Skip to content
GitLab
Switch branch/tag
Find file Normal viewHistoryPermalink
ItsSecurity_TestCases.ttcn3 1.39 MB
Newer Older
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015 
                                        superset(
                                            mw_header_field(e_generation_location),
                                            mw_header_field_signer_info_certificate(
                                                mw_certificate(
                                                    ?,
                                                    ?,
                                                    ?, 
                                                    superset(
                                                        mw_validity_restriction_region(
                                                            p_region
                        ))))))))) -> value v_geoNwInd {
                            var ValidityRestriction v_vr;
                            var HeaderField         v_hf;
                            
                            tc_ac.stop;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4016 
                            // Check that generation location
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4017
4018
4019
4020
4021
4022
4023 
                            if (
                                f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf) and 
                                f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr)
                            ) {
                                if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) {
                                    log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4024
4025
4026
4027
4028 
                                } else {
                                    log("v_vr.validity.region=", v_vr.validity.region);
                                    log("v_hf.headerField.generation_location=", v_hf.headerField.generation_location);
                                    log("*** " & testcasename() & ": FAIL: Invalid location");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072 
                                }
                            } else {
                                log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        // GN message doesn't contain generation location 
                        [] geoNetworkingPort.receive(
                            mw_geoNwInd(
                                mw_geoNwSecPdu(
                                    mdw_securedMessage_Others
                        ))) -> value v_geoNwInd {
                            var HeaderField v_hf;
                            
                            tc_ac.stop;
                            
                            // Check that generation location is not present
                            f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf);
                            if (not isbound(v_hf)) {
                                log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location header");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        // GN signing certificate doesn't contains region restriction 
                        [] geoNetworkingPort.receive(
                            mw_geoNwInd(
                                mw_geoNwSecPdu(
                                    mdw_securedMessage_Others(
                                        mw_header_field_signer_info_certificate(
                                            mw_certificate(
                                                ?,
                                                ?,
                                                ?, 
                                                { } // GN signing certificate doesn't contains region restriction
                        )))))) {
                            tc_ac.stop;
                            log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        [] tc_ac.timeout {
                            log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                        }
                    } // End of 'alt' statement
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4073 
                } // End of function f_TC_SEC_ITSS_SND_GENMSG_05_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4074
4075
4076
4077 
                
            } // End of group f_TC_SEC_ITSS_SND_GENMSG_05_xx
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4078 
             * @desc        Check that the secured message contains of type signed, signed_external or signed_and_encrypted
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4079 
             * <pre>
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4080 
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091 
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             * }
             * Expected results:
             * ensure that {
             *     when {
             *         the IUT is requested to send a Beacon
             *     } then {
             *         the IUT sends a SecuredMessage {
garciay's avatar
STF507: Week #1    
garciay committed
4092
4093
4094 
             *             containing payload_fields
             *                 containing exactly one element of type Payload
             *                     containing type
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4095 
             *                         indicating 'signed' or 'signed_external' or 'signed_and_encrypted'
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4096
4097 
             * }
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4098 
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_06_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4099 
             * @reference    ETSI TS 103 097 [1], clause 7.3
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4100 
             */
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4101 
            testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4102
4103
4104
4105 
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4106
4107
4108
4109
4110
4111 
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4112
4113
4114
4115
4116
4117
4118
4119
4120 
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4121 
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145 
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
                                    mw_payload(
                                        e_signed
                                    ) 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        log("*** " & testcasename() & ": PASS: Beacon payload is 'signed'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?,
garciay's avatar
STF507: Week #1    
garciay committed
4146
4147
4148 
                                    mw_payload(
                                        e_signed_external
                                    )
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4149
4150
4151
4152 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) {
garciay's avatar
STF507: Week #1    
garciay committed
4153
4154 
                        log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_external'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4155
4156
4157
4158
4159
4160
4161 
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
                                    mw_payload(
garciay's avatar
STF507: Week #1    
garciay committed
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176 
                                        e_signed_and_encrypted
                                    ) 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_and_encrypted'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
                                    mw_payload
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4177
4178
4179
4180 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) {
garciay's avatar
STF507: Week #1    
garciay committed
4181 
                        log("*** " & testcasename() & ": FAIL: Beacon payload is not signed, signed_external or signed_and_encrypted");
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193 
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected Message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4194 
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4195
4196 
            
