Newer
Older
13001
13002
13003
13004
13005
13006
13007
13008
13009
13010
13011
13012
13013
13014
13015
13016
13017
13018
13019
13020
13021
13022
13023
13024
13025
13026
13027
13028
13029
13030
13031
13032
13033
13034
13035
13036
13037
13038
13039
13040
13041
13042
13043
13044
13045
13046
13047
13048
13049
13050
13051
13052
13053
13054
13055
13056
13057
13058
13059
13060
13061
13062
13063
13064
13065
13066
13067
13068
13069
13070
13071
13072
13073
13074
13075
13076
13077
13078
13079
13080
13081
13082
13083
13084
13085
13086
13087
13088
13089
13090
13091
13092
13093
13094
13095
13096
13097
13098
13099
13100
13101
13102
13103
13104
13105
13106
13107
13108
13109
13110
13111
13112
13113
13114
13115
13116
13117
13118
13119
13120
13121
13122
13123
13124
13125
13126
13127
13128
13129
13130
13131
13132
13133
13134
13135
13136
13137
13138
13139
13140
13141
13142
13143
13144
13145
13146
13147
13148
13149
13150
13151
13152
13153
13154
13155
13156
13157
13158
13159
13160
13161
13162
13163
13164
13165
13166
13167
13168
13169
13170
13171
13172
13173
13174
13175
13176
13177
13178
13179
13180
13181
13182
13183
13184
13185
13186
13187
13188
13189
13190
13191
13192
13193
13194
13195
13196
13197
13198
13199
13200
13201
13202
13203
13204
13205
13206
13207
13208
13209
13210
13211
13212
13213
13214
13215
13216
13217
13218
13219
13220
13221
13222
13223
13224
13225
13226
13227
13228
13229
13230
13231
13232
13233
13234
13235
13236
13237
13238
13239
13240
13241
13242
13243
13244
13245
13246
13247
13248
13249
13250
13251
13252
13253
13254
13255
13256
13257
13258
13259
13260
13261
13262
13263
13264
13265
13266
13267
13268
13269
13270
13271
13272
13273
13274
13275
13276
13277
13278
13279
13280
13281
13282
13283
13284
13285
13286
13287
13288
13289
13290
13291
13292
13293
13294
13295
13296
13297
13298
13299
13300
13301
13302
13303
13304
13305
13306
13307
13308
13309
13310
13311
13312
13313
13314
13315
13316
13317
13318
13319
13320
13321
13322
13323
13324
13325
13326
13327
13328
13329
13330
13331
13332
13333
13334
13335
13336
13337
13338
13339
13340
13341
13342
13343
13344
13345
13346
13347
13348
13349
13350
13351
13352
13353
13354
13355
13356
13357
13358
13359
13360
13361
13362
13363
13364
13365
13366
13367
13368
13369
13370
13371
13372
13373
13374
13375
13376
13377
13378
13379
13380
13381
13382
13383
13384
13385
13386
13387
13388
13389
13390
13391
13392
13393
13394
13395
13396
13397
13398
13399
13400
13401
13402
13403
13404
13405
13406
13407
13408
13409
13410
13411
13412
13413
13414
13415
13416
13417
13418
13419
13420
13421
13422
13423
13424
13425
13426
13427
13428
13429
13430
13431
13432
13433
13434
13435
13436
13437
13438
13439
13440
13441
13442
13443
13444
13445
13446
13447
13448
13449
13450
13451
13452
13453
13454
13455
13456
13457
13458
13459
13460
13461
13462
13463
13464
13465
13466
13467
13468
13469
13470
13471
13472
13473
13474
13475
13476
13477
13478
13479
13480
13481
13482
13483
13484
13485
13486
13487
13488
13489
13490
13491
13492
13493
13494
13495
13496
13497
13498
13499
13500
13501
13502
13503
13504
13505
13506
13507
13508
13509
13510
13511
13512
13513
13514
13515
13516
13517
13518
13519
13520
13521
13522
13523
13524
13525
13526
13527
13528
13529
13530
13531
13532
13533
13534
13535
13536
13537
13538
13539
13540
13541
13542
13543
13544
13545
13546
13547
13548
13549
13550
13551
13552
13553
13554
13555
13556
13557
13558
13559
13560
13561
13562
13563
13564
13565
13566
13567
13568
13569
13570
13571
13572
13573
13574
13575
13576
13577
13578
13579
13580
13581
13582
13583
13584
13585
13586
13587
13588
13589
13590
13591
13592
13593
13594
13595
13596
13597
13598
13599
13600
13601
13602
13603
13604
13605
13606
13607
13608
13609
13610
13611
13612
13613
13614
13615
13616
13617
13618
13619
13620
13621
13622
13623
13624
13625
13626
13627
13628
13629
13630
13631
13632
13633
13634
13635
13636
13637
13638
13639
13640
13641
13642
13643
13644
13645
13646
13647
13648
13649
13650
13651
13652
13653
13654
13655
13656
13657
13658
13659
13660
13661
13662
13663
13664
13665
13666
13667
13668
13669
13670
13671
13672
13673
13674
13675
13676
13677
13678
13679
13680
13681
13682
13683
13684
13685
13686
13687
13688
13689
13690
13691
13692
13693
13694
13695
13696
13697
13698
13699
13700
13701
13702
13703
13704
13705
13706
13707
13708
13709
13710
13711
13712
13713
13714
13715
13716
13717
13718
13719
13720
13721
13722
13723
13724
13725
13726
13727
13728
13729
13730
13731
13732
13733
13734
13735
13736
13737
13738
13739
13740
13741
13742
13743
13744
13745
13746
13747
13748
13749
13750
13751
13752
13753
13754
13755
13756
13757
13758
13759
13760
13761
13762
