Newer
Older
/**
* @author ETSI / STF481
* @version $URL$
* @desc Testcases file for Security Protocol
* @see Draft ETSI TS 103 097 V1.1.15
*/
module ItsSecurity_TestCases {
// Libcommon
import from LibCommon_Time all;
import from LibCommon_VerdictControl all;
import from LibCommon_Sync all;
// LibIts
import from DENM_PDU_Descriptions language "ASN.1:1997" all;
import from ITS_Container language "ASN.1:1997" all;
// LibItsCommon
import from LibItsCommon_Functions all;
// LibItsGeoNetworking
import from LibItsGeoNetworking_TestSystem all;
import from LibItsGeoNetworking_Functions all;
import from LibItsGeoNetworking_Templates all;
import from LibItsGeoNetworking_TypesAndValues all;
import from LibItsGeoNetworking_Pics all;
import from LibItsGeoNetworking_Pixits all;
// LibItsBtp
import from LibItsBtp_TypesAndValues all;
import from LibItsBtp_Templates all;
// LibItsCam
import from LibItsCam_Templates all;
import from LibItsCam_Templates all;
import from LibItsCam_Functions all;
import from LibItsCam_TestSystem all;
// LibItsDenm
import from LibItsDenm_TypesAndValues all;
import from LibItsDenm_TestSystem all;
// LibItsSecurity
import from LibItsSecurity_TypesAndValues all;
import from LibItsSecurity_Templates all;
import from LibItsSecurity_Functions all;
import from LibItsSecurity_Pixits all;
import from LibItsSecurity_Pics all;
// AtsSecurity
import from AtsSecurity_TestSystem all;
import from AtsSecurity_Functions all;
import from AtsSecurity_Templates all;
import from ItsSecurity_Pics all;
/**
* @desc Sending behaviour test cases
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2 Sending behaviour
*/
group sendingBehavior {
/**
* @desc Check that ITS-S sends a SecuredMessage containing protocol version set to 2
* <pre>
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing protocol_version
* indicating value '2'
testcase TC_SEC_ITSS_SND_MSG_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(mw_geoNwInd(mw_geoNwSecPdu(mdw_securedMessage_dummy))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: Security protocol version set to 2 ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_MSG_01_01_BV
* @desc Check that when IUT sends the message signed with the digest, then this digest points to the AT certificate
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more than one CAM per second
* and the IUT having sent last CAM
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* Expected behaviour:
* ensure that {
* when {
* the IUT is requested to send next CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields ['signer_info']
* containing signer
* containing type
* indicating 'certificate_digest_with_sha256'
* and containing digest
* referencing the certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket'
* }
* }
* @reference ETSI TS 103 097 [1], clause 6.3
testcase TC_SEC_ITSS_SND_MSG_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var SecuredMessage v_recv;
var Certificate v_cert;
var LongPosVector v_longPosVectorIut;
var ItsCam v_component;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
v_component := f_setCamFrequencyGreatherThan1Hz();
// execution will be stopped if cert is not received during tc_ac
log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
tc_ac.start;
if (not f_waitForCertificate(v_cert)) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
tc_ac.stop;
if (v_cert.subject_info.subject_type != e_authorization_ticket) {
log("*** " & testcasename() & ": FAIL: received certificate is not an AT certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_prDone, e_error);
}
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] a_securedMessageWithDigest (v_recv) {
var SignerInfo v_si;
tc_ac.stop;
if (f_getMsgSignerInfo(v_recv, v_si) == true) {
if (v_si.signerInfo.digest == f_calculateDigestFromCertificate(v_cert)) {
log("*** " & testcasename() & ": PASS: Digest corresponds to the AT certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Digest corresponds to unknown certificate ***");
log("f_calculateDigestFromCertificate(v_cert)=", f_calculateDigestFromCertificate(v_cert));
log("v_si.signerInfo.digest=", v_si.signerInfo.digest);
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: Received message is not signed well ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_MSG_04_01_BV
/**
* @desc Check that IUT uses the AT certificate to sign messages
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* }
* ensure that {
* when {
* the IUT is requested to send a next CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields ['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket'
* @reference ETSI TS 103 097 [1], clause 6.3
testcase TC_SEC_ITSS_SND_MSG_04_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
var SecuredMessage v_recv;
var Certificate v_cert;
var LongPosVector v_longPosVectorIut;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] a_securedMessageWithCertificate(v_recv) {
var SignerInfo v_si;
if (f_getMsgSignerInfo(v_recv, v_si)) {
v_cert := v_si.signerInfo.certificate;
if (v_cert.subject_info.subject_type != e_authorization_ticket ) {
log("*** " & testcasename() & ": FAIL: received certificate is not an AT certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: message signed with AT certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: received message is not signed well ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_MSG_04_02_BV
/**
* @desc Check that the SecuredMessage signature containes the ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a next CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields ['its_aid']
* containing its_aid
* indicating 'AID_CAM'
* and containing trailer_fields['signature']
* containing signature.ecdsa_signature
* containing R.type
* indicating compressed_lsb_y_0
* or indicating compressed_lsb_y_1
* or indicating x_coordinate_only
* @reference ETSI TS 103 097 [1], clause 4.2.9
testcase TC_SEC_ITSS_SND_MSG_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var LongPosVector v_longPosVectorIut;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
?,
?,
{
mw_trailer_field_signature(
mw_signature(
mw_ecdsaSignature(
mw_eccPointecdsa_nistp256_with_sha256_y0_coordinate_only,
?
)
)
)
}
),
?
))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to compressed_lsb_y_0 received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
?,
?,
{
mw_trailer_field_signature(
mw_signature(
mw_ecdsaSignature(
mw_eccPointecdsa_nistp256_with_sha256_y1_coordinate_only,
?
)
)
)
}
),
?
))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to compressed_lsb_y_1 received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
?,
?,
{
mw_trailer_field_signature(
mw_signature(
mw_ecdsaSignature(
mw_eccPointecdsa_nistp256_with_sha256_x_coordinate_only
)
)
)
}
),
?
))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to x_coordinate_only received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
tc_ac.stop;
log("*** " & testcasename() & ": Failed: Expected CAM message received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_MSG_05_01_BV
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
/**
* @desc Sending behaviour test cases for CAM profile
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.4 CAM profile
*/
group sendCAMProfile {
/**
* @desc Check that the sent Secured CAM contains a HeaderField its_aid that is set to 'AID_CAM'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* and containing header_fields['its_aid']
* indicating 'AID_CAM'
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TC_SEC_ITSS_SND_CAM_01_01_BV
* @reference ETSI TS 103 097 [1], clause 5.4 and 7.1
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
*/
testcase TC_SEC_ITSS_SND_CAM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderFields v_headersFields;
var integer v_previousHeaderType;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
?,
?,
mw_header_field_its_aid_CAM
)
),
?
))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: 'its_aid' is set to 'AID_CAM'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_01_01_BV
/**
* @desc Check that the secured CAM contains exactly one element of these header fields: signer_info, generation_time, its_aid.
Check that the header fields are in the ascending order according to the numbering of the enumeration except of the signer_info, which is encoded first.
Check that generation_time_standard_deviation, expiration, encryption_parameters, recipient_info are not used
* <pre>
* Pics Selection: PICS_GN_SECURITY
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage {
* containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing header_fields [n].type
* indicating value < header_fields [n+1].type
* and containing header_fields ['generation_time']
* and containing header_fields['its_aid']
* indicating 'AID_CAM'
* and not containing header_fields['generation_time_standard_deviation']
* and not containing header_fields['expiration']
* and not containing header_fields['encryption_parameters']
* and not containing header_fields['recipient_info']
* }
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_02_01_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_SND_CAM_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderFields v_headersFields;
var integer v_previousHeaderType;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(
e_signer_info
),
mw_header_field(e_generation_time),
mw_header_field_its_aid_CAM
)
),
mw_geoNwPduWithPayload(
?,
?,
mw_secCamPayload).packet
))) -> value v_geoNwInd {
tc_ac.stop;
// Process header fields manually
v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
// Check that signerInfo is first header
if ((lengthof(v_headersFields) < 1) or not match(v_headersFields[0].type_, e_signer_info)) {
log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
// Check forbidden header
// FIXME: 'generation_time_with_confidence' does not exist. is it e_generation_time_standard_deviation ?
if (match(v_headersFields[v_counter].type_, e_generation_time_standard_deviation)) {
log("*** " & testcasename() & ": FAIL: Forbidden header present");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (match(v_headersFields[v_counter].type_, e_signer_info)) {
log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_counter > 1 ) {
// Check that headers are ordered
if (match(v_headersFields[v_counter].type_, integer:(0..v_previousHeaderType))) {
// Check that header is duplicated
if (match(v_headersFields[v_counter].type_, v_previousHeaderType)) {
log("*** " & testcasename() & ": FAIL: multiple instances of same header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}else{
log("*** " & testcasename() & ": FAIL: headers not in correct order");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_previousHeaderType := enum2int(v_headersFields[v_counter].type_);
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: correct secured packet received");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_02_01_BV
* @desc Check that the secured CAM contains the signer_info field of certificate when over the time of one
* second no other SecuredMessage contained a signer_info of type certificate.
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more then one CAM per second
* and the IUT having sent a CAM
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* contains header_fields['generation_time']
* indicating TIME_LAST
* }
* ensure that {
* when {
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* } then {
* this message
* contains header_fields['generation_time']
* indicating TIME (TIME >= TIME_LAST + 1sec)
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_05_01_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_SND_CAM_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_cntTimeLimit := 10;
const float c_certificateGenerationTime := 1.0;
timer t_minTransInterval := c_certificateGenerationTime * 0.8;
var integer v_cntTime := 0;
var GeoNetworkingInd v_geoNwInd;
var ItsCam v_component;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
geoNetworkingPort.clear;
v_component := f_setCamFrequencyGreatherThan1Hz();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
if(t_minTransInterval.running){
t_minTransInterval.stop;
log("*** " & testcasename() & ": FAIL: CAM with certificate has been received inside 1 sec after previous one ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_cntTime := v_cntTime + 1;
if (v_cntTime == c_cntTimeLimit) { // Exit message loop
log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// end of alt
}
else {
log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***");
t_minTransInterval.start;
repeat;
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_digest
log("*** " & testcasename() & ": INFO: CAM retransmission with digest ***");
repeat;
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": FAIL: Neither Certificate not Digest in received CAM ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] t_minTransInterval.timeout {
log("*** " & testcasename() & ": INFO: One of next CAMS must have a certificate ***");
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_05_01_BV
* @desc Check that the secured CAM contains the signer_info field of certificate when the timeout of 1 second
* has been expired after the previous CAM containing the certificate.