            /**
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4197
4198
4199 
             * @desc   Check that the secured GN Message contains only one TrailerField of type signature ;
             *         Check that the signature contained in the SecuredMessage is calculated over the right fields by 
             *         cryptographically verifying the signature
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4200 
             * <pre>
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4201 
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4202
4203
4204
4205
4206
4207
4208
4209
4210 
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send Beacon
             *   } then {
garciay's avatar
STF507: Week #1    
garciay committed
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220 
             *     the IUT sends a SecuredMessage
             *         containing header_fields ['signer_info']
             *             containing signer
             *                 containing type
             *                     indicating 'certificate'
             *             and containing certificate
             *                 indicating CERT
             *         and containing trailer_fields['signature']
             *             containing signature
             *                 verifiable using CERT.subject_attributes['verification_key']
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4221
4222
4223 
             *   }
             * }
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4224 
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_07_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4225 
             * @reference    ETSI TS 103 097 [1], clause 7.3
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4226 
             */
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4227 
            testcase TC_SEC_ITSS_SND_GENMSG_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4228
4229
4230
4231
4232
4233 
                
                //  Local variables
                var LongPosVector v_longPosVectorIut;
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4234
4235
4236
4237
4238
4239 
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
garciay's avatar
STF507: Week #7    
garciay committed
4240 
                // Test component configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4241
4242
4243 
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4244
4245 
                // Test adapter configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289 
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: Beacon message with certificate received ***");
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        
                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) {
                            log("*** " & testcasename() & ": FAIL: Beacon received with invalide signature");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others
                    ))) { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: Beacon message without certificate received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected GN Message not received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                log("*** " & testcasename() & ": PASS: GN Message received with correct signature");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4290 
            } // End of testcase TC_SEC_ITSS_SND_DENM_07_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4291
garciay's avatar
STF507: Week #1    
garciay committed
4292 
        } // End of group sendOtherProfile
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4293
garciay's avatar
STF507: Week #1    
garciay committed
4294
4295
4296
4297
4298 
        /**
         * @desc Sending behaviour test cases for certificates profile
         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7 Profiles for certificates
         */
        group sendCertificatesProfile {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4299
4300 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4301 
             * @desc    Check that AT certificate has version 2
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4302 
             * <pre>
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4303 
             * Pics Selection: PICS_GN_SECURITY
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4304
4305 
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
STF507: Week #1    
garciay committed
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating certificate
             *             containing certificate
             *                 containing version
             *                     indicating '2'
             *   }
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4324 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4325 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_01_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4326 
             * @reference   ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4327 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4328 
            testcase TC_SEC_ITSS_SND_CERT_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4329 
                // Local variables
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4330
garciay's avatar
STF507: Week #1    
garciay committed
4331 
                // Test control
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4332
4333
4334
4335 
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4336
garciay's avatar
STF507: Week #1    
garciay committed
4337 
                // Test component configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4338 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4339
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4340 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4341
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4342
4343
4344
4345
4346 
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
STF507: Week #1    
garciay committed
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377 
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_certificate(
                    ))))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AT Certificate version set to " & int2char(c_certificate_version) & " ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            ?
                    )))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: AT Certificate version mismatch ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4378
4379
4380
4381 
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4382 
            } // End of testcase TC_SEC_ITSS_SND_CERT_01_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4383
4384 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4385 
             * @desc    Check that AA certificate has version 2
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4386 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4387 
             * Pics Selection: PICS_GN_SECURITY
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4388
4389 
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
STF507: Week #1    
garciay committed
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401 
             * with {
             *   the IUT being in the 'authorized' state
             *      the IUT being requested to include certificate chain in the next CAM
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
garciay's avatar
STF507: Week #6    
garciay committed
4402 
             *                 indicating 'certificate_chain'
garciay's avatar
STF507: Week #1    
garciay committed
4403
4404
4405
4406
4407
4408
4409 
             *             and containing certificates
             *                 indicating length > 0
             *                 and containing certificates[n] (0..N)
             *                     containing version
             *                         indicating '2'
             *   }
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4410 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4411 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_01_02_BV
garciay's avatar
STF507: Week #1    
garciay committed
4412 
             * @reference   ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4413 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4414 
            testcase TC_SEC_ITSS_SND_CERT_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4415 
                // Local variables
garciay's avatar
STF507: Week #1    
garciay committed
4416
4417
4418
4419 
                var SecuredMessage v_recv;
                var Certificate v_cert;
                var SignerInfo v_si;
                var HashedId8 v_digest;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4420
garciay's avatar
STF507: Week #1    
garciay committed
4421 
                // Test control
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4422
4423
4424
4425 
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4426
4427 
                    