13763
13764
13765
13766
13767
13768
13769
13770
13771
13772
13773
13774
13775
13776
13777
13778
13779
13780
13781
13782
13783
13784
13785
13786
13787
13788
13789
13790
13791
13792
13793
13794
13795
13796
13797
13798
13799
13800
13801
13802
13803
13804
13805
13806
13807
13808
13809
13810
13811
13812
13813
13814
13815
13816
13817
13818
13819
13820
13821
13822
13823
13824
13825
13826
13827
13828
13829
13830
13831
13832
13833
13834
13835
13836
13837
13838
13839
13840
13841
13842
13843
13844
13845
13846
13847
13848
13849
13850
13851
13852
13853
13854
13855
13856
13857
13858
13859
13860
13861
13862
13863
13864
13865
13866
13867
13868
13869
13870
13871
13872
13873
13874
13875
13876
13877
13878
13879
13880
13881
13882
13883
13884
13885
13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
13896
13897
13898
13899
13900
13901
13902
13903
13904
13905
13906
13907
13908
13909
13910
13911
13912
13913
13914
13915
13916
13917
13918
13919
13920
13921
13922
13923
13924
13925
13926
13927
13928
13929
13930
13931
13932
13933
13934
13935
13936
13937
13938
13939
13940
13941
13942
13943
13944
13945
13946
13947
13948
13949
13950
13951
13952
13953
13954
13955
13956
13957
13958
13959
13960
13961
13962
13963
13964
13965
13966
13967
13968
13969
13970
13971
13972
13973
13974
13975
13976
13977
13978
13979
13980
13981
13982
13983
13984
13985
13986
13987
13988
13989
13990
13991
13992
13993
13994
13995
13996
13997
13998
13999
14000
+ * and containing region_identifier
+ * indicating valid value according to 'iso_3166_1'
+ * and containing local_region
+ * or containing region
+ * containing id_region
+ * containing region_dictionary
+ * indicating 'un_stats'
+ * and containing region_identifier
+ * indicating valid value according to UN STATS
+ * and containing local_region
+ * }
+ * }
+ * </pre>
+ * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_06_01_BV
+ * @reference ETSI TS 103 097 [1], clause 4.2.26 and 7.4.1
+ */
+ testcase TC_SEC_ITSS_SND_CERT_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+ var Certificate v_cert;
+ var ValidityRestriction v_vr;
+ var integer v_counter;
+
+ // Test control
+ if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
+ log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
+ stop;
+ }
+
+ // Test component configuration
+ vc_hashedId8ToBeUsed := cc_iutCert_E;
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ f_prNeighbour();
+ f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+
+ // Test body
+ tc_ac.start;
+ if (not f_waitForCertificate(v_cert)) {
+ log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+ f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
+ }
+ tc_ac.stop;
+ if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) {
+ if (v_vr.validity.region.region_type == e_id) {
+ if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) {
+ log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ } else if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) {
+ log("*** " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ }
+ log("*** " & testcasename() & ": PASS: Certificate has a valid region ID restrictions ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ } else {
+ log("*** " & testcasename() & ": FAIL: Certificate doesn't have any location restrictions ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+
+ // Postamble
+ f_poNeighbour();
+ f_cf01Down();
+
+ } // End of testcase TC_SEC_ITSS_SND_CERT_06_01_BV
+
+ /**
+ * @desc Check that the identified certificate validity region contains values that correspond to numeric country codes
+ * as defined in ISO 3166-1 or defined by United Nations Statistics Division
+ * Check that the identified certificate validity region contains values defining the region which is inside
+ * the validity region of the issuing certificate
+ * @remark The case when signing certificate and issuing certificate contain different type of region validity restriction is not supported by this test
+ * <pre>
+ * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION
+ * Config Id: CF01
+ * with {
+ * the IUT being in the 'authorized' state
+ * the IUT being requested to include certificate chain in the next CAM
+ * } ensure that {
+ * when {
+ * the IUT is requested to send a CAM
+ * } then {
+ * the IUT sends a SecuredMessage
+ * containing header_fields['signer_info'].signer
+ * containing type
+ * indicating 'certificate_chain'
+ * and containing certificate
+ * indicating length N > 1
+ * and containing certificates[n] (0..N)
+ * containing validity_restrictions['region']
+ * containing region
+ * containing region_type