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more than one CAM per second
* and the IUT having sent a CAM
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* }
* ensure that {
* when {
* the IUT is sending a CAM
* containing header_fields['generation_time']
* indicating TIME >= TIME_LAST + 1sec
* containing header_fields ['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_SND_CAM_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_cntTimeLimit := 10;
const float c_certificateGenerationTime := 1.0;
timer t_maxTransInterval := c_certificateGenerationTime * 1.15;
var integer v_cntTime := 0;
var GeoNetworkingInd v_geoNwInd;
var ItsCam v_component;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
geoNetworkingPort.clear;
v_component := f_setCamFrequencyGreatherThan1Hz();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
t_maxTransInterval.start;
tc_ac.stop;
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
t_maxTransInterval.stop;
v_cntTime := v_cntTime + 1;
if (v_cntTime == c_cntTimeLimit) { // Exit message loop
log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// end of alt
t_maxTransInterval.start;
log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***");
repeat;
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_digest
)))) {
log("*** " & testcasename() & ": INFO: CAM retransmission with digest ***");
repeat;
[] t_maxTransInterval.timeout {
log("*** " & testcasename() & ": FAIL: CAM with certificate was not received in 1 sec after previous one ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_05_02_BV
* @desc Check that ITS-S sends a Secured CAM containing the signer_info of type certificate
* when the ITS-S received a CAM from an unknown ITS-S
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more than one CAM per second
* and the IUT having already sent CAM at TIME_1
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* and the IUT having received a SecuredMessage at TIME_2 (TIME_1 < TIME_2 < TIME_1+ 1sec)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate_digest_with_sha256'
* containing digest
* indicating HashedId3 value
* referenced to unknown certificate
* }
* ensure that {
* when {
* the IUT is requested to send CAM at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
* the IUT sends a SecuredMessage
* containing header_fields[0]
* containing type
* indicating 'signer_info'
* containing type
* indicating 'certificate'
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.1
testcase TC_SEC_ITSS_SND_CAM_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var ItsCam v_component;
timer t_maxTransInterval := 0.3;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
v_component := f_setCamFrequencyGreatherThan1Hz();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
// Send secured message from unknown ITS-S
geoNetworkingPort.clear;
f_sendSecuredCam(cc_taCert_F, omit, e_certificate_digest_with_sha256);
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
}
// Test Body
t_maxTransInterval.start;
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
tc_ac.stop;
t_maxTransInterval.stop;
log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
repeat;
}
[] t_maxTransInterval.timeout {
log("*** " & testcasename() & ": FAIL: CAM was transmited w/o unrecognized request header ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_06_01_BV
/**
* @desc Check that IUT restart the certificate sending timer when the certificate has been sent
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more then one CAM per second
* and the IUT having already sent CAM at TIME_1
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* and the IUT having received a CAM at TIME_2 (TIME_1 +0.3sec)
* containing header_fields['request_unrecognized_certificate']
* containing digests
* containing HashedId3 value
* referencing to the the IUT certificate
* and the IUT having sent CAM at TIME_3 (TIME_3 > TIME_2)
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* }
* ensure that {
* when {
* the IUT is sending the next CAM at TIME_4
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* } then {
* the difference between TIME_4 and TIME_3 is about of 1sec
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_SND_CAM_07_01_TI() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const float c_certificateGenerationTime := 1.0;
timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
var ItsCam v_component;
var boolean v_firstCertReceived := false;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
v_component := f_setCamFrequencyGreatherThan1Hz();
[v_firstCertReceived == false] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
log("*** " & testcasename() & ": INFO: Initial conditions: The first CAM with certificate is received ***");
v_firstCertReceived := true;
f_sleep(0.3);
// Send secured message with request for unrecognized certificate
f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerInfo);
{
m_header_field_unrecognised_certificate(
f_HashedId3FromHashedId8(
f_calculateDigestFromCertificate(
v_signerInfo.signerInfo.certificate
)
},
e_certificate_digest_with_sha256
);
repeat;
}
[v_firstCertReceived == true] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
tc_ac.stop;
// start a timeout of one second to check
// that the next cert will be received after this timeout
t_maxTransInterval.start;
log("*** " & testcasename() & ": INFO: Initial conditions: The requested CAM with certificate is received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) {
tc_ac.stop;
t_maxTransInterval.stop;
log("*** " & testcasename() & ": FAIL: CAM certificate inclusion time wasn't restarted ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***");
[] t_maxTransInterval.timeout {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: The CAM certificate inclusion timer has been restarted ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_07_01_TI
* @desc Check that the IUT sends the Secured CAM containing the signer_info of type certificate
* when it received a CAM containing a request of unrecognized certificate that matches
* with the currently used AT certificate ID of the IUT
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more than one CAM per second
* and the IUT having already sent CAM at TIME_1
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* and the IUT having received a SecuredMessage at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
* containing header_fields['request_unrecognized_certificate']
* containing digests {
* containing HashedId3 value
* referencing to the AT certificate
* and not containing HashedId3 value
* referencing to the AA certificate
* }
* }
* ensure that {
* when {
* the IUT is requested to send a CAM at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
* the IUT sends a SecuredMessage
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate
* referenced by the requested digest
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_SND_CAM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const float c_certificateGenerationTime := 1.0;
timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
var GeoNetworkingInd v_geoNwInd;
var ItsCam v_component;
var SignerInfo v_si;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
geoNetworkingPort.clear;
v_component := f_setCamFrequencyGreatherThan1Hz();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
t_maxTransInterval.start;
f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
// Send secured message with request for unrecognized certificate
f_sendSecuredCam(
m_header_field_unrecognised_certificate( // containing digests
f_HashedId3FromHashedId8( // containing HashedId3 value
f_calculateDigestFromCertificate(
v_si.signerInfo.certificate // referencing to the AT certificate
)
)
// and not containing HashedId3 value referencing to the AA certificate
)
},
e_certificate
);
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate(
v_si.signerInfo.certificate
)
t_maxTransInterval.stop;
log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***");
repeat;
}
[] t_maxTransInterval.timeout {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Requested certificate was not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_08_01_BV
* @desc Check that the sent secured CAM contains the signer_info of type certificate_chain
* when the ITS-S has received a CAM containing a request of unrecognized certificate that matches
* with the AA certificate ID that issued its currently used AT certificate ID of the IUT
* Pics Selection: PICS_GN_SECURITY
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT is configured to send more than one CAM per second
* and the IUT having already sent a CAM
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* at TIME_1
* and the IUT having received a SecuredMessage
* containing header_fields['request_unrecognized_certificate'] {
* containing digests {
* containing HashedId3 value
* referencing to the AA certificate
* }
* }
* at TIME_2 (TIME_1 < TIME_2 < TIME_1+ 1sec)
* }
* ensure that {
* when {
* the IUT is requested to send a CAM
* at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+ 1sec)
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate_chain'
* containing certificates[last]
* indicating the AT certificate
* containing certificates[last-1]
* indicating the AA certificate
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_SND_CAM_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const float c_certificateGenerationTime := 1.0;
timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
var GeoNetworkingInd v_geoNwInd;
var ItsCam v_component;
var SignerInfo v_si;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
geoNetworkingPort.clear;
v_component := f_setCamFrequencyGreatherThan1Hz();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
t_maxTransInterval.start;
f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
f_getCertificateSignerInfo(v_si.signerInfo.certificate, v_si);
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
// Send secured message with request for unrecognized certificate
f_sendSecuredCam(
{
m_header_field_unrecognised_certificate( // containing digests
f_HashedId3FromHashedId8( // containing HashedId3 value
v_si.signerInfo.digest // referencing to the AA certificate
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
)
)
});
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate_chain
)))) -> value v_geoNwInd {
var SignerInfo v_signerInfo;
var CertificateChain v_certificates;
var integer v_certificateChainLength;
t_maxTransInterval.stop;
// Extract certificate chain
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
v_certificates := v_signerInfo.signerInfo.certificates;
v_certificateChainLength := lengthof(v_certificates);
if (v_certificateChainLength >= 2) { // Check length
if ( // Check Content
not(
(v_certificates[0].subject_info.subject_type == e_authorization_authority) and
// Check the certificate chain contains certificates[last] indicating the AT certificate
(v_certificates[1].subject_info.subject_type == e_authorization_ticket)
// Check the certificate chain contains certificates[last-1] indicating the AA certificate
)) {
log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successful ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content length ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***");
repeat;
}
[] t_maxTransInterval.timeout {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_09_01_BV
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
/**
* @desc Check that the IUT doesn't send a secured CAM contains the signer_info of type certificate_chain
* when the AA certificate was previously requested and already received from another ITS-S
* <pre>
* Pics Selection: PICS_GN_SECURITY PICS_PLUGTEST_VERSION
* Config Id: CF01
* Initial conditions:
* </pre>
* with
* the IUT being in the 'authorized' state
* and the IUT is configured to send more than one CAM per second
* and the IUT having already sent a CAM
* containing header_fields['signer_info'].signer.type
* indicating 'certificate'
* at TIME_1
* and the IUT having received a SecuredMessage
* containing header_fields['request_unrecognized_certificate']
* containing digests
* containing HashedId3 value (HASH1)
* referencing to the AA certificate
* at TIME_2 (TIME_1 < TIME_2 < TIME_1+1sec)
* and the IUT having received a SecuredMessage
* containing header_fields['signer_info'].signer.type
* indicating 'certificate_chain'
* containing AA certificate
* having HashedId3 value of HASH1
* at TIME_3 (TIME_2 < TIME_3 < TIME_2+0.1sec)
* ensure that
* when
* the IUT is requested to send a CAM
* at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+1sec)
* then
* the IUT sends a SecuredMessage
* and containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'digest'
* or indicating 'certificate'
*
* @see ETSI TS 103 096-2 v1.3.3 TP_SEC_ITSS_SND_CAM_09_02_BV
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_SND_CAM_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const float c_certificateGenerationTime := 1.0;
timer t_maxTransInterval := c_certificateGenerationTime * 1.1;
var GeoNetworkingInd v_geoNwInd;
var ItsCam v_component;
var SignerInfo v_si;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
if (not(PICS_PLUGTEST_VERSION)) {
log("*** " & testcasename() & ": ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
geoNetworkingPort.clear;
v_component := f_setCamFrequencyGreatherThan1Hz();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
tc_ac.stop;
t_maxTransInterval.start;
f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
f_getCertificateSignerInfo(v_si.signerInfo.certificate, v_si);
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
// Send secured message with request for unrecognized certificate
f_sendSecuredCam(
cc_taCert_A,
{
m_header_field_unrecognised_certificate( // containing digests
f_HashedId3FromHashedId8( // containing HashedId3 value
v_si.signerInfo.digest // referencing to the AA certificate
)
)
});
// Send secured message signed with certificate_chain
f_sendSecuredCam(
cc_taCert_A1,
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate_chain
)))) {
log("*** " & testcasename() & ": FAIL: CAM retransmition with unexpected certificate_chain ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***");
repeat;
}
[] t_maxTransInterval.timeout {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successfully skipped ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_terminateCam(v_component);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_09_02_BV
/**
* @desc Check that the sent secured CAM contains exactly one HeaderField generation_time which is inside
* the validity time of the certificate referenced by the signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* }
* ensure that {
* when {
* the IUT is requested to send CAM
* } then {
* containing generation_time
* indicating TIME_1 (CUR_TIME - 5min <= TIME_1 <= CUR_TIME + 5min)
* containing header_fields ['signer_info']
* containing signer
* and containing certificate
* containing validity_restrictions['time_end']
* indicating value > GEN_TIME
* or containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating value <= GEN_TIME
* and containing end_validity
* indicating value > GEN_TIME
* or containing validity_restrictions['time_start_and_duration']
* containing start_validity (X_START_VALIDITY)
* indicating value <= GEN_TIME
* and containing duration
* indicating value > GEN_TIME - X_START_VALIDITY
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.1
*/
testcase TC_SEC_ITSS_SND_CAM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_timeThreshold := 1000 * 60; /** Time threshold in milliseconds */