                // Test component configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4428 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4429
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4430 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4431
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4432
4433
4434
4435 
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
garciay's avatar
STF507: Week #1    
garciay committed
4436
4437
4438
4439
4440
4441
4442 
                // Wait for the message with the certificate to retrieve the AA digest.
                // Ask for the chain, containing AT and AA certificate
                // Check AA Certificate
                log("*** " & testcasename() & ": INFO: Wait for certificate and ask for certificate chain  ***");
                tc_ac.start;
                f_askForCertificateChain(f_generateDefaultCam());
                tc_ac.stop;
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4443
garciay's avatar
STF507: Week #1    
garciay committed
4444
4445
4446
4447
4448
4449
4450
4451 
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
garciay's avatar
WeekSTF507: Week #3    
garciay committed
4452
4453 
                                        mw_header_field_signer_info_certificate_chain
                    ))))) {
garciay's avatar
STF507: Week #1    
garciay committed
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AA certificate version set to " & int2char(c_certificate_version) & " ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate_chain
                    ))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: AA certificate version mismatch or no AA cert received***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4474
4475
4476
4477 
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4478
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4479 
            } // End of testcase TC_SEC_ITSS_SND_CERT_01_02_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4480
4481 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4482
4483
4484 
             * @desc    Check that the references in the certificate chain are valid
             *          Check that signer_info type of all certificates in the chain are 'certificate_digest_with_sha256', 
             *          'certificate_digest_with_other_algorithm' or 'self'
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4485 
             * <pre>
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4486 
             * Pics Selection: PICS_GN_SECURITY
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4487
4488 
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
STF507: Week #1    
garciay committed
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
garciay's avatar
STF507: Week #6    
garciay committed
4499 
             *                 indicating 'certificate_chain'
garciay's avatar
STF507: Week #1    
garciay committed
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519 
             *             and containing certificates
             *                 indicating length > 0
             *             and containing certificates[0]
             *                 containing signer_info
             *                     containing type
             *                         indicating 'certificate_digest_with_sha256'
             *                         or indicating 'certificate_digest_with_other_algorythm'
             *                     and containing digest
             *                         referenced to the trusted certificate
             *                 or containing signer_info
             *                     containing type
             *                         indicating 'self'
             *             and containing certificates[n] (1..N)
             *                 containing signer_info
             *                     containing type
             *                         indicating 'certificate_digest_with_sha256'
             *                         or indicating 'certificate_digest_with_other_algorythm'
             *                     and containing digest
             *                         referenced to the certificates[n-1]
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4520 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4521 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_02_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4522 
             * @reference   ETSI TS 103 097 [1], clause 4.2.10, 6.1 and 7.4.1
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4523 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4524 
            testcase TC_SEC_ITSS_SND_CERT_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
STF507: Week #1    
garciay committed
4525
4526
4527
4528 
                // Local declarations
                var CertificateChain v_chain;
                var SignerInfo v_si;
                var HashedId8 v_digest;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4529
garciay's avatar
STF507: Week #1    
garciay committed
4530 
                // Test control
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4531
4532
4533
4534 
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
STF507 week#9:    
garciay committed
4535
garciay's avatar
STF507: Week #1    
garciay committed
4536 
                // Test component configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4537 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4538
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4539 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4540
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4541
4542
4543
4544 
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
garciay's avatar
STF507: Week #1    
garciay committed
4545
4546
4547
4548
4549 
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4550 
                }
garciay's avatar
STF507: Week #1    
garciay committed
4551
4552
4553
4554
4555
4556
4557
4558 
                tc_ac.stop;
                