+ * indicating 'id'
+ * and containing id_region
+ * containing region_dictionary
+ * indicating 'iso_3166_1' (0)
+ * and containing region_identifier
+ * indicating valid value according to 'iso_3166_1'
+ * and containing local_region
+ * or containing region
+ * containing id_region
+ * containing region_dictionary
+ * indicating 'un_stats'
+ * and containing region_identifier
+ * indicating valid value according to UN STATS
+ * and containing local_region
+ * }
+ * }
+ * </pre>
+ * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_06_02_BV
+ * @reference ETSI TS 103 097 [1], clause 4.2.26 and 7.4.1
+ */
+ testcase TC_SEC_ITSS_SND_CERT_06_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
+ var CertificateChain v_chain;
+ var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown); // current and issuing cert validity restrictions
+ var boolean f_vr := false, f_vri := false;
+
+ // Test control
+ if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
+ log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
+ stop;
+ }
+
+ // Test component configuration
+ vc_hashedId8ToBeUsed := cc_iutCert_E;
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ f_prNeighbour();
+ log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
+ tc_ac.start;
+ if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
+ log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+ f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
+ } else {
+ f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+ }
+
+ // Test Body
+ f_vr := false;
+ tc_ac.stop;
+ for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
+ v_vri := v_vr;
+ f_vri := f_vr;
+ f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
+
+ if (f_vr) {
+ if (v_vr.validity.region.region_type == e_id) {
+ if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) {
+ log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) {
+ log("*** " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ }
+
+ if (f_vri) {
+ // the region code must be the same
+ if (v_vr.validity.region.region.id_region.region_identifier !=
+ v_vri.validity.region.region.id_region.region_identifier) {
+ log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ if ( v_vri.validity.region.region.id_region.local_region != 0
+ and v_vri.validity.region.region.id_region.local_region != v_vr.validity.region.region.id_region.local_region ) {
+ log("*** " & testcasename() & ": FAIL: Certificate validity restriction local identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ }
+
+ } else {
+ // Region validity restriction is not exist
+ if (f_vri) {
+ log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region must be set in the certificate " & int2str(v_counter) &
+ "because this restriction exists in the issuing certificate ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ }
+ }
+ log("*** " & testcasename() & ": PASS: All certificates has a valid identified regionrestrictions ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+
+ // Postamble
+ f_poNeighbour();
+ f_cf01Down();
+ } // End of testcase TC_SEC_ITSS_SND_CERT_06_02_BV
+
+ /**
+ * @desc Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction
+ * <pre>
+ * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION
+ * Config Id: CF01
+ * with {
+ * the IUT being in the 'authorized' state
+ * the IUT being requested to include certificate chain in the next CAM
+ * } ensure that {
+ * when {
+ * the IUT is requested to send a CAM
+ * } then {
+ * the IUT sends a SecuredMessage
+ * containing header_fields['signer_info'].signer
+ * containing type
+ * indicating 'certificate_chain'
+ * and containing certificates
+ * indicating length N > 1
+ * and containing certificates[n] (0..N)
+ * indicating certificate
+ * not containing validity_restrictions['region']
+ * and containing signer_info
+ * containing digest
+ * referenced to the certificate
+ * not containing validity_restrictions['region']
+ * or indicating certificate
+ * containing validity_restrictions['region']
+ * containing region.region_type
+ * indicating 'none'
+ * and containing signer_info
+ * containing digest
+ * referenced to the certificate
+ * not containing validity_restrictions['region']
+ * or containing validity_restrictions['region']
+ * containing region.region_type
+ * indicating 'none'
+ * or indicating certificate
+ * containing validity_restrictions['region']
+ * containing region.region_type
+ * indicated 'circle'
+ * or indicated 'rectangle'
+ * or indicated 'polygon'
+ * or indicated 'id'
+ * and containing region (X_CERT__REGION)