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
var Certificate v_certificate;
var HeaderField v_headerField;
var Time64 v_generationTime;
var ValidityRestriction v_validity;
var integer v_currentTime, v_lowerBound, v_upperBound;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_generation_time,
mw_header_field_signer_info_certificate,
mw_header_field_its_aid_CAM
))))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: CAM transmission with certificate ***");
v_currentTime := f_getCurrentTime();
log("v_currentTime (us)=", v_currentTime * 1000);
v_lowerBound := (v_currentTime - c_timeThreshold) * 1000;
v_upperBound := (v_currentTime + c_timeThreshold) * 1000;
// Extract generation_time
f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField);
v_generationTime := v_headerField.headerField.generation_time;
// Extract certificate
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
v_certificate := v_signerInfo.signerInfo.certificate;
// Check current time
if (match(v_generationTime, (v_lowerBound .. v_upperBound))) {
log("*** " & testcasename() & ": PASS: Generation time matches current time ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Generation time does not match current time " & int2str(v_currentTime-v_lowerBound) & " / " & int2str(v_upperBound - v_currentTime) & " . ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check generation_time validity
if (
(f_getCertificateValidityRestriction(v_certificate, e_time_start_and_end, v_validity) == true) and
(v_generationTime >= (v_validity.validity.time_start_and_end.start_validity * 1000000) and
(v_generationTime < (v_validity.validity.time_start_and_end.end_validity * 1000000)))
) {
log("*** " & testcasename() & ": PASS: Generation time within certificate validity/time_start_and_end ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else if (
(f_getCertificateValidityRestriction(v_certificate, e_time_end, v_validity) == true) and
(v_generationTime < (v_validity.validity.end_validity * 1000000))
) {
log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else if (f_getCertificateValidityRestriction(v_certificate, e_time_start_and_duration, v_validity) == true) {
if (PICS_PLUGTEST_VERSION) {
log("*** " & testcasename() & ": FAIL: Usage of time_start_and_duration is forbidden in TS103097 v1.2.5 ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if ((v_generationTime >= (v_validity.validity.time_start_and_duration.start_validity * 1000000)) and
(v_generationTime < (f_duration2time(v_validity.validity.time_start_and_duration.duration_) * 1000000))
) {
log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
log("*** " & testcasename() & ": FAIL: Generation time not within certificate validity ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
))) {
log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***");
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_10_01_BV
* @desc Check that the IUT sends certificate request when it receives a message from unknown station
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT has receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_digest_with_sha256'
* containing digest
* indicating HashedId3 value DIGEST_A
* referenced to unknown certificate
* }
* ensure that {
* when {
* the IUT is requested to send CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['request_unrecognized_certificate']
* containing digests
* containing HashedId3 value
* indicating DIGEST_A
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_SND_CAM_12_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var HashedId8 v_expectedHashedId8;
var HashedId3 v_expectedHashedId3;
var GeoNetworkingPdu v_securedGnPduToBeSent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Send secured message from unknown ITS-S
// Test component configuration
// Test adapter configuration
// Preamble
f_prNeighbour();
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
f_getCertificateDigest(
cc_taCert_F,
v_expectedHashedId8
);
v_expectedHashedId3 := f_HashedId3FromHashedId8(v_expectedHashedId8);
// preamble: waiting for CAM with certificate and send a CAM with unknown digest right after that
v_securedGnPduToBeSent := f_prepareSecuredCam(cc_taCert_F);
geoNetworkingPort.clear;
tc_ac.start;
alt {
[] geoNetworkingPort.receive
{
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPduToBeSent));
tc_ac.stop;
log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
}
} // End of preamble 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_request_unrecognized_certificate(
{ v_expectedHashedId3 }
))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: CAM received with request for unrecognized certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs
log("*** " & testcasename() & ": FAIL: CAM received without request for unrecognized certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_12_01_BV
* @desc Check that the Secured CAM contains non-empty payload of type signed
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* containing payload_field
* containing type
* indicating 'signed'
* containing not-empty data
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_SND_CAM_14_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Test adapter configuration
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
?,
mw_payload(
e_signed
))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: CAM received with exactly 1 signed payload");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_14_01_BV
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
/**
* @desc Check that the secured CAM contains only the trailer field of type signature
* and no other trailer fields
* <pre>
* Pics Selection: PICS_GN_SECURITY PICS_PLUGTEST_VERSION
* Config Id: CF01
* Initial conditions:
* with
* the IUT being in the 'authorized' state
* ensure that
* when
* the IUT is requested to send a CAM
* then
* the IUT sends a SecuredMessage
* containing trailer_fields
* containing trailer_fields[0]
* containing type
* indicating 'signature'
* and not containing any other items
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_15_01_BV
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_SND_CAM_15_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_nbVerification := 3;
var integer v_nbVerification := 0;
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
var Certificate v_certificate;
var boolean v_certificateReceived := false;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
if (not(PICS_PLUGTEST_VERSION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(?, ?,
superset(mw_trailer_field_signature,
mw_trailer_field
))))){
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: CAM received with more then one trailer fields");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(?, ?,
{ mw_trailer_field_signature }
)))){
tc_ac.stop;
log("*** " & testcasename() & ": INFO: CAM message with signature trailer received ***");
v_nbVerification := v_nbVerification + 1;
if (v_nbVerification < c_nbVerification) {
tc_ac.start;
repeat;
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
log("*** " & testcasename() & ": PASS: All CAMs received with correct trailer fields count");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_15_01_BV
/**
* @desc Check that the secured CAM contains only one TrailerField of type signature.
* Check that the signature contained in the SecuredMessage is calculated over the right fields by
* cryptographically verifying the signature.
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields ['signer_info']
* containing signer
* containing type
* indicating 'certificate_digest_with_sha256'
* containing digest
* referenced to the certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* containing type
* indicating 'certificate'
* containing certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_SND_CAM_16_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_nbVerification := 3;
var integer v_nbVerification := 0;
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
var Certificate v_certificate;
var boolean v_certificateReceived := false;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Test adapter configuration
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: CAM message with certificate received ***");
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
v_certificate := v_signerInfo.signerInfo.certificate;
v_certificateReceived := true;
if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_nbVerification := v_nbVerification + 1;
if (v_nbVerification < c_nbVerification) {
tc_ac.start;
repeat;
}
}
[v_certificateReceived == true] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_CAMs(
mw_header_field_signer_info_digest
)))) -> value v_geoNwInd {
tc_ac.stop;
if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_nbVerification := v_nbVerification + 1;
if (v_nbVerification < c_nbVerification) {
tc_ac.start;
repeat;
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
log("*** " & testcasename() & ": PASS: All CAMs received with correct signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CAM_16_01_BV
/**
* @desc Sending behaviour test cases for DENM profile
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.5 DENM profile
*/
group sendDENMProfile {
* @desc Check that the sent Secured DENM contains a HeaderField its_aid that is set to 'AID_DENM'
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send DENM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields ['its_aid']
* containing its_aid
* indicating 'AID_DENM'
* }
* }
* </pre>
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.2
testcase TC_SEC_ITSS_SND_DENM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderFields v_headersFields;
var ItsDenm v_denmComponent;
var integer v_previousHeaderType;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_its_aid_DENM
)
),
log("*** " & testcasename() & ": PASS: 'its_aid' is set to 'AID_DENM'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// DENM without mandatory fields
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_its_aid_DENM
)
)))) {
log("*** " & testcasename() & ": FAIL: Secured DENM doesnt contain required headers");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
* @desc Check that the secured DENM contains exactly one element of these header fields: signer_info, generation_time,
* generation_location, message_type.
* Check that the header fields are in the ascending order according to the numbering of the enumeration except
* of the signer_info, which is encoded first.
* Check that generation_time_with_confidence (generation_time_standard_deviation) is not used
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing header_fields[0]
* containing type
* indicating 'signer_info'
* containing header_fields [n].type
* indicating value less then header_fields [n+ 1].type
* containing header_fields ['generation_time']
* containing header_fields ['generation_location']
* not containing header_fields ['generation_time_with_confidence']
* }
* }
* </pre>
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_SND_DENM_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderFields v_headersFields;
var ItsDenm v_denmComponent;
var integer v_previousHeaderType;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field( e_signer_info ),
mw_header_field( e_generation_time ),
mw_header_field( e_generation_location ),
mw_header_field_its_aid_DENM
)
),
mw_geoNwAnyPacket_withPayload(
?
)))) -> value v_geoNwInd {
tc_ac.stop;
// Process header fields manually
v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
// Check that signerInfo is first header
if (lengthof(v_headersFields) < 1 or not match(v_headersFields[0].type_, e_signer_info)) {
log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_previousHeaderType := enum2int(v_headersFields[0].type_);
for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
// Check forbidden header
if (match(v_headersFields[v_counter].type_, e_generation_time_standard_deviation)) {
log("*** " & testcasename() & ": FAIL: Forbidden header present");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (match(v_headersFields[v_counter].type_, e_signer_info)) {
log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_counter > 1 ) {
// Check that no header is duplicated
if (match(v_headersFields[v_counter].type_, v_previousHeaderType)) {
log("*** " & testcasename() & ": FAIL: multiple instances of the same header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check that headers are ordered
if (match(v_headersFields[v_counter].type_, integer:(0..v_previousHeaderType))) {
log("*** " & testcasename() & ": FAIL: headers are not in the correct order");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
v_previousHeaderType := enum2int(v_headersFields[v_counter].type_);
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: correct secured packet received");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// DENM without mandatory fields
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_its_aid_DENM
)
)))) {
log("*** " & testcasename() & ": FAIL: Secured DENM doesnt contain required headers");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_02_01_BV
/**
* @desc Check that secured DENM contains the certificate as a signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* and containing certificate
testcase TC_SEC_ITSS_SND_DENM_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderFields v_headersFields;
var HeaderFieldType v_previousHeaderType;
var integer v_counter;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
mw_header_field_signer_info_certificate
),
mw_geoNwAnyPacket_withPayload(
?
)))) {
if (v_counter < 3) {
f_cancelDenmEvent(v_denmComponent);
v_counter := v_counter + 1;
v_denmComponent := f_triggerDenmEvent();
repeat;
} else {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: DENM signed with certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DENM signed with not a certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_03_01_BV
* @desc Check that Secured DENM generation time is inside the validity period of the signing certificate
* Check that generation time value is realistic
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a DENM
* } then {
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
* the IUT sends a SecuredMessage
* containing exactly one header_fields['generation_time']
* containing generation_time
* indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
* containing header_fields['signer_info']
* containing signer {
* containing type
* indicating 'certificate'
* containing certificate
* containing validity_restrictions['time_end']
* containing end_validity
* indicating value > TIME_1
* or containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating value <= GEN_TIME
* and containing end_validity
* indicating value > GEN_TIME
* or containing validity_restrictions['time_start_and_duration']
* containing start_validity (CERT_START_VALIDITY)
* indicating value <= GEN_TIME
* and containing duration
* indicating value > GEN_TIME - CERT_START_VALIDITY
* }
* }
* </pre>
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.2
testcase TC_SEC_ITSS_SND_DENM_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
const integer c_timeLimit := 10 * 60 * 1000000; // us
var GeoNetworkingInd v_geoNwInd;
var HeaderField v_headerField;
var Time64 v_generationTime;
var Time64 v_curTime;
var Certificate v_cert;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(
e_generation_time
),
mw_header_field_signer_info_certificate,
mw_header_field_its_aid_DENM
)
),
mw_geoNwAnyPacket_withPayload(
?