                // Test Body
                for (var integer v_counter := lengthof(v_chain) - 1; v_counter > 1; v_counter := v_counter - 1) { // Loop on []N-1..1]
                    if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) {
                        log("*** " & testcasename() & ": FAIL: Certificate[ " & int2str(v_counter) & "] doesn't contain signer info ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
garciay's avatar
WeekSTF507: Week #3    
garciay committed
4559 
                    if (not match(v_si.type_, e_certificate_digest_with_sha256) and not match(v_si.type_, e_certificate_digest_with_other_algorithm)) {
garciay's avatar
STF507: Week #1    
garciay committed
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574 
                        log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    // signer_info.type indicates 'certificate_digest_with_sha256' or 'certificate_digest_with_other_algorythm'
                    
                    v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]);
                    if (not match (v_si.signerInfo.digest, v_digest)) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                } // End of 'for' statement
                // Process certificate[0]
                if (not f_getCertificateSignerInfo(v_chain[0], v_si)) {
                    log("*** " & testcasename() & ": FAIL: Certificate[0] doesn't contain signer info ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4575 
                }
garciay's avatar
STF507: Week #1    
garciay committed
4576
4577
4578 
                // Process certificate[0]
                if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
                    log("*** " & testcasename() & ": FAIL: Certificate[0] is not signed with digest ***");
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4579
4580 
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
garciay's avatar
STF507: Week #1    
garciay committed
4581
4582
4583
4584 
                // signer_info.type indicates 'certificate_digest_with_sha256' only
                log("*** " & testcasename() & ": PASS: Certificate chain is well signed ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4585
4586
4587 
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4588
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4589 
            } // End of testcase TC_SEC_ITSS_SND_CERT_02_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4590
4591 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4592
4593
4594
4595 
             * @desc Check that the rectangular region validity restriction of the message signing certificate 
             *       contains not more than six valid rectangles; 
             *       Check that the rectangular region validity restriction of the message signing certificate is 
             *       continuous and does not contain any holes
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4596 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4597 
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4598 
             * Config Id: CF01
garciay's avatar
STF507: Week #1    
garciay committed
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate'
             *             containing certificate
             *                 containing validity_restrictions['region']
             *                     containing region_type
             *                         indicating 'rectangle'
             *                     and containing rectangular_region
             *                         indicating length <= 6
             *                         and containing elements of type RectangularRegion
             *                             indicating continuous region without holes
             *                             and containing northwest and southeast
             *                                 indicating northwest is on the north from southeast
             *   }
             * }
             * @remark Certificate: cc_taCert_C
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4623 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4624 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_04_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4625 
             * @reference   ETSI TS 103 097 [1], clauses 4.2.20 and 4.2.23
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4626 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4627 
            testcase TC_SEC_ITSS_SND_CERT_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4628 
                // Local variables
garciay's avatar
STF507: Week #1    
garciay committed
4629
4630
4631 
                var Certificate         v_cert;
                var ValidityRestriction v_vr;
                var integer             v_counter;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4632
garciay's avatar
STF507: Week #1    
garciay committed
4633 
                // Test control
garciay's avatar
STF507 week#9:    
garciay committed
4634
4635 
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4636
4637 
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4638
4639
4640 
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_C;
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4641 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4642
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4643 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4644
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4645
4646
4647
4648 
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
garciay's avatar
STF507: Week #1    
garciay committed
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687 
                // Test body
                tc_ac.start;
                f_waitForCertificate(v_cert);
                tc_ac.stop;
                if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) {
                    if (v_vr.validity.region.region_type == e_rectangle) {
                        var RectangularRegions v_rects := v_vr.validity.region.region.rectangular_region;
                        if (lengthof(v_rects) > 6) {
                            log("*** " & testcasename() & ": FAIL: Rectangular regions count is more then 6 ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        for (v_counter := 0; v_counter<lengthof(v_rects); v_counter := v_counter + 1) {
                            var RectangularRegion v_rect := v_rects[v_counter];
                            if (true != f_isValidTwoDLocation(v_rect.northwest)) {
                                log("*** " & testcasename() & ": FAIL: Northwest location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (true != f_isValidTwoDLocation(v_rect.southeast)) {
                                log("*** " & testcasename() & ": FAIL: Southeast location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            // Check normality of the rectangle
                            if (v_rect.northwest.latitude < v_rect.southeast.latitude) {
                                log("*** " & testcasename() & ": FAIL: Rectangular region " & int2str(v_counter) & " is not normalized ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        } // End of 'for' statement
                        
