Newer
Older
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
// Send secured message from unknown ITS-S
geoNetworkingPort.clear;
f_sendSecuredCam(cc_taCert_F, omit, e_certificate_digest_with_sha256);
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
}
// Test Body
t_maxTransInterval.start;
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
tc_ac.stop;
t_maxTransInterval.stop;
log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
repeat;
}
[] t_maxTransInterval.timeout {
log("*** " & testcasename() & ": FAIL: CAM was transmited w/o unrecognized request header ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_06_01_BV
/**
* @desc Check that IUT restart the certificate sending timer when the certificate has been sent
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more then one CAM per second
* and the IUT having already sent CAM at TIME_1
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* and the IUT having received a CAM at TIME_2 (TIME_1 +0.3sec)
* containing header_fields['request_unrecognized_certificate']
* containing digests
* containing HashedId3 value
* referencing to the the IUT certificate
* and the IUT having sent CAM at TIME_3 (TIME_3 > TIME_2)
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* }
* ensure that {
* when {
* the IUT is sending the next CAM at TIME_4
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* } then {
* the difference between TIME_4 and TIME_3 is about of 1sec
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_CAM_07a_01_TI
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_SND_CAM_07_01_TI() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const float c_certificateGenerationTime := 1.0;
timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
var ItsCam v_component;
var boolean v_firstCertReceived := false;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
v_component := f_setCamFrequencyGreatherThan1Hz();
[v_firstCertReceived == false] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
log("*** " & testcasename() & ": INFO: Initial conditions: The first CAM with certificate is received ***");
v_firstCertReceived := true;
f_sleep(0.3);
// Send secured message with request for unrecognized certificate
f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerInfo);
{
m_header_field_unrecognised_certificate(
f_HashedId3FromHashedId8(
f_calculateDigestFromCertificate(
v_signerInfo.signerInfo.certificate
)
},
e_certificate_digest_with_sha256
);
repeat;
}
[v_firstCertReceived == true] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
tc_ac.stop;
// start a timeout of one second to check
// that the next cert will be received after this timeout
t_maxTransInterval.start;
log("*** " & testcasename() & ": INFO: Initial conditions: The requested CAM with certificate is received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
tc_ac.stop;
t_maxTransInterval.stop;
log("*** " & testcasename() & ": FAIL: CAM certificate inclusion time wasn't restarted ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***");
[] t_maxTransInterval.timeout {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: The CAM certificate inclusion timer has been restarted ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_07_01_TI
* @desc Check that the IUT sends the Secured CAM containing the signer_info of type certificate
* when it received a CAM containing a request of unrecognized certificate that matches
* with the currently used AT certificate ID of the IUT
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more than one CAM per second
* and the IUT having already sent CAM at TIME_1
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* and the IUT having received a SecuredMessage at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
* containing header_fields['request_unrecognized_certificate']
* containing digests {
* containing HashedId3 value
* referencing to the AT certificate
* and not containing HashedId3 value
* referencing to the AA certificate
* }
* }
* ensure that {
* when {
* the IUT is requested to send a CAM at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
* the IUT sends a SecuredMessage
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate
* referenced by the requested digest
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_CAM_08_01_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_SND_CAM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const float c_certificateGenerationTime := 1.0;
timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
var GeoNetworkingInd v_geoNwInd;
var ItsCam v_component;
var SignerInfo v_si;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
geoNetworkingPort.clear;
v_component := f_setCamFrequencyGreatherThan1Hz();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
t_maxTransInterval.start;
f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
// Send secured message with request for unrecognized certificate
f_sendSecuredCam(
m_header_field_unrecognised_certificate( // containing digests
f_HashedId3FromHashedId8( // containing HashedId3 value
f_calculateDigestFromCertificate(
v_si.signerInfo.certificate // referencing to the AT certificate
)
)
// and not containing HashedId3 value referencing to the AA certificate
)
},
e_certificate
);
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate(
v_si.signerInfo.certificate
)
t_maxTransInterval.stop;
log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***");
repeat;
}
[] t_maxTransInterval.timeout {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Requested certificate was not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_08_01_BV
* @desc Check that the sent secured CAM contains the signer_info of type certificate_chain
* when the ITS-S has received a CAM containing a request of unrecognized certificate that matches