)))) -> value v_geoNwInd {
tc_ac.stop;
v_curTime := f_getCurrentTime();
v_curTime := v_curTime * 1000; // Time64 is in microseconds
if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField)) {
v_generationTime := v_headerField.headerField.generation_time;
log("v_generationTime (us) = ", v_generationTime);
if (not match(v_generationTime, Time64:(v_curTime-c_timeLimit, v_curTime+c_timeLimit))) {
log("*** " & testcasename() & ": FAIL: DENM generation time is not in 10 min range");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check that generation time is inside the certificate validation period
if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_signer_info, v_headerField)) {
v_cert := v_headerField.headerField.signer.signerInfo.certificate;
for (var integer v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
if (not match(v_generationTime, Time64:(0 .. v_endTime))){
log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
v_endTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000;
v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
if (not match(v_generationTime, Time64:(v_startTime .. v_endTime))){
log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
if (PICS_PLUGTEST_VERSION){
log("*** " & testcasename() & ": FAIL: Usage of time_start_and_duration is not allowed in TS103097 v1.2.5");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
v_duration := f_duration2time(v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
if (not match(v_generationTime, Time64:(v_startTime .. v_duration))){
log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: DENM generation time is inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Invalid DENM received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_04_01_BV
* @desc Check that the secured DENM contains exactly one HeaderField generation_location
* when AT certificate does not contain any region restrictions
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_A)
* not containing validity_restrictions['region']
* }
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing exactly one header_fields ['generation_location']
* containing generation_location
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_DENM_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
stop;
}
// Test component configuration
// CERT_IUT_A is the default one
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
superset(
mw_validity_restriction_any_valid_region
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
))))))) {
log("*** " & testcasename() & ": INFO: Skip DENM containing region restrictions ***");
repeat;
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(
e_generation_location
),
mw_header_field_signer_info_certificate,
mw_header_field_its_aid_DENM
))))) {
// The certificate doesn't contain region restrictions because such messages was catched before
tc_ac.stop;
log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
mw_header_field_signer_info_certificate
)))) {
// the message does not contain generation location
tc_ac.stop;
log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
// Cancel DENM events
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_05_01_BV
function f_TC_SEC_ITSS_SND_DENM_05_BV(
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var ItsDenm v_denmComponent;
// Trigger DENM
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
// DENM contains generation location and certificate with region restrictions
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(
e_generation_location
),
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
superset(
mw_validity_restriction_region(
)
)
)
),
mw_header_field_its_aid_DENM
))))) -> value v_geoNwInd {
var ValidityRestriction v_vr;
var HeaderField v_hf;
tc_ac.stop;
// check that generation location is inside the circular region of the certificate
if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf)
and f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr)
) {
if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) {
log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}else{
log("*** " & testcasename() & ": FAIL: DENM contains generation location outside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
// DENM signing certificate doesn't contains region restriction
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_its_aid_DENM,
mw_header_field(e_generation_location),
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
{ } // DENM signing certificate doesn't 'contains region restriction
)
)
))))) {
tc_ac.stop;
log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
f_cancelDenmEvent(v_denmComponent);
} // End of function f_TC_SEC_ITSS_SND_DENM_05_BV
/**
* @desc Check that the secured DENM contains exactly one HeaderField generation_location
* which is inside the circular region containing in the validity restriction of the
* certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_CIRCULAR_REGION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_B) {
* containing validity_restrictions ['region'] {
* containing region{
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating REGION
* }
* }
* }
* }
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing exactly one header_fields ['generation_location']
* containing generation_location
* indicating value inside the REGION
* }
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_DENM_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_B;
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_circle);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_05_02_BV
/**
* @desc Check that the secured DENM contains exactly one HeaderField generation_location
* which is inside the rectangular region containing in the validity restriction
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_C)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'rectangle'
* containing rectangular_region
* indicating REGION
* }
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing exactly one header_field ['generation_location']
* containing generation_location
* indicating value inside the REGION
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_DENM_05_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_C;
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_rectangular);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_05_03_BV
/**
* @desc Check that the secured DENM contains exactly one HeaderField generation_location
* which is inside the polygonal region containing in the validity restriction
* of the certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_D)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'polygon'
* containing polygonal_region
* containing instance of RectangularRegion
* indicating REGION
* }
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing exactly one header_field ['generation_location']
* containing generation_location
* indicating value inside the REGION
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_DENM_05_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variablesl
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_D;
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_polygonal);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_05_04_BV
/**
* @desc Check that the secured DENM contains exactly one HeaderField generation_location
* which is inside the identified region containing in the validity restriction
* of the certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION and PICS_CERTIFICATE_SELECTION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_E)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'id_region'
* containing identified_region
* indicating REGION
* }
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing exactly one header_fields ['generation_location']
* containing generation_location
* indicating value inside the REGION
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_DENM_05_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_E;
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_identified);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_05_05_BV
* @desc Check that the Secured DENM contains exactly one non-empty payload of type signed
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* Expected results:
* ensure that {
* when {
* the IUT is requested to send a DENM
* } then {
* the IUT sends a SecuredMessage
* containing payload_field
* containing exactly one element of type Payload
* containing type
* indicating 'signed'
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_DENM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
// Test Body
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
?,
mw_payload(e_signed)
)))) {
log("*** " & testcasename() & ": PASS: DENM payload is 'signed'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
?,
mw_payload()
)))) {
log("*** " & testcasename() & ": FAIL: DENM payload is not 'signed'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
log("*** " & testcasename() & ": FAIL: DENM payload is not exist");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
/**
* @desc Check that the secured DENM contains only the trailer field of type signature
* and no other trailer fields
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_PLUGTEST_VERSION
* Config Id: CF01
* Initial conditions:
* with
* the IUT being in the 'authorized' state
* ensure that
* when
* the IUT is requested to send DENM
* then
* the IUT sends a SecuredMessage
* containing trailer_fields
* containing trailer_fields[0]
* containing type
* indicating 'signature'
* and not containing other items
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_09_01_BV
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_SND_DENM_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_nbVerification := 3;
var integer v_nbVerification := 0;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
if (not(PICS_PLUGTEST_VERSION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(?, ?, {
mw_trailer_field_signature
})
))){
tc_ac.stop;
log("*** " & testcasename() & ": INFO: DENM message with signature trailer received ***");
v_nbVerification := v_nbVerification + 1;
if (v_nbVerification < c_nbVerification) {
tc_ac.start;
repeat;
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(?, ?, {})
))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DENM message with NO trailer fields received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(?, ?,
superset( mw_trailer_field, ? )
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DENM message with more than one trailer field received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
log("*** " & testcasename() & ": PASS: DENM received with correct signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_09_01_BV
* @desc Check that the secured DENM contains only one TrailerField of type signature.
* Check that the signature contained in the SecuredMessage is calculated
* over the right fields by cryptographically verifying the signature.
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* when {
* the IUT is requested to send DENM
* } then {
* the IUT sends a SecuredMessage
* containing header_field ['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* and containing signature
* verifiable using KEY
* }
testcase TC_SEC_ITSS_SND_DENM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
var Certificate v_certificate;
var ItsDenm v_denmComponent;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: DENM message with certificate received ***");
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) {
log("*** " & testcasename() & ": FAIL: DENM received with invalide signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_DENMs
))) {
log("*** " & testcasename() & ": FAIL: DENM doesn't contain signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
log("*** " & testcasename() & ": PASS: DENM received with correct signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_10_01_BV
} // End of group sendDENMProfile
/**
* @desc Sending behaviour test cases for DENM profile
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.6 Generic signed message profile
*/
group sendOtherProfile {
* @desc Check that the secured message contains of type signed
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
* Config Id: CF01
* Initial conditions:
* with {
* when {
* the IUT is requested to send a Beacon
* } then {
* the IUT sends a SecuredMessage {
* containing header_field ['its_aid']
* containing its_aid
* indicating 'AID_BEACON'
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_06_01_BV
testcase TC_SEC_ITSS_SND_GENMSG_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
?,
?,
mw_header_field_its_aid_Other
)
),
?
tc_ac.stop;
log("*** " & testcasename() & ": PASS: 'its_aid' is neither set to 'AID_CAM' nor 'AID_DENM'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
log("*** " & testcasename() & ": INCONC: Expected Message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
/**
* @desc Check that the generic secured message contains exactly one element of these header fields:
* signer_info, generation_time, generation_location.
* Check that the header fields are in the ascending order according to the numbering of the enumeration
* except of the signer_info, which is encoded first.
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* Expected Results:
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* the IUT sends a SecuredMessage
* containing header_fields [0].type
* indicating 'signer_info'
* and containing header_fields [1..n]
* where header_fields [v_counter].type < header_fields [v_counter + 1].type
* and containing header_fields ['generation_time']
* and containing header_fields ['generation_location']
* and containing header_field ['its_aid']
* }
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_02_01_BV
testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
var GeoNetworkingInd v_geoNwInd;
var HeaderFields v_headersFields;
var HeaderFieldType v_previousHeaderType;
var integer v_counter;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(e_generation_time),
mw_header_field(e_generation_location),
mw_header_field_its_aid_Other
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
)
),
mw_geoNwBeaconPacket(
?
)))) -> value v_geoNwInd {
tc_ac.stop;
// Process header fields manually
v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
// Check that signerInfo is first header
if (lengthof(v_headersFields) < 1 or not match(v_headersFields[0].type_, e_signer_info)) {
log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
for (v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
// Check that no header is duplicated
if (match(v_headersFields[v_counter].type_, e_signer_info)) {
log("*** " & testcasename() & ": FAIL: multiple instances of signer_info");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_counter > 1) {
// Check that headers are ordered
if (v_headersFields[v_counter].type_ == v_previousHeaderType) {
log("*** " & testcasename() & ": FAIL: multiple instances of same Header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_headersFields[v_counter].type_ < v_previousHeaderType) {
log("*** " & testcasename() & ": FAIL: headers not in correct order");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
v_previousHeaderType := v_headersFields[v_counter].type_;
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: correct secured packet received");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV
/**
* @desc Check that generic secured message contains the certificate as a signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
* Config Id: CF01
* Initial Conditions:
* with {
* the IUT being in the 'authorized' state
* }
* Expected Behaviour
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing exactly one header_fields ['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* and containing certificate
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_03_01_BV
testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
mw_header_field_signer_info_certificate
),
mw_geoNwBeaconPacket(
?
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: Beacon signed with certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
mw_header_field(
e_signer_info
)
),
mw_geoNwBeaconPacket(
?
)))) {
log("*** " & testcasename() & ": INFO: Beacon signed with digest ***");
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV
/**
* @desc Check that message generation time is inside the validity period of the signing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
* the IUT sends a SecuredMessage
* containing exactly one header_fields['generation_time']
* containing generation_time
* indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate
* containing validity_restrictions['time_end']
containing end_validity
indicating value > GEN_TIME
* and containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating value <= TIME_1
* and containing end_validity
* indicating value > TIME_1
* or containing validity_restrictions['time_start_and_duration']
* containing start_validity (CERT_START_VALIDITY)
* indicating value <= GEN_TIME
* and containing duration
* indicating value > GEN_TIME - CERT_START_VALIDITY
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_04_01_BV
testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
var GeoNetworkingInd v_geoNwInd;
var HeaderField v_headerField;
var Time64 v_generationTime;
var Time64 v_curTime;
var Certificate v_cert;
var integer v_counter;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(
e_generation_time
),
mw_header_field_signer_info_certificate,
mw_header_field_its_aid_Other
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
)
),
mw_geoNwBeaconPacket(
?