                        // Check for continuous rectangles
                        if (lengthof(v_rects) > 1) { 
                            if (true !=  f_isContinuousRectangularRegions(v_rects)) {
                                log("*** " & testcasename() & ": FAIL: Rectangular regions are not connected all together ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                    } else {
                        log("*** " & testcasename() & ": INCONC: Certificate has other region type ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc
                    }
garciay's avatar
STF507 week#9:    
garciay committed
4688 
                    // FIXME Check holes
garciay's avatar
STF507: Week #1    
garciay committed
4689
4690
4691
4692 
                    log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                } else {
                    log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***");
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4693
4694
4695
4696
4697
4698 
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4699
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4700 
            } // End of testcase TC_SEC_ITSS_SND_CERT_04_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4701
4702 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4703
4704
4705
4706
4707
4708 
             * @desc Check that the rectangular region validity restriction of all certificates contains not more than 
             *       six valid rectangles; 
             *       Check that the rectangular region validity restriction of the AT certificate is continuous and 
             *       does not contain any holes 
             *       Check that the rectangular certificate validity region of the subordinate certificate is well formed and 
             *       inside the validity region of the issuing certificate
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4709 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4710 
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4711 
             * Config Id: CF01
garciay's avatar
STF507: Week #1    
garciay committed
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730 
             * with {
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *   when {
             *     the IUT is requested to send a CAM
             * } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             containing certificates
             *                indicating length N > 0
             *                and containing certificates [n] 0..n
             *                    containing validity_restrictions['region']
             *                        containing region_type
             *                            indicating 'rectangle'
             *                        and containing rectangular_region
             *                            indicating length <= 6
garciay's avatar
STF507 week#9:    
garciay committed
4731
4732
4733
4734 
             *                            and containing elements of type RectangularRegion
             *                                containing northwest and southeast
             *                                    indicating northwest  on the north from southeast
             *                                and indicating continuous region without holes
garciay's avatar
STF507: Week #1    
garciay committed
4735
4736 
             *    }
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4737 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4738 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_04_02_BV
garciay's avatar
STF507: Week #1    
garciay committed
4739 
             * @reference   ETSI TS 103 097 [1], clauses 4.2.20 and 4.2.23
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4740 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4741 
            testcase TC_SEC_ITSS_SND_CERT_04_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4742 
                // Local variables
garciay's avatar
STF507: Week #1    
garciay committed
4743
4744 
                var CertificateChain    v_chain;
                var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown);  // current and issuing cert validity restrictions
garciay's avatar
STF507 week#9:    
garciay committed
4745 
                var boolean             f_vr := false, f_vri := false;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4746
garciay's avatar
STF507: Week #1    
garciay committed
4747 
                // Test control
garciay's avatar
STF507 week#9:    
garciay committed
4748
4749 
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4750
4751 
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4752
4753
4754 
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_C;
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4755 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4756
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4757 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4758
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4759
4760 
                // Preamble
                f_prNeighbour();
garciay's avatar
STF507: Week #1    
garciay committed
4761
4762
4763
4764
4765
4766
4767
4768 
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                } else {
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4769
4770 
                