* with the AA certificate ID that issued its currently used AT certificate ID of the IUT
* Pics Selection: PICS_GN_SECURITY
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more than one CAM per second
* and the IUT having already sent a CAM
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* at TIME_1
* and the IUT having received a SecuredMessage
* containing header_fields['request_unrecognized_certificate'] {
* containing digests {
* containing HashedId3 value
* referencing to the AA certificate
* }
* }
* at TIME_2 (TIME_1 < TIME_2 < TIME_1+ 1sec)
* }
* ensure that {
* when {
* the IUT is requested to send a CAM
* at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+ 1sec)
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate_chain'
* containing certificates[last]
* indicating the AT certificate
* containing certificates[last-1]
* indicating the AA certificate
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_CAM_09_01_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_SND_CAM_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const float c_certificateGenerationTime := 1.0;
timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
var GeoNetworkingInd v_geoNwInd;
var ItsCam v_component;
var SignerInfo v_si;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
geoNetworkingPort.clear;
v_component := f_setCamFrequencyGreatherThan1Hz();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
t_maxTransInterval.start;
f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
f_getCertificateSignerInfo(v_si.signerInfo.certificate, v_si);
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
// Send secured message with request for unrecognized certificate
f_sendSecuredCam(
{
m_header_field_unrecognised_certificate( // containing digests
f_HashedId3FromHashedId8( // containing HashedId3 value
v_si.signerInfo.digest // referencing to the AA certificate
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
)
)
});
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate_chain
)))) -> value v_geoNwInd {
var SignerInfo v_signerInfo;
var CertificateChain v_certificates;
var integer v_certificateChainLength;
t_maxTransInterval.stop;
// Extract certificate chain
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
v_certificates := v_signerInfo.signerInfo.certificates;
v_certificateChainLength := lengthof(v_certificates);
if (v_certificateChainLength >= 2) { // Check length
if ( // Check Content
not(
(v_certificates[0].subject_info.subject_type == e_authorization_authority) and
// Check the certificate chain contains certificates[last] indicating the AT certificate
(v_certificates[1].subject_info.subject_type == e_authorization_ticket)
// Check the certificate chain contains certificates[last-1] indicating the AA certificate
)) {
log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successful ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content length ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***");
repeat;
}
[] t_maxTransInterval.timeout {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_09_01_BV
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
/**
* @desc Check that the sent secured CAM contains exactly one HeaderField generation_time which is inside
* the validity time of the certificate referenced by the signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* }
* ensure that {
* when {
* the IUT is requested to send CAM
* } then {
* the IUT sends a SecuredMessage {
* containing security_profile
* indicating '1'
* containing header_fields ['generation_time'] {
* containing generation_time
* indicating TIME_1 (CUR_TIME - 5min <= TIME_1 <= CUR_TIME + 5min)
* }
* containing header_fields ['signer_info'] {
* containing signer {
* containing type
* indicating 'certificate'
* containing certificate {
* not containing validity_restrictions['time_start_and_end']
* or containing validity_restrictions['time_start_and_end'] {
* containing start_validity
* indicating value <= TIME_1
* containing end_validity
* indicating value > TIME_1
* }
* }
* }
* }
* containing its_aid
* indicating 'AID_CAM'
* }
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_CAM_10_01_BV
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.1
*/
testcase TC_SEC_ITSS_SND_CAM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_timeThreshold := 1000 * 60; /** Time threshold in milliseconds */
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
var Certificate v_certificate;
var HeaderField v_headerField;
var Time64 v_generationTime;
var ValidityRestriction v_validity;
var integer v_currentTime, v_lowerBound, v_upperBound;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_generation_time,
mw_header_field_signer_info_certificate,
mw_header_field_its_aid_CAM
))))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: CAM transmission with certificate ***");
v_currentTime := f_getCurrentTime();
log("v_currentTime (us)=", v_currentTime * 1000);
v_lowerBound := (v_currentTime - c_timeThreshold) * 1000;
v_upperBound := (v_currentTime + c_timeThreshold) * 1000;
// Extract generation_time
f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField);
v_generationTime := v_headerField.headerField.generation_time;
// Extract certificate
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
v_certificate := v_signerInfo.signerInfo.certificate;
// Check current time
if (match(v_generationTime, (v_lowerBound .. v_upperBound))) {
log("*** " & testcasename() & ": PASS: Generation time matches current time ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Generation time does not match current time " & int2str(v_currentTime) & " . ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check generation_time validity
if (