)
)
)) -> value v_geoNwInd {
const integer c_deltaTime := 2 * 3600 * 1000000; // Two hours, in microsecoonds
tc_ac.stop;
v_curTime := f_getCurrentTime();
v_curTime := v_curTime * 1000; // Clause 4.2.16 Time64: is in microseconds
if (
f_getMsgHeaderField(
v_geoNwInd.msgIn.gnPacket.securedMsg,
e_generation_time,
v_headerField
)) {
v_generationTime := v_headerField.headerField.generation_time;
log("v_generationTime=", v_generationTime);
log("v_curTime=", v_curTime);
log("v_curTime - c_deltaTime=", v_curTime - c_deltaTime);
if (v_generationTime < (v_curTime - c_deltaTime)) {
log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the past");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_generationTime > (v_curTime + c_deltaTime)) {
log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the future");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check that generation time is inside the certificate validation period
if (
f_getMsgHeaderField(
v_geoNwInd.msgIn.gnPacket.securedMsg,
e_signer_info,
v_headerField
)) {
v_cert := v_headerField.headerField.signer.signerInfo.certificate;
for (v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
if (v_generationTime > v_endTime ) {
log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
v_endTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000;
v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
if (v_generationTime < v_startTime or v_generationTime > v_endTime ) {
log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
if (PICS_PLUGTEST_VERSION){
log("*** " & testcasename() & ": FAIL: Usage of time_start_and_duration is not allowed in TS103097 v1.2.5");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
v_duration := f_duration2time(v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
if (v_generationTime < v_startTime or (v_startTime + v_duration) > v_endTime ) {
log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: Beacon generation time is inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: DENM signer info is not available");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV
/**
* @desc Check that the secured GN Beacon contains exactly one HeaderField generation_location
* when AT certificate does not contain any region restrictions
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_A)
* }
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* the IUT sends a SecuredMessage
* containing exactly one header_fields ['generation_location']
* containing generation_location
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_01_BV
testcase TC_SEC_ITSS_SND_GENMSG_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
stop;
}
// Test component configuration
// CERT_IUT_A is the default one
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(mw_geoNwSecPdu(
mdw_securedMessage_Others(
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
superset(
mw_validity_restriction_any_valid_region
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
))))))) {
log("*** " & testcasename() & ": INFO: Skip DENM containing region restrictions ***");
repeat;
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(
e_generation_location
),
mw_header_field_signer_info_certificate,
complement(
mw_header_field_its_aid_CAM,
mw_header_field_its_aid_DENM
)
))))) {
// The certificate doesn't contain region restrictions because such messages was catched before
tc_ac.stop;
log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
mw_header_field_signer_info_certificate
)))) {
// The message does not contain generation location
tc_ac.stop;
log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_01_BV
/**
* @desc Check that the secured GN Beacon contains exactly one HeaderField generation_location
* which is inside the circular region containing in the validity restriction of the
* certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION and PICS_USE_CIRCULAR_REGION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_B)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating REGION
* }
* ensure that {
* when {
* the IUT is requested to send a GN Beacon
* } then {
* the IUT sends a SecuredMessage
* containing exactly one header_fields['generation_location']
* containing generation_location
* indicating value inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_02_BV
testcase TC_SEC_ITSS_SND_GENMSG_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_B;
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_circle);
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_02_BV
/**
* @desc Check that the secured GN Beacon contains exactly one HeaderField generation_location
* which is inside the rectangular region containing in the validity restriction
* of the certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_C)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'rectangle'
* containing rectangular_region
* indicating REGION
* }
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing exactly one header_fields ['generation_location']
* containing generation_location
* containing instance of RectangularRegion
* indicating value inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_03_BV
testcase TC_SEC_ITSS_SND_GENMSG_05_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_C; // Load IUT certificate CERT_IUT_C
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_rectangular);
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_03_BV
/**
* @desc Check that the secured GN Message contains exactly one HeaderField generation_location
* which is inside the polygonal region containing in the validity restriction
* of the certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_AT_D)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'polygon'
* containing polygonal_region
* indicating REGION
* }
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* containing exactly one header_fields ['generation_location']
* containing generation_location
* indicating value inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_04_BV
testcase TC_SEC_ITSS_SND_GENMSG_05_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_D; // Load IUT certificate CERT_IUT_D
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_polygonal);
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_04_BV
/**
* @desc Check that the secured GN Message contains exactly one HeaderField generation_location
* which is inside the identified region containing in the validity restriction
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_IDENTIFIED_REGION and PICS_CERTIFICATE_SELECTION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_E)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'id_region'
* containing identified_region
* indicating REGION
* }
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* containing exactly one header_fields ['generation_location']
* containing generation_location
* indicating value inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_05_BV
testcase TC_SEC_ITSS_SND_GENMSG_05_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_E; // Load IUT certificate CERT_IUT_E
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_identified);
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_05_BV
/**
* @desc Check that the secured GN Message contains exactly one HeaderField generation_location
* which is inside the certificate pointed by the signer_info field
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and not PICS_CERTIFICATE_SELECTION
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signed_info'].certificate
* containing validity_restrictions ['region']
* containing region.region_type
* indicating 'circle'
* containing region.circular_region
* indicating REGION
* indicating 'rectangle'
* containing region.rectangular_region
* containing array of rectangles
* indicating REGION
* indicating 'polygonal'
* containing region.polygonal_region
* indicating REGION
* indicating 'id_region'
* containing region.circular_region
* indicating REGION
* and containing exactly one header_fields['generation_location']
* containing generation_location
* indicating location inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_06_BV
testcase TC_SEC_ITSS_SND_GENMSG_05_06_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or PICS_CERTIFICATE_SELECTION) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and not PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_B; // Load IUT certificate CERT_IUT_B
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_GENMSG_05_BV(); // any type of regions
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_06_BV
group f_TC_SEC_ITSS_SND_GENMSG_05_xx {
function f_TC_SEC_ITSS_SND_GENMSG_05_BV(
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingInd v_geoNwInd;
tc_ac.start;
alt {
// GN message must contain generation location and the certificate with region restrictions
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(e_generation_location),
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
superset(
mw_validity_restriction_region(
p_region
))))))))) -> value v_geoNwInd {
var ValidityRestriction v_vr;
var HeaderField v_hf;
tc_ac.stop;
// Check that generation location
if (
f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf) and
f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr)
) {
if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) {
log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("v_vr.validity.region=", v_vr.validity.region);
log("v_hf.headerField.generation_location=", v_hf.headerField.generation_location);
log("*** " & testcasename() & ": FAIL: Invalid location");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
// GN message doesn't contain generation location
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others
))) -> value v_geoNwInd {
var HeaderField v_hf;
tc_ac.stop;
// Check that generation location is not present
f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf);
if (not isbound(v_hf)) {
log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
// GN signing certificate doesn't contains region restriction
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
{ } // GN signing certificate doesn't contains region restriction
)))))) {
tc_ac.stop;
log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
} // End of function f_TC_SEC_ITSS_SND_GENMSG_05_BV
} // End of group f_TC_SEC_ITSS_SND_GENMSG_05_xx
/**
* @desc Check that the secured message contains of type signed, signed_external or signed_and_encrypted
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* Expected results:
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* the IUT sends a SecuredMessage {
* containing payload_fields
* containing exactly one element of type Payload
* containing type
* indicating 'signed' or 'signed_external' or 'signed_and_encrypted'
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_06_01_BV
testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
?,
mw_payload(
e_signed
)
),
mw_geoNwBeaconPacket(
?
)))) {
log("*** " & testcasename() & ": PASS: Beacon payload is 'signed'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
?,
),
mw_geoNwBeaconPacket(
?
)))) {
log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_external'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
?,
mw_payload(
e_signed_and_encrypted
)
),
mw_geoNwBeaconPacket(
?
)))) {
log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_and_encrypted'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
?,
mw_payload
),
mw_geoNwBeaconPacket(
?
)))) {
log("*** " & testcasename() & ": FAIL: Beacon payload is not signed, signed_external or signed_and_encrypted");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected Message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV
* @desc Check that the secured GN Message contains only one TrailerField of type signature ;
* Check that the signature contained in the SecuredMessage is calculated over the right fields by
* cryptographically verifying the signature
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send Beacon
* } then {
* the IUT sends a SecuredMessage
* containing header_fields ['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* and containing certificate
* indicating CERT
* and containing trailer_fields['signature']
* containing signature
* verifiable using CERT.subject_attributes['verification_key']
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_07_01_BV
testcase TC_SEC_ITSS_SND_GENMSG_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: Beacon message with certificate received ***");
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) {
log("*** " & testcasename() & ": FAIL: Beacon received with invalide signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others
))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Beacon message without certificate received");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected GN Message not received");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
log("*** " & testcasename() & ": PASS: GN Message received with correct signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_07_01_BV
/**
* @desc Sending behaviour test cases for certificates profile
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7 Profiles for certificates
*/
group sendCertificatesProfile {
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* }
* Expected Behaviour:
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating certificate
* containing certificate
* containing version
* indicating '2'
* }
* }
testcase TC_SEC_ITSS_SND_CERT_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
mw_certificate(
))))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: AT Certificate version set to " & int2char(c_certificate_version) & " ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
?
)))))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: AT Certificate version mismatch ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* }
* Expected Behaviour:
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* and containing certificates
* indicating length > 0
* and containing certificates[n] (0..N)
* containing version
* indicating '2'
* }
* }
testcase TC_SEC_ITSS_SND_CERT_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
var SecuredMessage v_recv;
var Certificate v_cert;
var SignerInfo v_si;
var HashedId8 v_digest;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
// Wait for the message with the certificate to retrieve the AA digest.
// Ask for the chain, containing AT and AA certificate
// Check AA Certificate
log("*** " & testcasename() & ": INFO: Wait for certificate and ask for certificate chain ***");
tc_ac.start;
f_askForCertificateChain(f_generateDefaultCam());
tc_ac.stop;
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate_chain(
superset(
mw_aa_certificate
))))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: AA certificate version set to " & int2char(c_certificate_version) & " ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate_chain
))))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: AA certificate version mismatch or no AA cert received***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the references in the certificate chain are valid
* Check that signer_info type of all certificates in the chain are 'certificate_digest_with_sha256',
* 'certificate_digest_with_other_algorithm' or 'self'
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* and containing certificates
* indicating length > 0
* and containing certificates[0]
* containing signer_info
* containing type
* indicating 'certificate_digest_with_sha256'
* or indicating 'certificate_digest_with_other_algorythm'
* and containing digest
* referenced to the trusted certificate
* or containing signer_info
* containing type
* indicating 'self'
* and containing certificates[n] (1..N)
* containing signer_info
* containing type
* indicating 'certificate_digest_with_sha256'
* or indicating 'certificate_digest_with_other_algorythm'
* and containing digest
* referenced to the certificates[n-1]
* }
* @reference ETSI TS 103 097 [1], clause 4.2.10, 6.1 and 7.4.1
testcase TC_SEC_ITSS_SND_CERT_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local declarations
var CertificateChain v_chain;
var SignerInfo v_si;
var HashedId8 v_digest;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
tc_ac.stop;
// Test Body
for (var integer v_counter := lengthof(v_chain) - 1; v_counter > 1; v_counter := v_counter - 1) { // Loop on []N-1..1]
if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) {
log("*** " & testcasename() & ": FAIL: Certificate[ " & int2str(v_counter) & "] doesn't contain signer info ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (not match(v_si.type_, e_certificate_digest_with_sha256)) {
if (not match(v_si.type_, e_certificate_digest_with_other_algorithm) or PICS_PLUGTEST_VERSION) {
log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
// signer_info.type indicates 'certificate_digest_with_sha256' or 'certificate_digest_with_other_algorythm'
v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]);
if (not match (v_si.signerInfo.digest, v_digest)) {
log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
// Process certificate[0]
if (not f_getCertificateSignerInfo(v_chain[0], v_si)) {
log("*** " & testcasename() & ": FAIL: Certificate[0] doesn't contain signer info ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// Process certificate[0]
if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
log("*** " & testcasename() & ": FAIL: Certificate[0] is not signed with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// signer_info.type indicates 'certificate_digest_with_sha256' only
log("*** " & testcasename() & ": PASS: Certificate chain is well signed ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the rectangular region validity restriction of the message signing certificate
* contains not more than six valid rectangles;
