggerDenmEvent();
//                tc_ac.start;
//                alt {
//                    [] geoNetworkingPort.receive(
//                        mw_geoNwInd(
//                            mw_geoNwSecPdu(
//                                mdw_securedMessage_DENMs
//                    ))) {
//                        log("*** " & testcasename() & ": PASS: DENM ITS AID is right");
//                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//                    }
//                    [] geoNetworkingPort.receive(
//                        mw_geoNwInd(
//                            mw_geoNwSecPdu(
//                                mdw_securedMessage_CAMs
//                    ))) {
//                        log("*** " & testcasename() & ": INFO: Skip CAM");
//                        repeat;
//                    }
//                    [] geoNetworkingPort.receive(
//                        mw_geoNwInd(
//                            mw_geoNwSecPdu(
//                                mdw_securedMessage
//                    ))) {
//                        log("*** " & testcasename() & ": FAIL: DENM ITS AID is wrong");
//                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//                    }
//                    [] tc_ac.timeout {
//                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
//                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
//                    }
//                } // End of 'alt' statement 
//                
//                // Postamble
//                f_cancelDenmEvent(v_denmComponent);
//                f_poNeighbour();
//                f_cf01Down();
//            } // End of testcase TC_SEC_ITSS_SND_DENM_06_01_BV
//            
garciay's avatar
garciay committed
             * @desc   Check that the Secured DENM contains exactly one non-empty payload of type signed
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             * }
             * Expected results:
             * ensure that {
             *     when {
             *         the IUT is requested to send a DENM
             *     } then {
garciay's avatar
garciay committed
             *         the IUT sends a SecuredMessage
             *             containing payload_field
             *                 containing exactly one element of type Payload
             *                     containing type
             *                         indicating 'signed'
             *                             containing not-empty data
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_08_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.2
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_DENM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var ItsDenm v_denmComponent;
                
                //  Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_denmComponent := f_triggerDenmEvent();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
                                mdw_securedMessage_DENMs(
                                    ?,
                                    mw_payload(e_signed)
                    )))) {
                        log("*** " & testcasename() & ": PASS: DENM payload is 'signed'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
                                mdw_securedMessage_DENMs(
                                    ?,
                                    mw_payload()
                    )))) {
                         log("*** " & testcasename() & ": FAIL: DENM payload is not 'signed'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
                                mdw_securedMessage_DENMs
garciay's avatar
garciay committed
                         log("*** " & testcasename() & ": FAIL: DENM payload is not exist");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
garciay's avatar
garciay committed
                } // End of 'alt' statement
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_DENM_08_01_BV
garciay's avatar
garciay committed
             * @desc   Check that the secured DENM contains only one TrailerField of type signature.
             *         Check that the signature contained in the SecuredMessage is calculated 
             *         over the right fields by cryptographically verifying the signature.     
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
garciay's avatar
garciay committed
             *   the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_field ['signer_info']
             *             containing signer
             *                 containing type
             *                   indicating 'certificate'
             *             containing certificate
             *                 containing subject_info.subject_type
             *                     indicating 'authorization_ticket' (2)
             *                 and containing subject_attributes['verification key'] (KEY)
             *                     containing trailer_fields
             *                         containing single instance of type TrailerField
             *                             containing type
             *                                 indicating 'signature'
             *                             and containing signature
             *                                 verifiable using KEY
             *   }
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_DENM_10_01_BV
             * @reference   ETSI TS 103 097 [1], clause 7.2
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_DENM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                //  Local variables
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
                var Certificate v_certificate;
                var ItsDenm v_denmComponent;
                
                //  Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                //  Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                v_denmComponent := f_triggerDenmEvent();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
garciay's avatar
garciay committed
                                    mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: DENM message with certificate received ***");
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        
                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) {
                            log("*** " & testcasename() & ": FAIL: DENM received with invalide signature");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
garciay's avatar
garciay committed
                    
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs
                    ))) {
garciay's avatar
garciay committed
                         log("*** " & testcasename() & ": FAIL: DENM doesn't contain signature");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
garciay's avatar
garciay committed
                    
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
garciay's avatar
garciay committed
                log("*** " & testcasename() & ": PASS: DENM received with correct signature");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_DENM_10_01_BV
                
