Skip to content
GitLab
Switch branch/tag
Find file Normal viewHistoryPermalink
ItsSecurity_TestCases.ttcn3 1.39 MB
Newer Older
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4001
4002
4003
4004 
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4005 
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_06_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4006
4007
4008 
            
            group f_TC_SEC_ITSS_SND_GENMSG_05_xx {
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4009 
                function f_TC_SEC_ITSS_SND_GENMSG_05_BV(
garciay's avatar
STF507: Week #1    
garciay committed
4010 
                                                        in template (present) GeographicRegion p_region := ?
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037 
                ) runs on ItsGeoNetworking {
                    
                    // Local variables
                    var GeoNetworkingInd v_geoNwInd;
                    
                    tc_ac.start;
                    alt {
                        // GN message must contain generation location and the certificate with region restrictions  
                        [] geoNetworkingPort.receive(
                            mw_geoNwInd(
                                mw_geoNwSecPdu(
                                    mdw_securedMessage(
                                        superset(
                                            mw_header_field(e_generation_location),
                                            mw_header_field_signer_info_certificate(
                                                mw_certificate(
                                                    ?,
                                                    ?,
                                                    ?, 
                                                    superset(
                                                        mw_validity_restriction_region(
                                                            p_region
                        ))))))))) -> value v_geoNwInd {
                            var ValidityRestriction v_vr;
                            var HeaderField         v_hf;
                            
                            tc_ac.stop;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4038 
                            // Check that generation location
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4039
4040
4041
4042
4043
4044
4045 
                            if (
                                f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf) and 
                                f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr)
                            ) {
                                if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) {
                                    log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4046
4047
4048
4049
4050 
                                } else {
                                    log("v_vr.validity.region=", v_vr.validity.region);
                                    log("v_hf.headerField.generation_location=", v_hf.headerField.generation_location);
                                    log("*** " & testcasename() & ": FAIL: Invalid location");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094 
                                }
                            } else {
                                log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        // GN message doesn't contain generation location 
                        [] geoNetworkingPort.receive(
                            mw_geoNwInd(
                                mw_geoNwSecPdu(
                                    mdw_securedMessage_Others
                        ))) -> value v_geoNwInd {
                            var HeaderField v_hf;
                            
                            tc_ac.stop;
                            
                            // Check that generation location is not present
                            f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf);
                            if (not isbound(v_hf)) {
                                log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location header");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        // GN signing certificate doesn't contains region restriction 
                        [] geoNetworkingPort.receive(
                            mw_geoNwInd(
                                mw_geoNwSecPdu(
                                    mdw_securedMessage_Others(
                                        mw_header_field_signer_info_certificate(
                                            mw_certificate(
                                                ?,
                                                ?,
                                                ?, 
                                                { } // GN signing certificate doesn't contains region restriction
                        )))))) {
                            tc_ac.stop;
                            log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        [] tc_ac.timeout {
                            log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                        }
                    } // End of 'alt' statement
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4095 
                } // End of function f_TC_SEC_ITSS_SND_GENMSG_05_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4096
4097
4098
4099 
                
            } // End of group f_TC_SEC_ITSS_SND_GENMSG_05_xx
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4100 
             * @desc        Check that the secured message contains of type signed, signed_external or signed_and_encrypted
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4101 
             * <pre>
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4102 
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113 
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             * }
             * Expected results:
             * ensure that {
             *     when {
             *         the IUT is requested to send a Beacon
             *     } then {
             *         the IUT sends a SecuredMessage {
garciay's avatar
STF507: Week #1    
garciay committed
4114
4115
4116 
             *             containing payload_fields
             *                 containing exactly one element of type Payload
             *                     containing type
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4117 
             *                         indicating 'signed' or 'signed_external' or 'signed_and_encrypted'
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4118
4119 
             * }
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4120 
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_06_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4121 
             * @reference    ETSI TS 103 097 [1], clause 7.3
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4122 
             */
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4123 
            testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4124
4125
4126
4127 
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4128
4129
4130
4131
4132
4133 
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4134
4135
4136
4137
4138
4139
4140
4141
4142 
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4143 
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167 
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
                                    mw_payload(
                                        e_signed
                                    ) 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        log("*** " & testcasename() & ": PASS: Beacon payload is 'signed'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?,
garciay's avatar
STF507: Week #1    
garciay committed
4168
4169
4170 
                                    mw_payload(
                                        e_signed_external
                                    )
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4171
4172
4173
4174 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) {
garciay's avatar
STF507: Week #1    
garciay committed
4175
4176 
                        log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_external'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4177
4178
4179
4180
4181
4182
4183 
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
                                    mw_payload(
garciay's avatar
STF507: Week #1    
garciay committed
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198 
                                        e_signed_and_encrypted
                                    ) 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_and_encrypted'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
                                    mw_payload
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4199
4200
4201
4202 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) {
garciay's avatar
STF507: Week #1    
garciay committed
4203 
                        log("*** " & testcasename() & ": FAIL: Beacon payload is not signed, signed_external or signed_and_encrypted");
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215 
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected Message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4216 
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4217
4218 
            