* Check that the rectangular region validity restriction of the message signing certificate is
* continuous and does not contain any holes
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* containing certificate
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region
* indicating length <= 6
* and containing elements of type RectangularRegion
* indicating continuous region without holes
* and containing northwest and southeast
* indicating northwest is on the north from southeast
* }
* }
* @remark Certificate: cc_taCert_C
testcase TC_SEC_ITSS_SND_CERT_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var Certificate v_cert;
var ValidityRestriction v_vr;
var integer v_counter;
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_C;
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
if (not f_waitForCertificate(v_cert)) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) {
if (v_vr.validity.region.region_type == e_rectangle) {
var RectangularRegions v_rects := v_vr.validity.region.region.rectangular_region;
if (lengthof(v_rects) > 6) {
log("*** " & testcasename() & ": FAIL: Rectangular regions count is greather than 6 ***");
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
for (v_counter := 0; v_counter<lengthof(v_rects); v_counter := v_counter + 1) {
var RectangularRegion v_rect := v_rects[v_counter];
if (true != f_isValidTwoDLocation(v_rect.northwest)) {
log("*** " & testcasename() & ": FAIL: Northwest location is invalid in rect " & int2str(v_counter) & " ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (true != f_isValidTwoDLocation(v_rect.southeast)) {
log("*** " & testcasename() & ": FAIL: Southeast location is invalid in rect " & int2str(v_counter) & " ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check normality of the rectangle
if (v_rect.northwest.latitude < v_rect.southeast.latitude) {
log("*** " & testcasename() & ": FAIL: Rectangular region " & int2str(v_counter) & " is not normalized ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
// Check for continuous rectangles
if (lengthof(v_rects) > 1) {
if (true != f_isContinuousRectangularRegions(v_rects)) { // FIXME Not implemented
log("*** " & testcasename() & ": FAIL: Rectangular regions are not connected all together ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
} else {
log("*** " & testcasename() & ": INCONC: Certificate has other region type ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc
}
} else {
log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the rectangular region validity restriction of all certificates contains not more than
* six valid rectangles;
* Check that the rectangular region validity restriction of the AT certificate is continuous and
* does not contain any holes
* Check that the rectangular certificate validity region of the subordinate certificate is well formed and
* inside the validity region of the issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* containing certificates
* indicating length N > 0
* and containing certificates [n] 0..n
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region
* indicating length <= 6
* and containing elements of type RectangularRegion
* containing northwest and southeast
* indicating northwest on the north from southeast
* and indicating continuous region without holes
testcase TC_SEC_ITSS_SND_CERT_04_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown); // current and issuing cert validity restrictions
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_C;
// Test adapter configuration
// Preamble
f_prNeighbour();
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
} else {
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
tc_ac.stop;
for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
v_vri := v_vr;
f_vri := f_vr;
f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
log("v_chain[v_counter]=", v_chain[v_counter]);
if (f_vr) {
var RectangularRegions v_rects;
if (v_vr.validity.region.region_type != e_rectangle) {
log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not rectangular ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_rects := v_vr.validity.region.region.rectangular_region;
log("v_rects=", v_rects);
if (lengthof(v_rects) > 6) {
log("*** " & testcasename() & ": FAIL: Rectangular regions count is greather than 6 ***");
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
5197
5198
5199
5200
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
for (var integer j:=0; j<lengthof(v_rects); j:=j + 1) {
var RectangularRegion v_rect := v_rects[j];
if (true != f_isValidTwoDLocation(v_rect.northwest)) {
log("*** " & testcasename() & ": FAIL: Northwest location is invalid in rect " & int2str(v_counter) & " ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (true != f_isValidTwoDLocation(v_rect.southeast)) {
log("*** " & testcasename() & ": FAIL: Southeast location is invalid in rect " & int2str(v_counter) & " ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check normality of the rectangle
if (v_rect.northwest.latitude < v_rect.southeast.latitude) {
log("*** " & testcasename() & ": FAIL: Rectangle " & int2str(v_counter) & " is not normalized ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
if (f_vri) {
// current restrictions must be inside of the parent one
if (not f_isRectangularRegionsInside(v_vri.validity.region.region.rectangular_region, v_rects)) {
log("*** " & testcasename() & ": FAIL: Certificate validity restriction region is not inside the issuing one ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
} else {
// Region validity restriction is not exist
if (f_vri) {
log("*** " & testcasename() & ": FAIL: Certificate validity restriction region must be set if thi restriction exists in the issuing certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: All certificates has a valid rectangular region restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the polygonal certificate validity region contains at least three and no more than 12 points
* Check that the polygonal certificate validity region does not contain intersections and holes
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* containing certificate
* containing validity_restrictions['region']
* and containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating length >=3 and <=12
* and indicating continuous region without holes and intersections
* }
* }
testcase TC_SEC_ITSS_SND_CERT_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var Certificate v_cert;
var ValidityRestriction v_vr;
var integer v_counter;
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_D;
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
if (not f_waitForCertificate(v_cert)) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) {
if (v_vr.validity.region.region_type == e_polygon) {
var PolygonalRegion v_pr := v_vr.validity.region.region.polygonal_region;
var integer v_length := lengthof(v_pr);
if (v_length < 3) {
log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_length > 12) {
log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (true != f_isValidPolygonalRegion(v_pr)) {
log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: Certificate has other region type ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc
}
} else {
log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the polygonal certificate validity region is inside the validity region of the issuing certificate
* Check that the issuing polygonal certificate validity region contains at least three and no more than 12 points
* Check that the issuing polygonal certificate validity region does not contain intersections and holes
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates
* indicating length > 0
* and containing certificates [n] (0..n)
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating length >=3 and <=12
* and indicating continuous region without holes and intersections
testcase TC_SEC_ITSS_SND_CERT_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local declarations
var CertificateChain v_chain;
var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown); // current and issuing cert validity restrictions
var boolean f_vr := false, f_vri := false;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_D;
// Test adapter configuration
// Preamble
f_prNeighbour();
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
} else {
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
5366
5367
5368
5369
5370
5371
5372
5373
5374
5375
5376
5377
5378
5379
5380
5381
5382
5383
5384
5385
5386
5387
5388
5389
5390
5391
5392
5393
5394
5395
5396
5397
5398
5399
5400
5401
5402
5403
5404
f_vr := false;
tc_ac.stop;
for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
v_vri := v_vr;
f_vri := f_vr;
f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
if (f_vr) {
var PolygonalRegion v_pr;
var integer v_length;
if (v_vr.validity.region.region_type != e_polygon) {
log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not polygonal ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_pr := v_vr.validity.region.region.polygonal_region;
v_length := lengthof(v_pr);
if (v_length < 3) {
log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small in cert " & int2str(v_counter) & " ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_length > 12) {
log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big in cert " & int2str(v_counter) & "***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (true != f_isValidPolygonalRegion(v_pr)) {
log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) in cert " & int2str(v_counter) & " ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (f_vri) {
// current restrictions must be inside of the parent one
if (true != f_isPolygonalRegionInside(v_vri.validity.region.region.polygonal_region, v_pr)) {
log("*** " & testcasename() & ": FAIL: Certificate validity restriction region in cert " & int2str(v_counter) & " is not inside the issuing one ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
} else {
// Region validity restriction is not exist
if (f_vri) {
log("*** " & testcasename() & ": FAIL: Certificate validity restriction region must be set in the certificate " & int2str(v_counter) &
"because this restriction exists in the issuing certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: All certificates has a valid polygonal region restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the identified certificate validity region contains values that correspond to numeric country codes
* as defined in ISO 3166-1 or defined by United Nations Statistics Division
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION
5431
5432
5433
5434
5435
5436
5437
5438
5439
5440
5441
5442
5443
5444
5445
5446
5447
5448
5449
5450
5451
5452
5453
5454
5455
5456
5457
5458
5459
5460
5461
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* and containing certificate
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1' (0)
* and containing region_identifier
* indicating valid value according to 'iso_3166_1'
* and containing local_region
* or containing region
* containing id_region
* containing region_dictionary
* indicating 'un_stats'
* and containing region_identifier
* indicating valid value according to UN STATS
* and containing local_region
* }
* }
testcase TC_SEC_ITSS_SND_CERT_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var Certificate v_cert;
var ValidityRestriction v_vr;
var integer v_counter;
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_E;
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
if (not f_waitForCertificate(v_cert)) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) {
if (v_vr.validity.region.region_type == e_id) {
if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) {
log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) {
log("*** " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
log("*** " & testcasename() & ": PASS: Certificate has a valid region ID restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": FAIL: Certificate doesn't have any location restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the identified certificate validity region contains values that correspond to numeric country codes
* as defined in ISO 3166-1 or defined by United Nations Statistics Division
* Check that the identified certificate validity region contains values defining the region which is inside
* the validity region of the issuing certificate
* @remark The case when signing certificate and issuing certificate contain different type of region validity restriction is not supported by this test
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificate
* indicating length N > 1
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1' (0)
* and containing region_identifier
* indicating valid value according to 'iso_3166_1'
* and containing local_region
* or containing region
* containing id_region
* containing region_dictionary
* indicating 'un_stats'
* and containing region_identifier
* indicating valid value according to UN STATS
* and containing local_region
* }
* }
testcase TC_SEC_ITSS_SND_CERT_06_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown); // current and issuing cert validity restrictions
var boolean f_vr := false, f_vri := false;
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_E;
// Test adapter configuration
// Preamble
f_prNeighbour();
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
} else {
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
5592
5593
5594
5595
5596
5597
5598
5599
5600
5601
5602
5603
5604
5605
5606
5607
5608
5609
5610
5611
5612
5613
5614
5615
5616
5617
5618
5619
5620
5621
5622
5623
5624
5625
5626
5627
5628
5629
5630
5631
5632
f_vr := false;
tc_ac.stop;
for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
v_vri := v_vr;
f_vri := f_vr;
f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
if (f_vr) {
if (v_vr.validity.region.region_type == e_id) {
if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) {
log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) {
log("*** " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
if (f_vri) {
// the region code must be the same
if (v_vr.validity.region.region.id_region.region_identifier !=
v_vri.validity.region.region.id_region.region_identifier) {
log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if ( v_vri.validity.region.region.id_region.local_region != 0
and v_vri.validity.region.region.id_region.local_region != v_vr.validity.region.region.id_region.local_region ) {
log("*** " & testcasename() & ": FAIL: Certificate validity restriction local identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
} else {
// Region validity restriction is not exist
if (f_vri) {
log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region must be set in the certificate " & int2str(v_counter) &
"because this restriction exists in the issuing certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
log("*** " & testcasename() & ": PASS: All certificates has a valid identified regionrestrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION
5646
5647
5648
5649
5650
5651
5652
5653
5654
5655
5656
5657
5658
5659
5660
5661
5662
5663
5664
5665
5666
5667
5668
5669
5670
5671
5672
5673
5674
5675
5676
5677
5678
5679
5680
5681
5682
5683
5684
5685
5686
5687
5688
5689
5690
5691
5692
5693
5694
5695
5696
5697
5698
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates
* indicating length N > 1
* and containing certificates[n] (0..N)
* indicating certificate
* not containing validity_restrictions['region']
* and containing signer_info
* containing digest
* referenced to the certificate
* not containing validity_restrictions['region']
* or indicating certificate
* containing validity_restrictions['region']
* containing region.region_type
* indicating 'none'
* and containing signer_info
* containing digest
* referenced to the certificate
* not containing validity_restrictions['region']
* or containing validity_restrictions['region']
* containing region.region_type
* indicating 'none'
* or indicating certificate
* containing validity_restrictions['region']
* containing region.region_type
* indicated 'circle'
* or indicated 'rectangle'
* or indicated 'polygon'
* or indicated 'id'
* and containing region (X_CERT__REGION)
* and containing signer_info
* containing digest
* referenced to the certificate
* not containing validity_restrictions['region']
* or containing validity_restrictions['region']
* containing region.region_type
* indicating 'none'
* or containing validity_restrictions['region']
* containing region
* indicating region fully covering the X_CERT_REGION
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_CERT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var Certificate v_cert, v_cert_issuer;
var SignerInfo v_si;
var UInt8 v_counter;
var HashedId8 v_digest;
var CertificatesCaching v_certificatesCaching;
var FncRetCode v_result_status := e_success;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
5714
5715
5716
5717
5718
5719
5720
5721
5722
5723
5724
5725
5726
5727
5728
5729
5730
5731
5732
5733
5734
5735
5736
5737
5738
5739
5740
5741
5742
5743
5744
5745
5746
5747
5748
5749
5750
5751
5752
5753
5754
5755
5756
5757
5758
5759
5760
5761
5762
5763
5764
5765
5766
5767
5768
5769
5770
5771
5772
5773
5774
5775
5776
5777
5778
5779
5780
5781
5782
5783
5784
5785
5786
stop;
}
// Test component configuration
// vc_hashedId8ToBeUsed := cc_iutCert_E;
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
} else {
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
// Test Body
// 1. Create a cache of certificates
f_createCertificatesCaching(v_chain, v_certificatesCaching);
// 2. Process the certificates
v_counter := f_getCertificatesCachingItemSize(v_certificatesCaching) - 1;
while (v_counter != 0) {
// Get the first certificate
if (f_getCertificatesCachingItem(v_certificatesCaching, v_counter, v_cert) == false) {