                // Test Body
garciay's avatar
STF507: Week #1    
garciay committed
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819 
                tc_ac.stop;
                for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
                    v_vri := v_vr;
                    f_vri := f_vr;
                    f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
                    log("v_chain[v_counter]=", v_chain[v_counter]);
                    if (f_vr) {
                        var RectangularRegions v_rects;
                        if (v_vr.validity.region.region_type != e_rectangle) {
                            log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not rectangular ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        v_rects := v_vr.validity.region.region.rectangular_region;
                        log("v_rects=", v_rects);
                        if (lengthof(v_rects) > 6) {
                            log("*** " & testcasename() & ": FAIL: Rectangular regions count is more then 6 ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        for (var integer j:=0; j<lengthof(v_rects); j:=j + 1) {
                            var RectangularRegion v_rect := v_rects[j];
                            if (true != f_isValidTwoDLocation(v_rect.northwest)) {
                                log("*** " & testcasename() & ": FAIL: Northwest location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (true != f_isValidTwoDLocation(v_rect.southeast)) {
                                log("*** " & testcasename() & ": FAIL: Southeast location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            // Check normality of the rectangle
                            if (v_rect.northwest.latitude < v_rect.southeast.latitude) {
                                log("*** " & testcasename() & ": FAIL: Rectangle " & int2str(v_counter) & " is not normalized ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        if (f_vri) {
                            // current restrictions must be inside of the parent one
                            if (not f_isRectangularRegionsInside(v_vri.validity.region.region.rectangular_region, v_rects)) {
                                log("*** " & testcasename() & ": FAIL: Certificate validity restriction region is not inside the issuing one ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                    } else {
                        // Region validity restriction is not exist
                        if (f_vri) {
                            log("*** " & testcasename() & ": FAIL: Certificate validity restriction region must be set if thi restriction exists in the issuing certificate ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                } // End of 'for' statement
garciay's avatar
STF507 week#9:    
garciay committed
4820 
                // FIXME Check holes
garciay's avatar
STF507: Week #1    
garciay committed
4821
4822 
                log("*** " & testcasename() & ": PASS: All certificates has a valid rectangular region restrictions ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4823
4824
4825
4826 
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4827
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4828 
            } // End of testcase TC_SEC_ITSS_SND_CERT_04_02_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4829
4830 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4831
4832 
             * @desc Check that the polygonal certificate validity region contains at least three and no more than 12 points
             *       Check that the polygonal certificate validity region does not contain intersections and holes
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4833 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4834 
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4835 
             * Config Id: CF01
garciay's avatar
STF507: Week #1    
garciay committed
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate'
             *             containing certificate
             *                 containing validity_restrictions['region']
             *                 and containing region_type
             *                     indicating 'polygon'
             *                 and containing polygonal_region 
             *                     indicating length >=3 and <=12
             *                     and indicating continuous region without holes and intersections
             *   }
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4856 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4857 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_05_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4858 
             * @reference   ETSI TS 103 097 [1], clause 4.2.24
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4859 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4860 
            testcase TC_SEC_ITSS_SND_CERT_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
STF507: Week #1    
garciay committed
4861
4862
4863 
                var Certificate         v_cert;
                var ValidityRestriction v_vr;
                var integer             v_counter;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4864
garciay's avatar
STF507: Week #1    
garciay committed
4865 
                // Test control
garciay's avatar
STF507 week#9:    
garciay committed
4866
4867 
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4868
4869 
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4870
4871
4872 
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_D;
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4873
4874 
                f_cf01Up();
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4875
4876 
                // Test adapter configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4877
4878
4879
4880 
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
garciay's avatar