+ * and containing signer_info
+ * containing digest
+ * referenced to the certificate
+ * not containing validity_restrictions['region']
+ * or containing validity_restrictions['region']
+ * containing region.region_type
+ * indicating 'none'
+ * or containing validity_restrictions['region']
+ * containing region
+ * indicating region fully covering the X_CERT_REGION
+ * }
+ * }
+ * </pre>
+ * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_07_01_BV
+ * @reference ETSI TS 103 097 [1], clause 4.2.26 and 7.4.1
+ */
+ testcase TC_SEC_ITSS_SND_CERT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+ var CertificateChain v_chain;
+ var Certificate v_cert, v_cert_issuer;
+ var SignerInfo v_si;
+ var UInt8 v_counter;
+ var HashedId8 v_digest;
+ var CertificatesCaching v_certificatesCaching;
+ var FncRetCode v_result_status := e_success;
+
+ // Test control
+ if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION)) {
+ log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
+ stop;
+ }
+
+ // Test component configuration
+// vc_hashedId8ToBeUsed := cc_iutCert_E;
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ f_prNeighbour();
+ log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
+ tc_ac.start;
+ if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
+ log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+ f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
+ } else {
+ f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+ }
+
+ // Test Body
+ // 1. Create a cache of certificates
+ f_createCertificatesCaching(v_chain, v_certificatesCaching);
+ // 2. Process the certificates
+ v_counter := f_getCertificatesCachingItemSize(v_certificatesCaching) - 1;
+ while (v_counter != 0) {
+ // Get the first certificate
+ if (f_getCertificatesCachingItem(v_certificatesCaching, v_counter, v_cert) == false) {
+ v_result_status := e_error;
+ break;
+ }
+ // Retrive SigneInfo field
+ if (not f_getCertificateSignerInfo(v_cert, v_si)) {
+ log("*** " & testcasename() & ": FAIL: Certificate " & int2str(v_counter) & " doesn't have a signer info ***");
+ v_result_status := e_error;
+ break;
+ }
+ if (v_si.type_ != e_certificate_digest_with_sha256) {
+ log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
+ v_result_status := e_error;
+ break;
+ }
+ // Get issuer
+ if (f_getCertificateFromCaching(v_certificatesCaching, v_si.signerInfo.digest, v_cert_issuer) == false) {
+ log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
+ v_result_status := e_error;
+ break;
+ }
+ // Check that cert is signed by issuing cert
+ v_digest := f_calculateDigestFromCertificate(v_cert_issuer);
+ if (not match (v_si.signerInfo.digest, v_si.signerInfo.digest)) {
+ log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
+ v_result_status := e_error;
+ break;
+ }
+ // Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction
+ if (f_checkRegionValidityRestiction(v_cert, v_cert_issuer) == false) {
+ v_result_status := e_error;
+ break;
+ }
+
+ // Prepare next loop
+ v_counter := v_counter - 1;
+
+ } // End of 'while' statement
+ if (v_result_status == e_success) {
+ log("*** " & testcasename() & ": PASS: All certificates has a valid identified region restrictions ***");
+ }
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, v_result_status);
+
+ // Postamble
+ f_poNeighbour();
+ f_cf01Down();
+ } // End of testcase TC_SEC_ITSS_SND_CERT_07_01_BV
+
+ /**
+ * @desc Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction
+ * <pre>
+ * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION
+ * Config Id: CF01
+ * with {
+ * the IUT being in the 'authorized' state
+ * the IUT being requested to include certificate chain in the next CAM
+ * the IUT being requested to include certificate chain in the next CAM
+ * } ensure that {
+ * when {
+ * the IUT is requested to send a CAM
+ * } then {
+ * the IUT sends a SecuredMessage
+ * containing header_fields['signer_info'].signer
+ * containing type
+ * indicating 'certificate_chain'
+ * and containing certificates
+ * indicating length N > 1
+ * and containing certificates[n] (0..N)
+ * indicating certificate
+ * containing validity_restrictions['region']
+ * containing region.region_type
+ * indicated 'id'
+ * and containing id_region
+ * containing region_dictionary
+ * indicating 'iso_3166_1'
+ * or indicating 'un_stat'
+ * and containing region_identifier (X_CERT_REGION_ID)
+ * indicating valid value according to 'iso_3166_1' or 'un_stat'
+ * and containing local_region (X_CERT_LOCAL_REGION)
+ * and containing signer_info
+ * containing digest
+ * referenced to the certificate