v_result_status := e_error;
break;
}
// Retrive SigneInfo field
if (not f_getCertificateSignerInfo(v_cert, v_si)) {
log("*** " & testcasename() & ": FAIL: Certificate " & int2str(v_counter) & " doesn't have a signer info ***");
v_result_status := e_error;
break;
}
if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
v_result_status := e_error;
break;
}
// Get issuer
if (f_getCertificateFromCaching(v_certificatesCaching, v_si.signerInfo.digest, v_cert_issuer) == false) {
log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
v_result_status := e_error;
break;
}
// Check that cert is signed by issuing cert
v_digest := f_calculateDigestFromCertificate(v_cert_issuer);
if (not match (v_si.signerInfo.digest, v_si.signerInfo.digest)) {
log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
v_result_status := e_error;
break;
}
// Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction
if (f_checkRegionValidityRestiction(v_cert, v_cert_issuer) == false) {
v_result_status := e_error;
break;
}
// Prepare next loop
v_counter := v_counter - 1;
} // End of 'while' statement
if (v_result_status == e_success) {
log("*** " & testcasename() & ": PASS: All certificates has a valid identified region restrictions ***");
}
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, v_result_status);
// Postamble
f_poNeighbour();
f_cf01Down();
/**
* @desc Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION
5793
5794
5795
5796
5797
5798
5799
5800
5801
5802
5803
5804
5805
5806
5807
5808
5809
5810
5811
5812
5813
5814
5815
5816
5817
5818
5819
5820
5821
5822
5823
5824
5825
5826
5827
5828
5829
5830
5831
5832
5833
5834
5835
5836
5837
5838
5839
5840
5841
5842
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates
* indicating length N > 1
* and containing certificates[n] (0..N)
* indicating certificate
* containing validity_restrictions['region']
* containing region.region_type
* indicated 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* or indicating 'un_stat'
* and containing region_identifier (X_CERT_REGION_ID)
* indicating valid value according to 'iso_3166_1' or 'un_stat'
* and containing local_region (X_CERT_LOCAL_REGION)
* and containing signer_info
* containing digest
* referenced to the certificate
* containing validity_restrictions['region']
* containing region
* indicated 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* or indicating 'un_stat'
* and containing region_identifier
* indicating value == X_CERT_REGION_ID
* and containing local_region
* indicating value == X_CERT_LOCAL_REGION
* or indicating 0
* or containing id_region
* containing region_dictionary
* indicating 'un_stats'
* and containing region_identifier
* indicating region fully covering the X_CERT_REGION
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_CERT_07_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var Certificate v_cert, v_cert_issuer;
var SignerInfo v_si;
var UInt8 v_counter;
var HashedId8 v_digest;
var CertificatesCaching v_certificatesCaching;
var FncRetCode v_result_status := e_success;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
5858
5859
5860
5861
5862
5863
5864
5865
5866
5867
5868
5869
5870
5871
5872
5873
5874
5875
5876
5877
5878
5879
5880
5881
5882
5883
5884
5885
5886
5887
5888
5889
5890
5891
5892
5893
5894
5895
5896
5897
5898
5899
5900
5901
5902
5903
5904
5905
5906
5907
5908
5909
5910
5911
5912
5913
5914
5915
5916
5917
5918
5919
5920
5921
5922
5923
5924
5925
5926
5927
5928
5929
5930
stop;
}
// Test component configuration
// vc_hashedId8ToBeUsed := cc_iutCert_E;
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
} else {
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
// Test Body
// 1. Create a cache of certificates
f_createCertificatesCaching(v_chain, v_certificatesCaching);
// 2. Process the certificates
v_counter := f_getCertificatesCachingItemSize(v_certificatesCaching) - 1;
while (v_counter != 0) {
// Get the first certificate
if (f_getCertificatesCachingItem(v_certificatesCaching, v_counter, v_cert) == false) {
v_result_status := e_error;
break;
}
// Retrive SigneInfo field
if (not f_getCertificateSignerInfo(v_cert, v_si)) {
log("*** " & testcasename() & ": FAIL: Certificate " & int2str(v_counter) & " doesn't have a signer info ***");
v_result_status := e_error;
break;
}
if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
v_result_status := e_error;
break;
}
// Get issuer
if (f_getCertificateFromCaching(v_certificatesCaching, v_si.signerInfo.digest, v_cert_issuer) == false) {
log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
v_result_status := e_error;
break;
}
// Check that cert is signed by issuing cert
v_digest := f_calculateDigestFromCertificate(v_cert_issuer);
if (not match (v_si.signerInfo.digest, v_si.signerInfo.digest)) {
log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
v_result_status := e_error;
break;
}
// Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction
if (f_checkRegionValidityRestiction(v_cert, v_cert_issuer) == false) {
v_result_status := e_error;
break;
}
// Prepare next loop
v_counter := v_counter - 1;
} // End of 'while' statement
if (v_result_status == e_success) {
log("*** " & testcasename() & ": PASS: All certificates has a valid identified region restrictions ***");
}
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, v_result_status);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check the certificate chain to ensure that the time validity restriction of the subordinate certificate is inside the time validity restriction of the issuing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
5949
5950
5951
5952
5953
5954
5955
5956
5957
5958
5959
5960
5961
5962
5963
5964
5965
5966
5967
5968
5969
5970
5971
5972
5973
5974
5975
* containing certificates
* containing certificates[last-1]
* containing validity_restrictions
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_AA_VALIDITY
* containing end_validity
* indicating END_AA_VALIDITY >= START_AA_VALIDITY
* and containing signer_info
* containing digest
* referenced to the trusted certificate
* containing validity_restrictions['time_end']
* containing end_validity
* indicating value > AA_END_VALIDITY
* or containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating value <= AA_START_VALIDITY
* and containing end_validity
* indicating value > AA_END_VALIDITY
* or containing validity_restrictions['time_start_and_duration']
* containing start_validity
* indicating X_START_VALIDITY <= AA_START_VALIDITY
* and containing duration
* indicating value > AA_END_VALIDITY - X_START_VALIDITY
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_CERT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
5980
5981
5982
5983
5984
5985
5986
5987
5988
5989
5990
5991
5992
5993
5994
5995
5996
5997
5998
5999
6000
6001
6002
6003
6004
6005
6006
6007
6008
6009
6010
6011
6012
6013
6014
6015
6016
6017
6018
6019
6020
6021
6022
6023
6024
6025
6026
6027
6028
6029
6030
6031
6032
6033
6034
6035
6036
6037
6038
6039
6040
6041
6042
6043
6044
6045
6046
6047
6048
6049
6050
6051
6052
6053
6054
6055
6056
6057
6058
6059
6060
6061
6062
6063
6064
6065
6066
6067
6068
6069
6070
6071
6072
6073
6074
var CertificateChain v_chain;
var Certificate v_aa_cert;
var ValidityRestriction v_vr;
var SignerInfo v_si;
var Time64 v_generationTime;
var Time64 v_curTime;
var Time64 v_startTime, v_endTime, v_duration;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
v_aa_cert := v_chain[lengthof(v_chain) - 1];
if (match (v_aa_cert.validity_restrictions, (superset(mw_validity_restriction_time_end,
mw_validity_restriction_time_start_and_duration)))
) {
log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) {
log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Process signerInfo field
if ( true != f_getCertificateSignerInfo(v_aa_cert, v_si)) {
log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo fields ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_si.type_ == e_certificate) {
log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo field containing a certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
for (var integer v_counter := 0; v_counter < lengthof(v_si.signerInfo.certificate.validity_restrictions); v_counter := v_counter + 1) {
if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_end) {
v_endTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.end_validity * 1000000;
if (not match(v_generationTime, Time64:(0 .. v_endTime))){
log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
v_endTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000;
v_startTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
if (not match(v_generationTime, Time64:(v_startTime .. v_endTime))){
log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
v_startTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
v_duration := f_duration2time(v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
if (not match(v_generationTime, Time64:(v_startTime .. v_duration))){
log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
/**
* @desc Check that the certificate signature contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1
* or x_coordinate_only
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* }
* Expected Behaviour:
* ensure that {
* when {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating certificate
* containing certificate
* containing signature.ecdsa_signature
* containing R.type
* indicating compressed_lsb_y_0
* or indicating compressed_lsb_y_1
* or indicating x_coordinate_only
testcase TC_SEC_ITSS_SND_CERT_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
6127
6128
6129
6130
6131
6132
6133
6134
6135
6136
6137
6138
6139
6140
6141
6142
6143
6144
6145
6146
6147
6148
6149
6150
6151
6152
6153
6154
6155
6156
6157
6158
6159
6160
6161
6162
6163
6164
6165
6166
6167
6168
6169
6170
6171
6172
6173
6174
6175
6176
6177
6178
6179
6180
6181
6182
6183
6184
6185
6186
6187
6188
6189
6190
6191
6192
6193
6194
6195
6196
6197
6198
6199
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
mw_at_certificate(
?,
?,
?,
mw_signature(
mw_ecdsaSignature(
mw_eccPointecdsa_nistp256_with_sha256_y0_coordinate_only
))))))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_0 received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
mw_at_certificate(
?,
?,
?,
mw_signature(
mw_ecdsaSignature(
mw_eccPointecdsa_nistp256_with_sha256_y1_coordinate_only
))))))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_1 received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
mw_at_certificate(
?,
?,
?,
mw_signature(
mw_ecdsaSignature(
mw_eccPointecdsa_nistp256_with_sha256_x_coordinate_only
))))))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to x_coordinate_only received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
mw_at_certificate
)))))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: AT certificate signature mismatch ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the all certificates in a chain have signatures contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1
* or x_coordinate_only
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* the IUT being requested to include certificate in the next CAM
* }
* Expected Behaviour:
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* containing certificates
* indicating length N > 1
* and indicating certificates[n] (0..N)
* containing signature.ecdsa_signature
* containing R.type
* indicating compressed_lsb_y_0
* or indicating compressed_lsb_y_1
* or indicating x_coordinate_only
testcase TC_SEC_ITSS_SND_CERT_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_si;
var CertificateChain v_chain;
var integer v_counter;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate_chain
))))) -> value v_geoNwInd {
6274
6275
6276
6277
6278
6279
6280
6281
6282
6283
6284
6285
6286
6287
6288
6289
6290
6291
6292
6293
6294
6295
6296
6297
6298
6299
6300
6301
6302
6303
// Check certificate chain
if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) {
v_chain := v_si.signerInfo.certificates;
for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) {
if (v_chain[v_counter].signature_.algorithm != e_ecdsa_nistp256_with_sha256) {
log("*** " & testcasename() & ": FAIL: Wrong signature algorithm ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
} else if (
(v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_x_coordinate_only) and
(v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_compressed_lsb_y_0) and
(v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_compressed_lsb_y_1)
) {
log("*** " & testcasename() & ": FAIL: Wrong ECDSA R type ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
} // End of 'for' statement
}
log("*** " & testcasename() & ": PASS: All certificates in a chain have the correct signature type ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
6305
6306
6307
6308
6309
6310
6311
6312
6313
6314
6315
6316
6317
6318
6319
6320
6321
6322
6323
6324
6325
6326
6327
6328
6329
6330
6331
6332
6333
6334
/**
* @desc Check that the certificate verification key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1
* or uncompressed
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* }
* Expected Behaviour:
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating certificate
* containing certificate
* containing subject_attributes['verification_key']
* containing key.public_key.type
* indicating compressed_lsb_y_0
* or indicating compressed_lsb_y_1
* or indicating x_coordinate_only
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_CERT_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
6339
6340
6341
6342
6343
6344
6345
6346
6347
6348
6349
6350
6351
6352
6353
6354
6355
6356
6357
6358
6359
6360
6361
6362
6363
6364
6365
6366
6367
6368
6369
6370
6371
6372
6373
6374
6375
6376
6377
6378
6379
6380
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
mw_at_certificate(
?,
superset(
mw_subject_attribute_verification_key(
mw_publicKey_eccPoint_compressed_lsb_y_0
)
),
?,
mw_signature
))))))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to compressed_lsb_y_0 received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
mw_at_certificate(
?,
superset(
mw_subject_attribute_verification_key(
mw_publicKey_eccPoint_compressed_lsb_y_1
)
),
?,
log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to compressed_lsb_y_1 received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
mw_at_certificate(
?,
superset(
mw_subject_attribute_verification_key(
mw_publicKey_eccPoint_uncompressed
)
),
?,
log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to uncompressed received ***");
6416
6417
6418
6419
6420
6421
6422
6423
6424
6425
6426
6427
6428
6429
6430
6431
6432
6433
6434
6435
6436
6437
6438
6439
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate(
mw_at_certificate
)))))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: AT certificate signature mismatch ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
6441
6442
6443
6444
6445
6446
6447
6448
6449
6450
6451
6452
6453
6454
6455
6456
6457
6458
6459
6460
6461
6462
6463
6464
6465
6466
6467
6468
6469
6470
6471
6472
/**
* @desc Check that all certificate in a chain have verification keys contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1
* or uncompressed
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* }
* Expected Behaviour:
* ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* containing certificates
* indicating length N > 1
* and indicating certificates[n] (0..N)
* containing signature.ecdsa_signature
* containing subject_attributes['verification_key']
* indicating compressed_lsb_y_0
* or indicating compressed_lsb_y_1
* or indicating uncompressed
* }
* }
* </pre>
testcase TC_SEC_ITSS_SND_CERT_10_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
6477
6478
6479
6480
6481
6482
6483
6484
6485
6486
6487
6488
6489
6490
6491
6492
6493
6494
6495
6496
6497
6498
6499
6500
6501
6502
6503
6504
6505
6506
6507
6508
6509
6510
6511
6512
6513
6514
6515
6516
6517
6518
6519
6520
6521
6522
6523
6524
6525
6526
6527
6528
6529
6530
6531
6532
6533
6534
6535
// Local variables
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_si;
var CertificateChain v_chain;
var integer v_counter;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate_chain
))))) {
tc_ac.stop;
// Check certificate chain
if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) {
v_chain := v_si.signerInfo.certificates;
for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) {
if (
(not match(v_chain[v_counter], mw_certificate(?, ?, superset(mw_subject_attribute_verification_key(mw_publicKey_eccPoint_compressed_lsb_y_0))))) and
(not match(v_chain[v_counter], mw_certificate(?, ?, superset(mw_subject_attribute_verification_key(mw_publicKey_eccPoint_compressed_lsb_y_1))))) and
(not match(v_chain[v_counter], mw_certificate(?, ?, superset(mw_subject_attribute_verification_key(mw_publicKey_eccPoint_uncompressed)))))
) {
log("*** " & testcasename() & ": FAIL: Wrong verification key algorithm ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
} // End of 'for' statement
}
log("*** " & testcasename() & ": PASS: All certificates in a chain have the correct verification key ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
/**
* @desc Check the certificate signature
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* ND containing certificate
* containing signer_info
* containing type
* indicating 'certificate_digest_with_sha256'
* containing digest
* referenced to the certificate CERT
* verifiable using CERT.subject_attributes['verification_key'].key
* }
* }
testcase TC_SEC_ITSS_SND_CERT_11_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local declarations
var GeoNetworkingInd v_geoNwInd;
var Certificate v_at_cert;
var Certificate v_aa_cert;
var HashedId8 v_aa_digest;
var SignerInfo v_si;
var integer v_counter;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Wait for the message with the certificate to get the AA cert digest.