            /**
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4219
4220
4221 
             * @desc   Check that the secured GN Message contains only one TrailerField of type signature ;
             *         Check that the signature contained in the SecuredMessage is calculated over the right fields by 
             *         cryptographically verifying the signature
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4222 
             * <pre>
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4223 
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4224
4225
4226
4227
4228
4229
4230
4231
4232 
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send Beacon
             *   } then {
garciay's avatar
STF507: Week #1    
garciay committed
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242 
             *     the IUT sends a SecuredMessage
             *         containing header_fields ['signer_info']
             *             containing signer
             *                 containing type
             *                     indicating 'certificate'
             *             and containing certificate
             *                 indicating CERT
             *         and containing trailer_fields['signature']
             *             containing signature
             *                 verifiable using CERT.subject_attributes['verification_key']
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4243
4244
4245 
             *   }
             * }
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4246 
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_07_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4247 
             * @reference    ETSI TS 103 097 [1], clause 7.3
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4248 
             */
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4249 
            testcase TC_SEC_ITSS_SND_GENMSG_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4250
4251
4252
4253
4254
4255 
                
                //  Local variables
                var LongPosVector v_longPosVectorIut;
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4256
4257
4258
4259
4260
4261 
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
garciay's avatar
STF507: Week #7    
garciay committed
4262 
                // Test component configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4263
4264
4265 
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4266
4267 
                // Test adapter configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311 
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: Beacon message with certificate received ***");
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        
                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) {
                            log("*** " & testcasename() & ": FAIL: Beacon received with invalide signature");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others
                    ))) { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: Beacon message without certificate received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected GN Message not received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                log("*** " & testcasename() & ": PASS: GN Message received with correct signature");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
filatov's avatar
fix 0007231 : Align TC ID and TP ID, Integrate comments from C2C    
filatov committed
4312 
            } // End of testcase TC_SEC_ITSS_SND_DENM_07_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4313
garciay's avatar
STF507: Week #1    
garciay committed
4314 
        } // End of group sendOtherProfile
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4315
garciay's avatar
STF507: Week #1    
garciay committed
4316
4317
4318
4319
4320 
        /**
         * @desc Sending behaviour test cases for certificates profile
         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7 Profiles for certificates
         */
        group sendCertificatesProfile {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4321
4322 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4323 
             * @desc    Check that AT certificate has version 2
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4324 
             * <pre>
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4325 
             * Pics Selection: PICS_GN_SECURITY
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4326
4327 
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
STF507: Week #1    
garciay committed
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating certificate
             *             containing certificate
             *                 containing version
             *                     indicating '2'
             *   }
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4346 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4347 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_01_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4348 
             * @reference   ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4349 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4350 
            testcase TC_SEC_ITSS_SND_CERT_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4351 
                // Local variables
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4352
garciay's avatar
STF507: Week #1    
garciay committed
4353 
                // Test control
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4354
4355
4356
4357 
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4358
garciay's avatar
STF507: Week #1    
garciay committed
4359 
                // Test component configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4360 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4361
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4362 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4363
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4364
4365
4366
4367
4368 
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
STF507: Week #1    
garciay committed
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399 
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_certificate(
                    ))))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AT Certificate version set to " & int2char(c_certificate_version) & " ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            ?
                    )))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: AT Certificate version mismatch ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4400
4401
4402
4403 
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4404 
            } // End of testcase TC_SEC_ITSS_SND_CERT_01_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4405
4406 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4407 
             * @desc    Check that AA certificate has version 2
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4408 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4409 
             * Pics Selection: PICS_GN_SECURITY
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4410
4411 
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
STF507: Week #1    
garciay committed
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423 
             * with {
             *   the IUT being in the 'authorized' state
             *      the IUT being requested to include certificate chain in the next CAM
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
garciay's avatar
STF507: Week #6    
garciay committed
4424 
             *                 indicating 'certificate_chain'
garciay's avatar
STF507: Week #1    
garciay committed
4425
4426
4427
4428
4429
4430
4431 
             *             and containing certificates
             *                 indicating length > 0
             *                 and containing certificates[n] (0..N)
             *                     containing version
             *                         indicating '2'
             *   }
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4432 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4433 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_01_02_BV
garciay's avatar
STF507: Week #1    
garciay committed
4434 
             * @reference   ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4435 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4436 
            testcase TC_SEC_ITSS_SND_CERT_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4437 
                // Local variables
garciay's avatar
STF507: Week #1    
garciay committed
4438
4439
4440
4441 
                var SecuredMessage v_recv;
                var Certificate v_cert;
                var SignerInfo v_si;
                var HashedId8 v_digest;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4442
garciay's avatar
STF507: Week #1    
garciay committed
4443 
                // Test control
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4444
4445
4446
4447 
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4448
4449 
                    