+ * containing validity_restrictions['region']
+ * containing region
+ * indicated 'id'
+ * and containing id_region
+ * containing region_dictionary
+ * indicating 'iso_3166_1'
+ * or indicating 'un_stat'
+ * and containing region_identifier
+ * indicating value == X_CERT_REGION_ID
+ * and containing local_region
+ * indicating value == X_CERT_LOCAL_REGION
+ * or indicating 0
+ * or containing id_region
+ * containing region_dictionary
+ * indicating 'un_stats'
+ * and containing region_identifier
+ * indicating region fully covering the X_CERT_REGION
+ * }
+ * }
+ * </pre>
+ * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_07_02_BV
+ * @reference ETSI TS 103 097 [1], clause 4.2.26 and 7.4.1
+ */
+ testcase TC_SEC_ITSS_SND_CERT_07_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
+ var CertificateChain v_chain;
+ var Certificate v_cert, v_cert_issuer;
+ var SignerInfo v_si;
+ var UInt8 v_counter;
+ var HashedId8 v_digest;
+ var CertificatesCaching v_certificatesCaching;
+ var FncRetCode v_result_status := e_success;
+
+ // Test control
+ if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
+ log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
+ stop;
+ }
+
+ // Test component configuration
+// vc_hashedId8ToBeUsed := cc_iutCert_E;
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ f_prNeighbour();
+ log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
+ tc_ac.start;
+ if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
+ log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+ f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
+ } else {
+ f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+ }
+
+ // Test Body
+ // 1. Create a cache of certificates
+ f_createCertificatesCaching(v_chain, v_certificatesCaching);
+ // 2. Process the certificates
+ v_counter := f_getCertificatesCachingItemSize(v_certificatesCaching) - 1;
+ while (v_counter != 0) {
+ // Get the first certificate
+ if (f_getCertificatesCachingItem(v_certificatesCaching, v_counter, v_cert) == false) {
+ v_result_status := e_error;
+ break;
+ }
+ // Retrive SigneInfo field
+ if (not f_getCertificateSignerInfo(v_cert, v_si)) {
+ log("*** " & testcasename() & ": FAIL: Certificate " & int2str(v_counter) & " doesn't have a signer info ***");
+ v_result_status := e_error;
+ break;
+ }
+ if (v_si.type_ != e_certificate_digest_with_sha256) {
+ log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
+ v_result_status := e_error;
+ break;
+ }
+ // Get issuer
+ if (f_getCertificateFromCaching(v_certificatesCaching, v_si.signerInfo.digest, v_cert_issuer) == false) {
+ log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
+ v_result_status := e_error;
+ break;
+ }
+ // Check that cert is signed by issuing cert
+ v_digest := f_calculateDigestFromCertificate(v_cert_issuer);
+ if (not match (v_si.signerInfo.digest, v_si.signerInfo.digest)) {
+ log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
+ v_result_status := e_error;
+ break;
+ }
+ // Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction
+ if (f_checkRegionValidityRestiction(v_cert, v_cert_issuer) == false) {
+ v_result_status := e_error;
+ break;
+ }
+
+ // Prepare next loop
+ v_counter := v_counter - 1;
+
+ } // End of 'while' statement
+ if (v_result_status == e_success) {
+ log("*** " & testcasename() & ": PASS: All certificates has a valid identified region restrictions ***");
+ }
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, v_result_status);
+
+ // Postamble
+ f_poNeighbour();
+ f_cf01Down();
+ } // End of testcase TC_SEC_ITSS_SND_CERT_02_01_BV
+
+ /**
+ * @desc Check the certificate chain to ensure that the time validity restriction of the subordinate certificate is inside the time validity restriction of the issuing certificate
+ * <pre>
+ * Pics Selection: PICS_GN_SECURITY
+ * Config Id: CF01
+ * with {
+ * the IUT being in the 'authorized' state
+ * the IUT being requested to include certificate chain in the next CAM
+ * } ensure that {
+ * when {
+ * the IUT is requested to send a CAM
+ * } then {
+ * the IUT sends a SecuredMessage
+ * containing header_fields['signer_info'].signer
+ * containing type
+ * indicating 'certificate_chain'
+ * containing certificates
+ * containing certificates[last-1]
+ * containing validity_restrictions
+ * containing validity_restrictions['time_start_and_end']
+ * containing start_validity
+ * indicating START_AA_VALIDITY
+ * containing end_validity
+ * indicating END_AA_VALIDITY >= START_AA_VALIDITY
+ * and containing signer_info
+ * containing digest
+ * referenced to the trusted certificate
