Newer
Older
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
stop;
}
if (not(PICS_PLUGTEST_VERSION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(?, ?,
superset(mw_trailer_field_signature,
mw_trailer_field
))))){
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: CAM received with more then one trailer fields");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(?, ?,
{ mw_trailer_field_signature }
)))){
tc_ac.stop;
log("*** " & testcasename() & ": INFO: CAM message with signature trailer received ***");
v_nbVerification := v_nbVerification + 1;
if (v_nbVerification < c_nbVerification) {
tc_ac.start;
repeat;
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
log("*** " & testcasename() & ": PASS: All CAMs received with correct trailer fields count");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_15_01_BV
* @desc Check that the secured CAM contains only one TrailerField of type signature;
* Check that the signature contained in the SecuredMessage is calculated over the right fields by cryptographically verifying the signature
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
* with
* the IUT being in the 'authorized' state
* Expected results:
* ensure that
* when
* the IUT is requested to send a CAM
* then
* the IUT sends a SecuredMessage
* containing header_fields ['signer_info']
* containing signer
* containing type
* indicating 'certificate_digest_with_ecdsap256'
* and containing digest
* referencing the certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket'
* and containing subject_attributes['verification key'] (KEY)
* or containing signer
* containing type
* indicating 'certificate'
* and containing certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* and containing signature
* verifiable using KEY
* </pre>
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_16_01_BV
* @reference ETSI TS 103 097 v1.2.1, clause 7.1
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
*/
testcase TC_SEC_ITSS_SND_CAM_16_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_nbVerification := 3;
var integer v_nbVerification := 0;
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
var Certificate v_certificate;
var boolean v_certificateReceived := false;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: CAM message with certificate received ***");
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
v_certificate := v_signerInfo.signerInfo.certificate;
v_certificateReceived := true;
if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_nbVerification := v_nbVerification + 1;
if (v_nbVerification < c_nbVerification) {
tc_ac.start;
repeat;
}
}
[v_certificateReceived == true] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_digest
)))) -> value v_geoNwInd {
tc_ac.stop;
if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_nbVerification := v_nbVerification + 1;
if (v_nbVerification < c_nbVerification) {
tc_ac.start;
repeat;
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
log("*** " & testcasename() & ": PASS: All CAMs received with correct signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_16_01_BV
} // End of group sendCAMProfile
/**
* @desc Sending behaviour test cases for DENM profile
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.5 DENM profile
*/
group sendDENMProfile {
/**
* @desc Check that the sent Secured DENM contains a HeaderField its_aid that is set to 'AID_DENM'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with
* the IUT being in the 'authorized' state
* Expected results:
* ensure that
* when
* the IUT is requested to send a DENM
* then
* the IUT sends a SecuredMessage
* containing header_fields ['its_aid']
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_01_01_BV
* @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.2
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
*/
testcase TC_SEC_ITSS_SND_DENM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderFields v_headersFields;
var ItsDenm v_denmComponent;
var integer v_previousHeaderType;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
?,
?,
?,
mw_header_field_its_aid_DENM
)
),
?
))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: 'its_aid' is set to 'AID_DENM'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// DENM without mandatory fields
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_its_aid_DENM
)
)))) {
log("*** " & testcasename() & ": FAIL: Secured DENM doesnt contain required headers");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_01_01_BV
/**
* @desc Check that the secured DENM contains exactly one element of these header fields: signer_info, generation_time, generation_location, message_type;
* Check that the header fields are in the ascending order according to the numbering of the enumeration except of the signer_info, which is encoded first;
* Check that generation_time_with_confidence (generation_time_standard_deviation) is not used
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with
* the IUT being in the 'authorized' state
* Expected results:
* ensure that
* when
* the IUT is requested to send DENM
* then
* the IUT sends a SecuredMessage
* containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing header_fields [n].type
* indicating value less than header_fields [n+1].type
* and containing header_fields ['generation_time']
* and containing header_fields ['generation_location']
* and containing header_fields ['its_aid']
* and not containing header_fields ['generation_time_with_confidence']
* </pre>
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_02_01_BV
* @reference ETSI TS 103 097 v1.2.1, clause 7.2
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
*/
testcase TC_SEC_ITSS_SND_DENM_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderFields v_headersFields;
var ItsDenm v_denmComponent;
var integer v_previousHeaderType;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field( e_signer_info ),
mw_header_field( e_generation_time ),
mw_header_field( e_generation_location ),
mw_header_field_its_aid_DENM
)
),
mw_geoNwAnyPacket_withPayload(
?