                // Test component configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4450 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4451
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4452 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4453
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4454
4455
4456 
                // Preamble
                f_prNeighbour();
garciay's avatar
STF507: Week #1    
garciay committed
4457
4458
4459
4460
4461
4462
4463 
                // Wait for the message with the certificate to retrieve the AA digest.
                // Ask for the chain, containing AT and AA certificate
                // Check AA Certificate
                log("*** " & testcasename() & ": INFO: Wait for certificate and ask for certificate chain  ***");
                tc_ac.start;
                f_askForCertificateChain(f_generateDefaultCam());
                tc_ac.stop;
garciay's avatar
STF507: Bug fixed in mw_secCamPayload    
garciay committed
4464 
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4465
garciay's avatar
STF507: Week #1    
garciay committed
4466
4467
4468
4469
4470
4471
4472
4473 
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
garciay's avatar
STF507: Bug fixed in mw_secCamPayload    
garciay committed
4474
4475
4476
4477 
                                        mw_header_field_signer_info_certificate_chain(
                                            superset(
                                                mw_aa_certificate
                    ))))))) {
garciay's avatar
STF507: Week #1    
garciay committed
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AA certificate version set to " & int2char(c_certificate_version) & " ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate_chain
                    ))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: AA certificate version mismatch or no AA cert received***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4498
4499
4500
4501 
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4502
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4503 
            } // End of testcase TC_SEC_ITSS_SND_CERT_01_02_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4504
4505 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4506
4507
4508 
             * @desc    Check that the references in the certificate chain are valid
             *          Check that signer_info type of all certificates in the chain are 'certificate_digest_with_sha256', 
             *          'certificate_digest_with_other_algorithm' or 'self'
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4509 
             * <pre>
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4510 
             * Pics Selection: PICS_GN_SECURITY
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4511
4512 
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
STF507: Week #1    
garciay committed
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
garciay's avatar
STF507: Week #6    
garciay committed
4523 
             *                 indicating 'certificate_chain'
garciay's avatar
STF507: Week #1    
garciay committed
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543 
             *             and containing certificates
             *                 indicating length > 0
             *             and containing certificates[0]
             *                 containing signer_info
             *                     containing type
             *                         indicating 'certificate_digest_with_sha256'
             *                         or indicating 'certificate_digest_with_other_algorythm'
             *                     and containing digest
             *                         referenced to the trusted certificate
             *                 or containing signer_info
             *                     containing type
             *                         indicating 'self'
             *             and containing certificates[n] (1..N)
             *                 containing signer_info
             *                     containing type
             *                         indicating 'certificate_digest_with_sha256'
             *                         or indicating 'certificate_digest_with_other_algorythm'
             *                     and containing digest
             *                         referenced to the certificates[n-1]
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4544 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4545 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_02_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4546 
             * @reference   ETSI TS 103 097 [1], clause 4.2.10, 6.1 and 7.4.1
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4547 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4548 
            testcase TC_SEC_ITSS_SND_CERT_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
STF507: Week #1    
garciay committed
4549
4550
4551
4552 
                // Local declarations
                var CertificateChain v_chain;
                var SignerInfo v_si;
                var HashedId8 v_digest;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4553
garciay's avatar
STF507: Week #1    
garciay committed
4554 
                // Test control
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4555
4556
4557
4558 
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
STF507 week#9:    
garciay committed
4559
garciay's avatar
STF507: Week #1    
garciay committed
4560 
                // Test component configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4561 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4562
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4563 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4564
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4565
4566
4567
4568 
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
garciay's avatar
STF507: Week #1    
garciay committed
4569
4570
4571
4572
4573 
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4574 
                }
garciay's avatar
STF507: Week #1    
garciay committed
4575
4576
4577
4578
4579
4580
4581
4582 
                tc_ac.stop;
                