+ * containing validity_restrictions['time_end']
+ * containing end_validity
+ * indicating value > AA_END_VALIDITY
+ * or containing validity_restrictions['time_start_and_end']
+ * containing start_validity
+ * indicating value <= AA_START_VALIDITY
+ * and containing end_validity
+ * indicating value > AA_END_VALIDITY
+ * or containing validity_restrictions['time_start_and_duration']
+ * containing start_validity
+ * indicating X_START_VALIDITY <= AA_START_VALIDITY
+ * and containing duration
+ * indicating value > AA_END_VALIDITY - X_START_VALIDITY
+ * }
+ * }
+ * </pre>
+ * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_08_01_BV
+ * @reference ETSI TS 103 097 [1], clauses 7.4.4
+ */
+ testcase TC_SEC_ITSS_SND_CERT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+ var CertificateChain v_chain;
+ var Certificate v_aa_cert;
+ var ValidityRestriction v_vr;
+ var SignerInfo v_si;
+ var Time64 v_generationTime;
+ var Time64 v_curTime;
+ var Time64 v_startTime, v_endTime, v_duration;
+
+ // Test control
+ if (not(PICS_GN_SECURITY)) {
+ log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+ stop;
+ }
+
+ // Test component configuration
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ f_prNeighbour();
+ f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+
+ // Test Body
+ log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
+ tc_ac.start;
+ if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
+ log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+ f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
+ }
+ tc_ac.stop;
+ if (lengthof(v_chain) < 2) {
+ log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
+ f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
+ }
+ v_aa_cert := v_chain[lengthof(v_chain) - 1];
+ if (match (v_aa_cert.validity_restrictions, superset(mw_validity_restriction_time_end,
+ mw_validity_restriction_time_start_and_duration))
+ ) {
+ log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+
+ if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) {
+ log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+
+ if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
+ log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+
+ // Process signerInfo field
+ if ( true != f_getCertificateSignerInfo(v_aa_cert, v_si)) {
+ log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo fields ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ if (v_si.type_ == e_certificate) {
+ log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo field containing a certificate ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ for (var integer v_counter := 0; v_counter < lengthof(v_si.signerInfo.certificate.validity_restrictions); v_counter := v_counter + 1) {
+ if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_end) {
+ v_endTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.end_validity * 1000000;
+ if (not match(v_generationTime, Time64:(0 .. v_endTime))){
+ log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ } else if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
+ v_endTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000;
+ v_startTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
+ if (not match(v_generationTime, Time64:(v_startTime .. v_endTime))){
+ log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ } else if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
+ v_startTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
+ v_duration := f_duration2time(v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
+ if (not match(v_generationTime, Time64:(v_startTime .. v_duration))){
+ log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ } else {
+ log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ } // End of 'for' statement
+
+ log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+
+ // Postamble
+ f_poNeighbour();
+ f_cf01Down();
+ } // End of testcase TC_SEC_ITSS_SND_CERT_08_01_BV
+
+ /**
+ * @desc Check that the certificate signature contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1
+ * or x_coordinate_only
+ * <pre>
+ * Pics Selection: PICS_GN_SECURITY
+ * Config Id: CF01
+ * Initial conditions:
+ * with {
+ * the IUT being in the 'authorized' state
+ * the IUT being requested to include certificate in the next CAM
+ * }
+ * Expected Behaviour:
+ * ensure that {
+ * when {
+ * the IUT is requested to send a CAM
+ * } then {
+ * the IUT sends a SecuredMessage
+ * containing header_fields['signer_info'].signer
+ * containing type
+ * indicating certificate
+ * containing certificate