not(f_getCertificateValidityRestriction(v_certificate, e_time_start_and_end, v_validity)) or
(v_generationTime >= (v_validity.validity.time_start_and_end.start_validity * 1000000) and
(v_generationTime < (v_validity.validity.time_start_and_end.end_validity * 1000000)))
) {
log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log ("start_validity (in us)=", v_validity.validity.time_start_and_end.start_validity * 1000000);
log ("end_validity (in us) =", v_validity.validity.time_start_and_end.end_validity * 1000000);
log("*** " & testcasename() & ": FAIL: Generation time not within certificate validity ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***");
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_10_01_BV
* @desc Check that the IUT sends certificate request when it receives a message from unknown station
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT has receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_digest_with_sha256'
* containing digest
* indicating HashedId3 value DIGEST_A
* referenced to unknown certificate
* }
* ensure that {
* when {
* the IUT is requested to send CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['request_unrecognized_certificate']
* containing digests
* containing HashedId3 value
* indicating DIGEST_A
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_CAM_12_01_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_SND_CAM_12_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var HashedId8 v_expectedHashedId8;
var HashedId3 v_expectedHashedId3;
var GeoNetworkingPdu v_securedGnPduToBeSent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Send secured message from unknown ITS-S
// Test component configuration
// Test adapter configuration
// Preamble
f_prNeighbour();
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
f_getCertificateDigest(
cc_taCert_F,
v_expectedHashedId8
);
v_expectedHashedId3 := f_HashedId3FromHashedId8(v_expectedHashedId8);
// preamble: waiting for CAM with certificate and send a CAM with unknown digest right after that
v_securedGnPduToBeSent := f_prepareSecuredCam(cc_taCert_F);
geoNetworkingPort.clear;
tc_ac.start;
alt {
[] geoNetworkingPort.receive
{
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPduToBeSent));
tc_ac.stop;
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of preamble 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_request_unrecognized_certificate(
{ v_expectedHashedId3 }
))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: CAM received with request for unrecognized certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
log("*** " & testcasename() & ": FAIL: CAM received without request for unrecognized certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_12_01_BV
* @desc Check that the Secured CAM contains non-empty payload of type signed
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* containing payload_field
* containing type
* indicating 'signed'
* containing not-empty data
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_CAM_14_01_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_SND_CAM_14_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Test adapter configuration
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
?,
mw_payload(
e_signed
))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: CAM received with exactly 1 signed payload");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_14_01_BV
/**
* @desc Check that the secured CAM contains only one TrailerField of type signature.
* Check that the signature contained in the SecuredMessage is calculated over the right fields by
* cryptographically verifying the signature.
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields ['signer_info']
* containing signer
* containing type
* indicating 'certificate_digest_with_sha256'
* containing digest
* referenced to the certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* containing type
* indicating 'certificate'
* containing certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.2 TP_SEC_ITSS_SND_CAM_16_01_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_SND_CAM_16_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_nbVerification := 3;
var integer v_nbVerification := 0;
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
var Certificate v_certificate;
var boolean v_certificateReceived := false;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Test adapter configuration
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: CAM message with certificate received ***");
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
v_certificate := v_signerInfo.signerInfo.certificate;
v_certificateReceived := true;
if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_nbVerification := v_nbVerification + 1;
if (v_nbVerification < c_nbVerification) {
tc_ac.start;
repeat;
}
}
[v_certificateReceived == true] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_digest
)))) -> value v_geoNwInd {
tc_ac.stop;
if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_nbVerification := v_nbVerification + 1;
if (v_nbVerification < c_nbVerification) {
tc_ac.start;
repeat;
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
log("*** " & testcasename() & ": PASS: All CAMs received with correct signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_16_01_BV
/**
* @desc Sending behaviour test cases for DENM profile
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.5 DENM profile
*/
group sendDENMProfile {
* @desc Check that the sent Secured DENM contains a HeaderField its_aid that is set to 'AID_DENM'
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send DENM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields ['its_aid']
* containing its_aid
* indicating 'AID_DENM'
* }
* }
* </pre>