                // Test Body
                for (var integer v_counter := lengthof(v_chain) - 1; v_counter > 1; v_counter := v_counter - 1) { // Loop on []N-1..1]
                    if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) {
                        log("*** " & testcasename() & ": FAIL: Certificate[ " & int2str(v_counter) & "] doesn't contain signer info ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
garciay's avatar
WeekSTF507: Week #3    
garciay committed
4583 
                    if (not match(v_si.type_, e_certificate_digest_with_sha256) and not match(v_si.type_, e_certificate_digest_with_other_algorithm)) {
garciay's avatar
STF507: Week #1    
garciay committed
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598 
                        log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    // signer_info.type indicates 'certificate_digest_with_sha256' or 'certificate_digest_with_other_algorythm'
                    
                    v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]);
                    if (not match (v_si.signerInfo.digest, v_digest)) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                } // End of 'for' statement
                // Process certificate[0]
                if (not f_getCertificateSignerInfo(v_chain[0], v_si)) {
                    log("*** " & testcasename() & ": FAIL: Certificate[0] doesn't contain signer info ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4599 
                }
garciay's avatar
STF507: Week #1    
garciay committed
4600
4601
4602 
                // Process certificate[0]
                if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
                    log("*** " & testcasename() & ": FAIL: Certificate[0] is not signed with digest ***");
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4603
4604 
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
garciay's avatar
STF507: Week #1    
garciay committed
4605
4606
4607
4608 
                // signer_info.type indicates 'certificate_digest_with_sha256' only
                log("*** " & testcasename() & ": PASS: Certificate chain is well signed ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4609
4610
4611 
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4612
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4613 
            } // End of testcase TC_SEC_ITSS_SND_CERT_02_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4614
4615 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4616
4617
4618
4619 
             * @desc Check that the rectangular region validity restriction of the message signing certificate 
             *       contains not more than six valid rectangles; 
             *       Check that the rectangular region validity restriction of the message signing certificate is 
             *       continuous and does not contain any holes
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4620 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4621 
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4622 
             * Config Id: CF01
garciay's avatar
STF507: Week #1    
garciay committed
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate'
             *             containing certificate
             *                 containing validity_restrictions['region']
             *                     containing region_type
             *                         indicating 'rectangle'
             *                     and containing rectangular_region
             *                         indicating length <= 6
             *                         and containing elements of type RectangularRegion
             *                             indicating continuous region without holes
             *                             and containing northwest and southeast
             *                                 indicating northwest is on the north from southeast
             *   }
             * }
             * @remark Certificate: cc_taCert_C
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4647 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4648 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_04_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4649 
             * @reference   ETSI TS 103 097 [1], clauses 4.2.20 and 4.2.23
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4650 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4651 
            testcase TC_SEC_ITSS_SND_CERT_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4652 
                // Local variables
garciay's avatar
STF507: Week #1    
garciay committed
4653
4654
4655 
                var Certificate         v_cert;
                var ValidityRestriction v_vr;
                var integer             v_counter;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4656
garciay's avatar
STF507: Week #1    
garciay committed
4657 
                // Test control
garciay's avatar
STF507 week#9:    
garciay committed
4658
4659 
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4660
4661 
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4662
4663
4664 
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_C;
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4665 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4666
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4667 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4668
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4669
4670
4671
4672 
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
garciay's avatar
STF507: Week #1    
garciay committed
4673
4674 
                // Test body
                tc_ac.start;
garciay's avatar
STF507 week#11: Enforce f_waitForCertificate    
garciay committed
4675
4676
4677
4678 
                if (not f_waitForCertificate(v_cert)) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
garciay's avatar
STF507: Week #1    
garciay committed
4679
4680
4681
4682
4683 
                tc_ac.stop;
                if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) {
                    if (v_vr.validity.region.region_type == e_rectangle) {
                        var RectangularRegions v_rects := v_vr.validity.region.region.rectangular_region;
                        if (lengthof(v_rects) > 6) {
garciay's avatar
STF507: Bug fixed in mw_secCamPayload    
garciay committed
4684 
                            log("*** " & testcasename() & ": FAIL: Rectangular regions count is greather than 6 ***");
garciay's avatar
STF507: Week #1    
garciay committed
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705 
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        for (v_counter := 0; v_counter<lengthof(v_rects); v_counter := v_counter + 1) {
                            var RectangularRegion v_rect := v_rects[v_counter];
                            if (true != f_isValidTwoDLocation(v_rect.northwest)) {
                                log("*** " & testcasename() & ": FAIL: Northwest location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (true != f_isValidTwoDLocation(v_rect.southeast)) {
                                log("*** " & testcasename() & ": FAIL: Southeast location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            // Check normality of the rectangle
                            if (v_rect.northwest.latitude < v_rect.southeast.latitude) {
                                log("*** " & testcasename() & ": FAIL: Rectangular region " & int2str(v_counter) & " is not normalized ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        } // End of 'for' statement
                        