+ * containing signature.ecdsa_signature
+ * containing R.type
+ * indicating compressed_lsb_y_0
+ * or indicating compressed_lsb_y_1
+ * or indicating x_coordinate_only
+ * }
+ * }
+ * </pre>
+ * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_09_01_BV
+ * @reference ETSI TS 103 097 [1], clause 4.2.9
+ */
+ testcase TC_SEC_ITSS_SND_CERT_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+
+ // Test control
+ if (not(PICS_GN_SECURITY)) {
+ log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+ stop;
+ }
+
+ // Test component configuration
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ f_prNeighbour();
+ f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+
+ // Test Body
+ tc_ac.start;
+ alt {
+ [] geoNetworkingPort.receive(
+ mw_geoNwInd(
+ mw_geoNwSecPdu(
+ mdw_securedMessage(
+ superset(
+ mw_header_field_signer_info_certificate(
+ mw_at_certificate(
+ ?,
+ ?,
+ ?,
+ mw_signature(
+ mw_ecdsaSignature(
+ mw_eccPointecdsa_nistp256_with_sha256_y0_coordinate_only
+ ))))))))) {
+ tc_ac.stop;
+ log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_0 received ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+ }
+ [] geoNetworkingPort.receive(
+ mw_geoNwInd(
+ mw_geoNwSecPdu(
+ mdw_securedMessage(
+ superset(
+ mw_header_field_signer_info_certificate(
+ mw_at_certificate(
+ ?,
+ ?,
+ ?,
+ mw_signature(
+ mw_ecdsaSignature(
+ mw_eccPointecdsa_nistp256_with_sha256_y1_coordinate_only
+ ))))))))) {
+ tc_ac.stop;
+ log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_1 received ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+ }
+ [] geoNetworkingPort.receive(
+ mw_geoNwInd(
+ mw_geoNwSecPdu(
+ mdw_securedMessage(
+ superset(
+ mw_header_field_signer_info_certificate(
+ mw_at_certificate(
+ ?,
+ ?,
+ ?,
+ mw_signature(
+ mw_ecdsaSignature(
+ mw_eccPointecdsa_nistp256_with_sha256_x_coordinate_only
+ ))))))))) {
+ tc_ac.stop;
+ log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to x_coordinate_only received ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+ }
+ [] geoNetworkingPort.receive(
+ mw_geoNwInd(
+ mw_geoNwSecPdu(
+ mdw_securedMessage(
+ superset(
+ mw_header_field_signer_info_certificate(
+ mw_at_certificate
+ )))))) {
+ tc_ac.stop;
+ log("*** " & testcasename() & ": FAIL: AT certificate signature mismatch ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ [] tc_ac.timeout {
+ log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+ }
+ } // End of 'alt' statement
+
+ // Postamble
+ f_poNeighbour();
+ f_cf01Down();
+
+ } // End of testcase TC_SEC_ITSS_SND_CERT_09_01_BV
+
+ /**
+ * @desc Check that the all certificates in a chain have signatures contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1
+ * or x_coordinate_only
+ * <pre>
+ * Pics Selection: PICS_GN_SECURITY
+ * Config Id: CF01
+ * Initial conditions:
+ * with {
+ * the IUT being in the 'authorized' state
+ * the IUT being requested to include certificate in the next CAM
+ * }
+ * Expected Behaviour:
+ * ensure that {
+ * when {
+ * the IUT is requested to send a CAM
+ * } then {
+ * the IUT sends a SecuredMessage
+ * containing header_fields['signer_info'].signer
+ * containing type
+ * indicating 'certificate_chain'
+ * containing certificates
+ * indicating length N > 1
+ * and indicating certificates[n] (0..N)
+ * containing signature.ecdsa_signature
+ * containing R.type
+ * indicating compressed_lsb_y_0
+ * or indicating compressed_lsb_y_1
+ * or indicating x_coordinate_only
+ * }
+ * }
+ * </pre>
+ * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_09_02_BV
+ * @reference ETSI TS 103 097 [1], clause 4.2.9
+ */
+ testcase TC_SEC_ITSS_SND_CERT_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
+ // Local variables
+ var GeoNetworkingInd v_geoNwInd;
+ var SignerInfo v_si;
+ var CertificateChain v_chain;
+ var integer v_counter;
+
+ // Test control
+ if (not(PICS_GN_SECURITY)) {
+ log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+ stop;
+ }
+
+ // Test component configuration
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ f_prNeighbour();
+ f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+
+ // Test Body
+ tc_ac.start;
+ alt {
+ [] geoNetworkingPort.receive(
+ mw_geoNwInd(
+ mw_geoNwSecPdu(
+ mdw_securedMessage(
+ superset(
+ mw_header_field_signer_info_certificate_chain
+ ))))) -> value v_geoNwInd {
+ tc_ac.stop;
+ // Check certificate chain
+ if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) {
+ v_chain := v_si.signerInfo.certificates;
+ for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) {
+ if (v_chain[v_counter].signature_.algorithm != e_ecdsa_nistp256_with_sha256) {