)))) -> value v_geoNwInd {
tc_ac.stop;
// Process header fields manually
v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
// Check that signerInfo is first header
if (lengthof(v_headersFields) < 1 or (v_headersFields[0].type_ != e_signer_info)) {
log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_previousHeaderType := enum2int(v_headersFields[0].type_);
for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
// Check forbidden header
if (v_headersFields[v_counter].type_ == e_generation_time_standard_deviation) {
log("*** " & testcasename() & ": FAIL: Forbidden header present");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_headersFields[v_counter].type_ == e_signer_info) {
log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_counter > 1 ) {
// Check that no header is duplicated
if (enum2int(v_headersFields[v_counter].type_) == v_previousHeaderType) {
log("*** " & testcasename() & ": FAIL: multiple instances of the same header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check that headers are ordered
if (enum2int(v_headersFields[v_counter].type_) <= v_previousHeaderType) {
log("*** " & testcasename() & ": FAIL: headers are not in the correct order");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
v_previousHeaderType := enum2int(v_headersFields[v_counter].type_);
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: correct secured packet received");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// DENM without mandatory fields
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_its_aid_DENM
)
)))) {
log("*** " & testcasename() & ": FAIL: Secured DENM doesnt contain required headers");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_02_01_BV
/**
* @desc Check that secured DENM contains the certificate as a signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with
* the IUT being in the 'authorized' state
* Expected results:
* ensure that
* when
* the IUT is requested to send a DENM
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* and containing certificate
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_03_01_BV
* @reference ETSI TS 103 097 v1.2.1, clause 7.2
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
*/
testcase TC_SEC_ITSS_SND_DENM_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderFields v_headersFields;
var HeaderFieldType v_previousHeaderType;
var integer v_counter;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_counter := 0;
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
mw_header_field_signer_info_certificate
),
mw_geoNwAnyPacket_withPayload(
?
)))) {
if (v_counter < 3) {
f_cancelDenmEvent(v_denmComponent);
v_counter := v_counter + 1;
v_denmComponent := f_triggerDenmEvent();
repeat;
} else {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: DENM signed with certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DENM signed with not a certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_03_01_BV
/**
* @desc Check that Secured DENM generation time is inside the validity period of the signing certificate;
* Check that generation time value is realistic
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with
* the IUT being in the 'authorized' state
* Expected results:
* ensure that
* when
* the IUT is requested to send a DENM
* then
* the IUT sends a SecuredMessage
* containing exactly one header_fields['generation_time']
* indicating GEN_TIME (CUR_TIME - 10min <= GEN_TIME < CUR_TIME + 10min)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate
* containing validity_restrictions['time_end']
* and containing end_validity
* indicating value > GEN_TIME
* or containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating value <= GEN_TIME
* and containing end_validity
* indicating value > GEN_TIME
* or containing validity_restrictions['time_start_and_duration']
* containing start_validity (X_START_VALIDITY)
* indicating value <= GEN_TIME
* and containing duration
* indicating value > GEN_TIME - X_START_VALIDITY
* </pre>
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_04_01_BV
* @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.2
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
*/
testcase TC_SEC_ITSS_SND_DENM_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_timeLimit := 10 * 60 * 1000000; // us
var GeoNetworkingInd v_geoNwInd;
var HeaderField v_headerField;
var Time64 v_generationTime;
var Time64 v_curTime;
var Time64 v_startTime, v_endTime, v_duration;
var Certificate v_cert;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(
e_generation_time
),
mw_header_field_signer_info_certificate,
mw_header_field_its_aid_DENM
)
),
mw_geoNwAnyPacket_withPayload(
?