                        // Check for continuous rectangles
                        if (lengthof(v_rects) > 1) {
garciay's avatar
STF507: Bug fixed in mw_secCamPayload    
garciay committed
4706 
                            if (true !=  f_isContinuousRectangularRegions(v_rects)) { // FIXME Not implemented
garciay's avatar
STF507: Week #1    
garciay committed
4707
4708 
                                log("*** " & testcasename() & ": FAIL: Rectangular regions are not connected all together ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
garciay's avatar
STF507: Bug fixed in mw_secCamPayload    
garciay committed
4709
4710
4711 
                            } else {
                                log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
STF507: Week #1    
garciay committed
4712
4713
4714
4715
4716
4717
4718
4719 
                            }
                        }
                    } else {
                        log("*** " & testcasename() & ": INCONC: Certificate has other region type ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc
                    }
                } else {
                    log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***");
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4720
4721
4722
4723
4724
4725 
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4726
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4727 
            } // End of testcase TC_SEC_ITSS_SND_CERT_04_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4728
4729 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4730
4731
4732
4733
4734
4735 
             * @desc Check that the rectangular region validity restriction of all certificates contains not more than 
             *       six valid rectangles; 
             *       Check that the rectangular region validity restriction of the AT certificate is continuous and 
             *       does not contain any holes 
             *       Check that the rectangular certificate validity region of the subordinate certificate is well formed and 
             *       inside the validity region of the issuing certificate
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4736 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4737 
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4738 
             * Config Id: CF01
garciay's avatar
STF507: Week #1    
garciay committed
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757 
             * with {
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *   when {
             *     the IUT is requested to send a CAM
             * } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             containing certificates
             *                indicating length N > 0
             *                and containing certificates [n] 0..n
             *                    containing validity_restrictions['region']
             *                        containing region_type
             *                            indicating 'rectangle'
             *                        and containing rectangular_region
             *                            indicating length <= 6
garciay's avatar
STF507 week#9:    
garciay committed
4758
4759
4760
4761 
             *                            and containing elements of type RectangularRegion
             *                                containing northwest and southeast
             *                                    indicating northwest  on the north from southeast
             *                                and indicating continuous region without holes
garciay's avatar
STF507: Week #1    
garciay committed
4762
4763 
             *    }
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4764 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4765 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_04_02_BV
garciay's avatar
STF507: Week #1    
garciay committed
4766 
             * @reference   ETSI TS 103 097 [1], clauses 4.2.20 and 4.2.23
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4767 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4768 
            testcase TC_SEC_ITSS_SND_CERT_04_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4769 
                // Local variables
garciay's avatar
STF507: Week #1    
garciay committed
4770
4771 
                var CertificateChain    v_chain;
                var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown);  // current and issuing cert validity restrictions
garciay's avatar
STF507 week#9:    
garciay committed
4772 
                var boolean             f_vr := false, f_vri := false;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4773
garciay's avatar
STF507: Week #1    
garciay committed
4774 
                // Test control
garciay's avatar
STF507 week#9:    
garciay committed
4775
4776 
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4777
4778 
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4779
4780
4781 
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_C;
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4782 
                f_cf01Up();
garciay's avatar
STF507: Week #1    
garciay committed
4783
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4784 
                // Test adapter configuration
garciay's avatar
STF507: Week #1    
garciay committed
4785
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4786
4787 
                // Preamble
                f_prNeighbour();
garciay's avatar
STF507: Week #1    
garciay committed
4788
4789
4790
4791
4792
4793
4794
4795 
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                } else {
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4796
4797 
                