+ log("*** " & testcasename() & ": FAIL: Wrong signature algorithm ***");
+ f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
+ } else if (
+ (v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_x_coordinate_only) and
+ (v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_compressed_lsb_y_0) and
+ (v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_compressed_lsb_y_1)
+ ) {
+ log("*** " & testcasename() & ": FAIL: Wrong ECDSA R type ***");
+ f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
+ }
+ } // End of 'for' statement
+ }
+ log("*** " & testcasename() & ": PASS: All certificates in a chain have the correct signature type ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+ }
+ [] tc_ac.timeout {
+ log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+ }
+ } // End of 'alt' statement
+
+ // Postamble
+ f_poNeighbour();
+ f_cf01Down();
+
+ } // End of testcase TC_SEC_ITSS_SND_CERT_09_02_BV
+
+ /**
+ * @desc Check that the certificate verification key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1
+ * or uncompressed
+ * <pre>
+ * Pics Selection: PICS_GN_SECURITY
+ * Config Id: CF01
+ * Initial conditions:
+ * with {
+ * the IUT being in the 'authorized' state
+ * the IUT being requested to include certificate in the next CAM
+ * }
+ * Expected Behaviour:
+ * ensure that {
+ * when {
+ * the IUT is requested to send a CAM
+ * } then {
+ * the IUT sends a SecuredMessage
+ * containing header_fields['signer_info'].signer
+ * containing type
+ * indicating certificate
+ * containing certificate
+ * containing subject_attributes['verification_key']
+ * containing key.public_key.type
+ * indicating compressed_lsb_y_0
+ * or indicating compressed_lsb_y_1
+ * or indicating x_coordinate_only
+ * }
+ * }
+ * </pre>
+ * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_10_01_BV
+ * @reference ETSI TS 103 097 [1], clause 4.2.4
+ */
+ testcase TC_SEC_ITSS_SND_CERT_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
+
+ // Test control
+ if (not(PICS_GN_SECURITY)) {
+ log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
+ stop;
+ }
+
+ // Test component configuration
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ f_prNeighbour();
+ f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
+
+ // Test Body
+ tc_ac.start;
+ alt {
+ [] geoNetworkingPort.receive(
+ mw_geoNwInd(
+ mw_geoNwSecPdu(
+ mdw_securedMessage(
+ superset(
+ mw_header_field_signer_info_certificate(
+ mw_at_certificate(
+ ?,
+ superset(
+ mw_subject_attribute_verification_key(
+ mw_publicKey_eccPoint_compressed_lsb_y_0
+ )
+ ),
+ ?,
+ mw_signature
+ ))))))) {
+ tc_ac.stop;
+ log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to compressed_lsb_y_0 received ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+ }
+ [] geoNetworkingPort.receive(
+ mw_geoNwInd(
+ mw_geoNwSecPdu(
+ mdw_securedMessage(
+ superset(
+ mw_header_field_signer_info_certificate(
+ mw_at_certificate(
+ ?,
+ superset(
+ mw_subject_attribute_verification_key(
+ mw_publicKey_eccPoint_compressed_lsb_y_1
+ )
+ ),
+ ?,
+ mw_signature
+ ))))))) {
+ tc_ac.stop;
+ log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to compressed_lsb_y_1 received ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+ }
+ [] geoNetworkingPort.receive(
+ mw_geoNwInd(
+ mw_geoNwSecPdu(
+ mdw_securedMessage(
+ superset(
+ mw_header_field_signer_info_certificate(
+ mw_at_certificate(
+ ?,
+ superset(
+ mw_subject_attribute_verification_key(
+ mw_publicKey_eccPoint_uncompressed
+ )
+ ),
+ ?,
+ mw_signature
+ ))))))) {
+ tc_ac.stop;
+ log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to uncompressed received ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
+ }
+ [] geoNetworkingPort.receive(
+ mw_geoNwInd(
+ mw_geoNwSecPdu(
+ mdw_securedMessage(
+ superset(
+ mw_header_field_signer_info_certificate(
+ mw_at_certificate
+ )))))) {
+ tc_ac.stop;
+ log("*** " & testcasename() & ": FAIL: AT certificate signature mismatch ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
+ }
+ [] tc_ac.timeout {
+ log("*** " & testcasename() & ": INCONC: Expected message not received ***");
+ f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
+ }
+ } // End of 'alt' statement
+
+ // Postamble
+ f_poNeighbour();
+ f_cf01Down();
+
+ } // End of testcase TC_SEC_ITSS_SND_CERT_10_01_BV
+
+ /**
+ * @desc Check that all certificate in a chain have verification keys contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1
+ * or uncompressed
+ * <pre>
+ * Pics Selection: PICS_GN_SECURITY
+ * Config Id: CF01
+ * Initial conditions:
+ * with {