)))) -> value v_geoNwInd {
tc_ac.stop;
v_curTime := f_getCurrentTime();
v_curTime := v_curTime * 1000; // Time64 is in microseconds
log("v_curTime (us)=", v_curTime);
if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField)) {
v_generationTime := v_headerField.headerField.generation_time;
log("v_generationTime (us) = ", v_generationTime);
if (not match(v_generationTime, Time64:(v_curTime-c_timeLimit, v_curTime+c_timeLimit))) {
log("*** " & testcasename() & ": FAIL: DENM generation time is not in 10 min range");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check that generation time is inside the certificate validation period
if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_signer_info, v_headerField)) {
v_cert := v_headerField.headerField.signer.signerInfo.certificate;
for (var integer v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
if (not match(v_generationTime, Time64:(0 .. v_endTime))){
log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
v_endTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000;
v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
if (not match(v_generationTime, Time64:(v_startTime .. v_endTime))){
log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
log("*** " & testcasename() & ": FAIL: Usage of time_start_and_duration is not allowed in TS103097 v1.2.5");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
v_duration := f_duration2time(v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
if (not match(v_generationTime, Time64:(v_startTime .. v_duration))){
log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: DENM generation time is inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Invalid DENM received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_04_01_BV
/**
* @desc Check that the secured DENM contains exactly one HeaderField generation_location when AT certificate does not contain any region restrictions
* Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION
* Initial conditions:
* with
* the IUT has been authorized with the AT certificate (CERT_IUT_A_AT)
* not containing validity_restrictions['region']
* Expected results:
* ensure that
* when
* the IUT is requested to send DENM
* containing exactly one header_field ['generation_location']
* containing generation_location
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_05_01_BV
* @reference ETSI TS 103 097 v1.2.1, clause 7.2
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
*/
testcase TC_SEC_ITSS_SND_DENM_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
stop;
}
// Test component configuration
// CERT_IUT_A is the default one
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
superset(
mw_validity_restriction_any_valid_region
))))))) {
log("*** " & testcasename() & ": INFO: Skip DENM containing region restrictions ***");
repeat;
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(
e_generation_location
),
mw_header_field_signer_info_certificate,
mw_header_field_its_aid_DENM
))))) {
// The certificate doesn't contain region restrictions because such messages was catched before
tc_ac.stop;
log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
mw_header_field_signer_info_certificate
)))) {
// the message does not contain generation location
tc_ac.stop;
log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
// Cancel DENM events
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_05_01_BV
function f_TC_SEC_ITSS_SND_DENM_05_BV(
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var ItsDenm v_denmComponent;
// Trigger DENM
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
// DENM contains generation location and certificate with region restrictions
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(
e_generation_location
),
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
superset(
mw_validity_restriction_region(
p_region
)
)
)
),
mw_header_field_its_aid_DENM
))))) -> value v_geoNwInd {
var ValidityRestriction v_vr;
var HeaderField v_hf;
tc_ac.stop;
// check that generation location is inside the circular region of the certificate
if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf)
and f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr)
) {
if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) {
log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}else{
log("*** " & testcasename() & ": FAIL: DENM contains generation location outside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
// DENM signing certificate doesn't contains region restriction
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_its_aid_DENM,
mw_header_field(e_generation_location),
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
{ } // DENM signing certificate doesn't 'contains region restriction
)
)
))))) {
tc_ac.stop;
log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
f_cancelDenmEvent(v_denmComponent);
} // End of function f_TC_SEC_ITSS_SND_DENM_05_BV
/**
* @desc Check that the secured DENM contains exactly one HeaderField generation_location which is inside the circular region defined by the validity restriction of the certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_CIRCULAR_REGION
* Config Id: CF01
* Initial conditions:
* with
* the IUT has been authorized with the AT certificate (CERT_IUT_B_AT)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating REGION
* Expected results:
* ensure that
* when
* the IUT is requested to send a DENM
* containing exactly one header_field ['generation_location']
* containing generation_location
* indicating value inside the REGION
* </pre>
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_05_02_BV
* @reference ETSI TS 103 097 v1.2.1, clause 7.2
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
*/
testcase TC_SEC_ITSS_SND_DENM_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_B;
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_circle);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_05_02_BV
/**
* @desc Check that the secured DENM contains exactly one HeaderField generation_location which is inside the rectangular region defined by the validity restriction of the certificate pointed by the signer_info field
* Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_RECTANGULAR_REGION
* Initial conditions:
* with
* the IUT has been authorized with the AT certificate (CERT_IUT_C_AT)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'rectangle'
* containing rectangular_region
* containing instance of RectangularRegion
* indicating REGION
* Expected results:
* ensure that
* when
* the IUT is requested to send DENM
* then
* containing exactly one header_field ['generation_location']
* containing generation_location
* indicating value inside the REGION
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_05_03_BV
* @reference ETSI TS 103 097 v1.2.1, clause 7.2
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
*/
testcase TC_SEC_ITSS_SND_DENM_05_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_C;
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_rectangular);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_05_03_BV
/**
* @desc Check that the secured DENM contains exactly one HeaderField generation_location which is inside the polygonal region defined by the validity restriction of the certificate pointed by the signer_info field
* Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_POLYGONAL_REGION
* Initial conditions:
* with
* the IUT has been authorized with the AT certificate (CERT_IUT_D_AT)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'polygon'
* containing polygonal_region
* indicating REGION
* Expected results:
* ensure that
* when
* the IUT is requested to send a DENM
* then
* the IUT sends a SecuredMessage