                // Test Body
garciay's avatar
STF507: Week #1    
garciay committed
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812 
                tc_ac.stop;
                for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
                    v_vri := v_vr;
                    f_vri := f_vr;
                    f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
                    log("v_chain[v_counter]=", v_chain[v_counter]);
                    if (f_vr) {
                        var RectangularRegions v_rects;
                        if (v_vr.validity.region.region_type != e_rectangle) {
                            log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not rectangular ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        v_rects := v_vr.validity.region.region.rectangular_region;
                        log("v_rects=", v_rects);
                        if (lengthof(v_rects) > 6) {
garciay's avatar
STF507: Bug fixed in mw_secCamPayload    
garciay committed
4813 
                            log("*** " & testcasename() & ": FAIL: Rectangular regions count is greather than 6 ***");
garciay's avatar
STF507: Week #1    
garciay committed
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846 
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        for (var integer j:=0; j<lengthof(v_rects); j:=j + 1) {
                            var RectangularRegion v_rect := v_rects[j];
                            if (true != f_isValidTwoDLocation(v_rect.northwest)) {
                                log("*** " & testcasename() & ": FAIL: Northwest location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (true != f_isValidTwoDLocation(v_rect.southeast)) {
                                log("*** " & testcasename() & ": FAIL: Southeast location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            // Check normality of the rectangle
                            if (v_rect.northwest.latitude < v_rect.southeast.latitude) {
                                log("*** " & testcasename() & ": FAIL: Rectangle " & int2str(v_counter) & " is not normalized ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        if (f_vri) {
                            // current restrictions must be inside of the parent one
                            if (not f_isRectangularRegionsInside(v_vri.validity.region.region.rectangular_region, v_rects)) {
                                log("*** " & testcasename() & ": FAIL: Certificate validity restriction region is not inside the issuing one ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                    } else {
                        // Region validity restriction is not exist
                        if (f_vri) {
                            log("*** " & testcasename() & ": FAIL: Certificate validity restriction region must be set if thi restriction exists in the issuing certificate ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                } // End of 'for' statement
garciay's avatar
STF507 week#9:    
garciay committed
4847 
                // FIXME Check holes
garciay's avatar
STF507: Week #1    
garciay committed
4848
4849 
                log("*** " & testcasename() & ": PASS: All certificates has a valid rectangular region restrictions ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4850
4851
4852
4853 
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4854
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4855 
            } // End of testcase TC_SEC_ITSS_SND_CERT_04_02_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4856
4857 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4858
4859 
             * @desc Check that the polygonal certificate validity region contains at least three and no more than 12 points
             *       Check that the polygonal certificate validity region does not contain intersections and holes
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4860 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4861 
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4862 
             * Config Id: CF01
garciay's avatar
STF507: Week #1    
garciay committed
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate'
             *             containing certificate
             *                 containing validity_restrictions['region']
             *                 and containing region_type
             *                     indicating 'polygon'
             *                 and containing polygonal_region 
             *                     indicating length >=3 and <=12
             *                     and indicating continuous region without holes and intersections
             *   }
             * }
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4883 
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4884 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_05_01_BV
garciay's avatar
STF507: Week #1    
garciay committed
4885 
             * @reference   ETSI TS 103 097 [1], clause 4.2.24
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4886 
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4887 
            testcase TC_SEC_ITSS_SND_CERT_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
STF507: Week #1    
garciay committed
4888
4889
4890 
                var Certificate         v_cert;
                var ValidityRestriction v_vr;
                var integer             v_counter;
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4891
garciay's avatar
STF507: Week #1    
garciay committed
4892 
                // Test control
garciay's avatar
STF507 week#9:    
garciay committed
4893
4894 
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4895
4896 
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4897
4898
4899 
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_D;
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4900
4901 
                f_cf01Up();
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4902
4903 
                // Test adapter configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4904
4905
4906
4907 
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
garciay's avatar
STF507: Week #1    
garciay committed
4908
4909 
                // Test body
                tc_ac.start;
garciay's avatar
STF507 week#11: Enforce f_waitForCertificate    
garciay committed
4910
4911
4912
4913 
                if (not f_waitForCertificate(v_cert)) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
garciay's avatar
STF507: Week #1    
garciay committed
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932 
                tc_ac.stop;
                if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { 
                    if (v_vr.validity.region.region_type == e_polygon) {
                        var PolygonalRegion v_pr := v_vr.validity.region.region.polygonal_region;
                        var integer v_length := lengthof(v_pr);
                        if (v_length < 3) {
                            log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        if (v_length > 12) {
                            log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        if (true != f_isValidPolygonalRegion(v_pr)) {
                            log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
STF507 week#9:    
garciay committed
4933 
                        // FIXME Check holes
garciay's avatar
STF507: Week #1    
garciay committed
4934
4935
4936
4937
4938
4939 
                    } else {
                        log("*** " & testcasename() & ": INCONC: Certificate has other region type ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc
                    }
                } else {
                    log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***");
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4940
4941
4942
4943
4944
4945 
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
STF507: Week #1    
garciay committed
4946
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4947 
            } // End of testcase TC_SEC_ITSS_SND_CERT_05_01_BV
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4948
4949 
            