        } // End of group sendDENMProfile
        
        /**
         * @desc Sending behaviour test cases for DENM profile
         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.6 Generic signed message profile
         */
        group sendOtherProfile {
garciay's avatar
garciay committed
             * @desc        Check that the secured message contains of type signed 
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial conditions:
             * with {
garciay's avatar
garciay committed
             *     the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             * Expected results:
garciay's avatar
garciay committed
             *     when {
             *         the IUT is requested to send a Beacon
             *     } then {
             *         the IUT sends a SecuredMessage {
             *            not containing header_field ['its_aid']
             *              indicating 'AID_CAM'
             *            not containing header_field ['its_aid']
             *              indicating 'AID_DENM'
garciay's avatar
garciay committed
             *            containing payload_fields
             *              containing exactly one element of type Payload {
             *                containing type
             *                  indicating 'signed'
             *              }
             *         }
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_06_01_BV
             * @reference    ETSI TS 103 097 [1], clause 5.4 and 7.3
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_GENMSG_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
                                mdw_securedMessage(
                                    superset(
                                        ?, 
                                        ?, 
                                        mw_header_field_its_aid_Other
                                    )
                                ), 
                                ?
garciay's avatar
garciay committed
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: 'its_aid' is neither set to 'AID_CAM' nor 'AID_DENM'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    [] tc_ac.timeout {
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": INCONC: Expected Message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
garciay's avatar
garciay committed
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_01_01_BV
            
            /**
             * @desc   Check that the generic secured message contains exactly one element of these header fields: 
             *             signer_info, generation_time, generation_location.
             *         Check that the header fields are in the ascending order according to the numbering of the enumeration
             *             except of the signer_info, which is encoded first.   
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected Results:
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *         containing header_fields [0].type
             *             indicating 'signer_info'
             *         and containing header_fields [1..n] 
             *             where header_fields [v_counter].type < header_fields [v_counter + 1].type
             *         and containing header_fields ['generation_time']
             *         and containing header_fields ['generation_location']
             *         and containing header_field ['its_aid']
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_02_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                var GeoNetworkingInd v_geoNwInd;
                var HeaderFields v_headersFields;
                var HeaderFieldType v_previousHeaderType;
                var integer v_counter;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(e_generation_time), 
                                        mw_header_field(e_generation_location),
                                        mw_header_field_its_aid_Other
                                    )
                                ), 
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) -> value v_geoNwInd {
                        tc_ac.stop;
                        
                        // Process header fields manually
                        v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
                        
                        // Check that signerInfo is first header
                        if (lengthof(v_headersFields) < 1 or not match(v_headersFields[0].type_, e_signer_info)) {
                            log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);    
                        }
                        
                        for (v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
                            // Check that no header is duplicated
                            if (match(v_headersFields[v_counter].type_, e_signer_info)) {
                                log("*** " & testcasename() & ": FAIL: multiple instances of signer_info");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            if (v_counter > 1) {
                                // Check that headers are ordered
                                if (v_headersFields[v_counter].type_ == v_previousHeaderType) {
                                    log("*** " & testcasename() & ": FAIL: multiple instances of same Header");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                                if (v_headersFields[v_counter].type_  < v_previousHeaderType) {
                                    log("*** " & testcasename() & ": FAIL: headers not in correct order");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                            }
                            v_previousHeaderType := v_headersFields[v_counter].type_;
                        } // End of 'for' statement
                        
                        log("*** " & testcasename() & ": PASS: correct secured packet received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV
            
            /**
             * @desc   Check that generic secured message contains the certificate as a signer_info
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial Conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected Behaviour
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *         containing exactly one header_fields ['signer_info']
             *             containing signer
             *                 containing type
             *                     indicating 'certificate'
             *         and containing certificate
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_03_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                 mdw_securedMessage_Others(
                                    mw_header_field_signer_info_certificate
                                ), 
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: Beacon signed with certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    mw_header_field(
                                        e_signer_info
                                    )
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        log("*** " & testcasename() & ": INFO: Beacon signed with digest ***");
                        repeat;
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV
            