STF507: Week #1    
garciay committed
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902 
                // Test body
                tc_ac.start;
                f_waitForCertificate(v_cert);
                tc_ac.stop;
                if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { 
                    if (v_vr.validity.region.region_type == e_polygon) {
                        var PolygonalRegion v_pr := v_vr.validity.region.region.polygonal_region;
                        var integer v_length := lengthof(v_pr);
                        if (v_length < 3) {
                            log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        if (v_length > 12) {
                            log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        if (true != f_isValidPolygonalRegion(v_pr)) {
                            log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
STF507 week#9:    
garciay committed
4903 
                        // FIXME Check holes
garciay's avatar
STF507: Week #1    
garciay committed
4904
4905
4906
4907
4908
4909 
                    } else {
                        log("*** " & testcasename() & ": INCONC: Certificate has other region type ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc
                    }
                } else {
                    log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***");
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4910
4911
4912
4913
4914
4915 
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4916
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4917 
            } // End of testcase TC_SEC_ITSS_SND_CERT_05_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4918
4919 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4920
4921
4922 
             * @desc Check that the polygonal certificate validity region is inside the validity region of the issuing certificate
             *       Check that the issuing polygonal certificate validity region contains at least three and no more than 12 points 
             *       Check that the issuing polygonal certificate validity region does not contain intersections and holes
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4923 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4924 
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4925 
             * Config Id: CF01
garciay's avatar
STF507: Week #1    
garciay committed
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             and containing certificates
             *                 indicating length > 0
             *             and containing certificates [n] (0..n)
             *                 containing validity_restrictions['region']
             *                     containing region_type
             *                         indicating 'polygon'
             *                     and containing polygonal_region
             *                         indicating length >=3 and <=12
garciay's avatar
STF507 week#9:    
garciay committed
4945 
             *                         and indicating continuous region without holes and intersections
garciay's avatar
STF507: Week #1    
garciay committed
4946
4947
4948 
             *   }
             * }
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4949 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_05_02_BV
garciay's avatar
STF507: Week #1    
garciay committed
4950
4951 
             * @reference   ETSI TS 103 097 [1], clause 4.2.24
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4952 
            testcase TC_SEC_ITSS_SND_CERT_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
STF507: Week #1    
garciay committed
4953
4954
4955
4956
4957
4958 
                // Local declarations
                var CertificateChain    v_chain;
                var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown);  // current and issuing cert validity restrictions
                var boolean f_vr := false, f_vri := false;
                
                // Test control
garciay's avatar
STF507 week#9:    
garciay committed
4959
4960 
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4961
4962 
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4963
4964
4965 
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_D;
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4966
4967 
                f_cf01Up();
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4968
4969 
                // Test adapter configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4970
4971 
                // Preamble
                f_prNeighbour();
garciay's avatar
STF507: Week #1    
garciay committed
4972
4973
4974
4975
4976
4977
4978
4979 
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                } else {
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4980
4981 
                
                // Test Body
garciay's avatar
STF507: Week #1    
garciay committed
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000 
                f_vr := false;
                tc_ac.stop;
                for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
                    v_vri := v_vr;
                    f_vri := f_vr;
                    f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
                    if (f_vr) {
                        var PolygonalRegion v_pr;
                        var integer v_length;
                        
                        if (v_vr.validity.region.region_type != e_polygon) {
                            log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not polygonal ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        
                        v_pr := v_vr.validity.region.region.polygonal_region;
                        v_length := lengthof(v_pr);
                        
                        if (v_length < 3) {
For faster browsing, not all history is shown. View entire blame