            /**
garciay's avatar
STF507: Week #1    
garciay committed
4950
4951
4952 
             * @desc Check that the polygonal certificate validity region is inside the validity region of the issuing certificate
             *       Check that the issuing polygonal certificate validity region contains at least three and no more than 12 points 
             *       Check that the issuing polygonal certificate validity region does not contain intersections and holes
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4953 
             * <pre>
garciay's avatar
STF507 week#9:    
garciay committed
4954 
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4955 
             * Config Id: CF01
garciay's avatar
STF507: Week #1    
garciay committed
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974 
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             and containing certificates
             *                 indicating length > 0
             *             and containing certificates [n] (0..n)
             *                 containing validity_restrictions['region']
             *                     containing region_type
             *                         indicating 'polygon'
             *                     and containing polygonal_region
             *                         indicating length >=3 and <=12
garciay's avatar
STF507 week#9:    
garciay committed
4975 
             *                         and indicating continuous region without holes and intersections
garciay's avatar
STF507: Week #1    
garciay committed
4976
4977
4978 
             *   }
             * }
             * </pre>
garciay's avatar
STF507 week#9:    
garciay committed
4979 
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_05_02_BV
garciay's avatar
STF507: Week #1    
garciay committed
4980
4981 
             * @reference   ETSI TS 103 097 [1], clause 4.2.24
             */
garciay's avatar
WeekSTF507: Week #6    
garciay committed
4982 
            testcase TC_SEC_ITSS_SND_CERT_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
STF507: Week #1    
garciay committed
4983
4984
4985
4986
4987
4988 
                // Local declarations
                var CertificateChain    v_chain;
                var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown);  // current and issuing cert validity restrictions
                var boolean f_vr := false, f_vri := false;
                
                // Test control
garciay's avatar
STF507 week#9:    
garciay committed
4989
4990 
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4991
4992 
                    stop;
                }
garciay's avatar
STF507: Week #1    
garciay committed
4993
4994
4995 
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_D;
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
4996
4997 
                f_cf01Up();
mullers's avatar
Merged revision(s) 1925-2226 from branches/STF484_VALIDATION    
mullers committed
4998
4999 
                // Test adapter configuration
berge's avatar
Merged branches/Security/ttcn (r1471-1819) to trunk.  
berge committed
5000 
                // Preamble
For faster browsing, not all history is shown. View entire blame