            /**
             * @desc   Check that message generation time is inside the validity period of the signing certificate
garciay's avatar
garciay committed
             *         Check that message generation time value is realistic
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected behaviour:
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *       containing exactly one header_fields['generation_time']
             *           containing generation_time
             *               indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
             *       containing header_fields['signer_info']
             *           containing signer
             *               containing type
             *                   indicating 'certificate'
             *           containing certificate
             *               containing validity_restrictions['time_end']
                                 containing end_validity
                                     indicating value > GEN_TIME
             *               and containing validity_restrictions['time_start_and_end']
             *                   containing start_validity
             *                       indicating value <= TIME_1
             *                   and containing end_validity
             *                       indicating value > TIME_1
             *               or containing validity_restrictions['time_start_and_duration']
             *                   containing start_validity (CERT_START_VALIDITY)
             *                       indicating value <= GEN_TIME
             *                   and containing duration
             *                       indicating value > GEN_TIME - CERT_START_VALIDITY
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_04_01_BV
             * @reference    ETSI TS 103 097 [1], clauses 5.4 and 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector    v_longPosVectorIut;
                var GeoNetworkingInd v_geoNwInd;
                var HeaderField      v_headerField;
                var Time64           v_generationTime;
                var Time64           v_curTime;
garciay's avatar
garciay committed
                var Time64           v_startTime, v_endTime, v_duration;
                var Certificate      v_cert;
                var integer          v_counter;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(
                                            e_generation_time
                                        ),
                                        mw_header_field_signer_info_certificate,
                                        mw_header_field_its_aid_Other
                                    )
                                ), 
                                mw_geoNwBeaconPacket(
                                    ?
                                )
                            )
                    )) -> value v_geoNwInd { 
                        const integer c_deltaTime := 2 * 3600 * 1000000; // Two hours, in microsecoonds
                        
                        tc_ac.stop;
                        v_curTime := f_getCurrentTime();
                        v_curTime := v_curTime * 1000; // Clause 4.2.16 Time64: is in microseconds
                        
                        if (
                            f_getMsgHeaderField(
                                v_geoNwInd.msgIn.gnPacket.securedMsg,
                                e_generation_time, 
                                v_headerField
                        )) {
                            v_generationTime := v_headerField.headerField.generation_time;  
                            log("v_generationTime=", v_generationTime);
                            log("v_curTime=", v_curTime);
                            log("v_curTime - c_deltaTime=", v_curTime - c_deltaTime);
                            if (v_generationTime < (v_curTime - c_deltaTime)) {
                                log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the past");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            if (v_generationTime > (v_curTime + c_deltaTime)) {
                                log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the future");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            // Check that generation time is inside the certificate validation period
                            if (
                                f_getMsgHeaderField(
                                    v_geoNwInd.msgIn.gnPacket.securedMsg,
                                    e_signer_info, 
                                    v_headerField
                            )) {
                                v_cert := v_headerField.headerField.signer.signerInfo.certificate;
                                
                                for (v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
                                    if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
                                        v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
                                        if (v_generationTime > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    }
garciay's avatar
garciay committed
                                    if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
                                        v_endTime   := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
                                        if (v_generationTime > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
                                        v_endTime   := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity   * 1000000;
                                        v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
                                        if (v_generationTime < v_startTime or v_generationTime > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
garciay's avatar
garciay committed
                                    } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
                                        v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
garciay's avatar
garciay committed
                                        v_duration  := f_duration2time(v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
garciay's avatar
garciay committed
                                        if (v_generationTime < v_startTime or (v_startTime + v_duration) > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    } else {
                                        log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
                                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                    }
                                } // End of 'for' statement
                                log("*** " & testcasename() & ": PASS: Beacon generation time is inside the validity of the certificate");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            } else {
                                log("*** " & testcasename() & ": INCONC: DENM signer info is not available");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV

            /**
             * @desc   Check that the secured GN Beacon contains exactly one HeaderField generation_location
             *         when AT certificate does not contain any region restrictions    
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_IUT_A)
garciay's avatar
garciay committed
             *       not containing validity_restrictions['region']
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *         containing exactly one header_fields ['generation_location']
             *             containing generation_location
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_GENMSG_05_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY', 'PICS_ITS_AID_OTHER_PROFILE' and 'PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                // CERT_IUT_A is the default one
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);