// Ask for the chain, containing AT and AA certificate
// Check that the AT cert in the first message is signed with the AA cert
log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
tc_ac.start;
if (not f_waitForCertificate(v_at_cert)) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
if (true != f_getCertificateSignerInfo(v_at_cert, v_si)) {
log("*** " & testcasename() & ": FAIL: AT Certificate signer info is unknown ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
log("*** " & testcasename() & ": FAIL: AT Certificate is not signed well ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
6612
6613
6614
6615
6616
6617
6618
6619
6620
6621
6622
6623
6624
6625
6626
6627
6628
6629
6630
6631
6632
6633
6634
6635
6636
6637
6638
6639
6640
6641
6642
6643
6644
6645
6646
6647
6648
6649
6650
6651
6652
6653
6654
6655
6656
6657
6658
6659
6660
6661
6662
v_aa_digest := v_si.signerInfo.digest;
// Send a certificate request to the IUT
f_sendCertificateRequest(v_aa_digest, f_generateDefaultCam());
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate_chain
))))) -> value v_geoNwInd {
var SecuredMessage v_secMsg;
var integer v_chainLength;
tc_ac.stop;
// Check certificate chain
if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) {
v_chainLength := lengthof(v_si.signerInfo.certificates);
if (v_chainLength < 2 ) {
log("*** " & testcasename() & ": FAIL: Certificate chain doesn't contain the AA cert ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// get aa cert
v_aa_cert := v_si.signerInfo.certificates[v_chainLength-2];
if (not match (v_aa_digest, f_calculateDigestFromCertificate(v_aa_cert))) {
log("*** " & testcasename() & ": FAIL: AT certificate was not signed with the given AA cert ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check that at cert is signed with aa cert
if (false == f_verifyCertificateSignatureWithIssuingCertificate(v_at_cert, v_aa_cert)) {
log("*** " & testcasename() & ": FAIL: AT certificate signature error ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: AT certificate was well signed with AA certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: The message signer info is unknown ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check the signatures of the certificates in the chain
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
6684
6685
6686
6687
6688
6689
6690
6691
6692
6693
6694
6695
6696
6697
6698
6699
6700
6701
6702
6703
6704
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates
* indicating length N > 1
* and containing certificate[0]
* containing signer_info
* containing type
* indicating 'certificate_digest_with_sha256'
* and containing digest
* referenced to the trusted certificate (CERT_ROOT)
* and containing signature
* verifiable using CERTIFICATES[N-1].subject_attributes['verification_key'].key
* and containing certificates[n] (1..N)
* containing signer_info {
* containing type
* indicating 'certificate_digest_with_sha256'
* and containing digest
* referenced to the certificates[n-1]
* and containing signature
* verifiable using certificates[n-1].subject_attributes['verification_key'].key
testcase TC_SEC_ITSS_SND_CERT_11_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local declarations
var GeoNetworkingInd v_geoNwInd;
var Certificate v_cert;
var CertificateChain v_chain;
var SignerInfo v_si;
var HashedId8 v_digest;
var integer v_counter;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Wait for the message with the certificate to get the AA cert digest.
// Ask for the chain, containing AT and AA certificate
// Check that the AT cert in the first message is signed with the AA cert
log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate and ask for a certificate chain ***");
tc_ac.start;
f_askForCertificateChain(f_generateDefaultCam());
tc_ac.stop;
6744
6745
6746
6747
6748
6749
6750
6751
6752
6753
6754
6755
6756
6757
6758
6759
6760
6761
6762
6763
6764
6765
6766
6767
6768
6769
6770
6771
6772
6773
6774
6775
6776
6777
6778
6779
6780
6781
6782
6783
6784
6785
6786
6787
6788
6789
6790
6791
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field_signer_info_certificate_chain
))))) -> value v_geoNwInd {
var SecuredMessage v_secMsg;
var integer v_chainLength;
tc_ac.stop;
// Check certificate chain
if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) {
v_chain := v_si.signerInfo.certificates;
for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) {
if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) {
log("*** " & testcasename() & ": FAIL: Certificate "&int2str(v_counter) & " doesn't have a signer info ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check that cert is signed by issuing cert
v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]);
if (not match (v_si.signerInfo.digest, v_digest)) {
log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Check that the signature is valid
if (false == f_verifyCertificateSignatureWithIssuingCertificate(v_chain[v_counter], v_chain[v_counter - 1])) {
log("*** " & testcasename() & ": FAIL: AT certificate signature error ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: All certificates in the chain signed by it's issuing certs ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: The message signer info is unknown ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CERT_11_02_BV
/**
* @desc Check that the assurance level of the subordinate certificate is equal to or less than the assurance level of the issuing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* containing certificates
* indicating length N > 1
* and containing certificates[n](0..N)
* containing subject_attributes ['assurance_level']
* containig assurance_level
* containing bits [5-7]
* indicating assurance level CERT_AL
* and containing signer_info
* containing digest
* referenced to the certificate
* containing subject_attributes ['assurance_level']
* containing assurance_level
* containing bits [5-7]
* indicating value <= CERT_AL
* }
* }
* </pre>
6835
6836
6837
6838
6839
6840
6841
6842
6843
6844
6845
6846
6847
6848
6849
6850
6851
6852
6853
6854
6855
6856
6857
6858
6859
6860
6861
6862
6863
6864
6865
6866
6867
6868
6869
6870
6871
6872
6873
6874
6875
6876
6877
6878
6879
6880
6881
6882
6883
6884
6885
6886
6887
6888
6889
6890
6891
6892
6893
6894
*/
testcase TC_SEC_ITSS_SND_CERT_12_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var Certificate v_aa_cert, v_at_cert;
var SubjectAttribute v_sa;
var SubjectAssurance v_aa_assurance_level, v_at_assurance_level;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
v_aa_cert := v_chain[lengthof(v_chain) - 2];
v_at_cert := v_chain[lengthof(v_chain) - 1];
if (not f_getCertificateSubjectAttribute(v_aa_cert, e_assurance_level, v_sa)) {
log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_aa_assurance_level := v_sa.attribute.assurance_level;
if (not f_getCertificateSubjectAttribute(v_at_cert, e_assurance_level, v_sa)) {
log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_at_assurance_level := v_sa.attribute.assurance_level;
if (bit2int(v_aa_assurance_level.levels) < bit2int(v_at_assurance_level.levels)) {
log("*** " & testcasename() & ": FAIL: The assurence levels mismatch ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": PASS: The assurence levels match ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CERT_12_01_BV
* @desc Sending behaviour test cases for AA certificate profil
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7.7 AA certificate profile
*/
group AA_Certificates {
/**
* @desc Check that the subject_type of the AA certificate is set to authorization_authority
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing subject_info.subject_type
* indicating 'authorization_authority' (2)
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_01_01_BV
testcase TC_SEC_ITSS_SND_CERT_AA_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
6928
6929
6930
6931
6932
6933
6934
6935
6936
6937
6938
6939
6940
6941
6942
6943
6944
6945
6946
6947
6948
6949
6950
6951
6952
6953
6954
6955
6956
6957
6958
6959
6960
6961
var CertificateChain v_chain;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
if (not match(v_chain[lengthof(v_chain) - 2], mw_aa_certificate)) {
log("*** " & testcasename() & ": FAIL: AA certificate not found in the chain[last-1] ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: AA certificate was found in the chain ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
* @desc Check that the AA certificsate subject_name variable-length vector contains 32 bytes maximum
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing subject_info.subject_name
* indicating length <= 32 bytes
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_02_01_BV
testcase TC_SEC_ITSS_SND_CERT_AA_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
6995
6996
6997
6998
6999
7000
7001
7002
7003
7004
7005
7006
7007
7008
7009
7010
7011
7012
7013
7014
7015
7016
7017
7018
7019
7020
7021
7022
7023
7024
7025
7026
7027
7028
7029
7030
7031
7032
7033
7034
var CertificateChain v_chain;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
// Verified automatically on decoding
if (lengthof(v_chain[lengthof(v_chain) - 2].subject_info.subject_name) > 32 ) {
log("*** " & testcasename() & ": FAIL: Subject name of the AA certificate is too long ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: Subject name of the AA certificate is good ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that signer_info type of AA certificates is set to 'certificate_digest_with_sha256'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing certificates[last-1]
* containing signer_info
* containing type
* indicating 'certificate_digest_with_sha256'
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_03_01_BV
testcase TC_SEC_ITSS_SND_CERT_AA_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
7064
7065
7066
7067
7068
7069
7070
7071
7072
7073
7074
7075
7076
7077
7078
7079
7080
7081
7082
7083
7084
7085
7086
7087
7088
7089
7090
7091
7092
7093
7094
7095
7096
7097
7098
7099
7100
7101
7102
7103
7104
var CertificateChain v_chain;
var Certificate v_aa_cert;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
v_aa_cert := v_chain[lengthof(v_chain) - 2];
if (not match(v_aa_cert, mw_aa_certificate(mw_signerInfo_digest))) {
log("*** " & testcasename() & ": FAIL: AA certificate not signed by digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: AA certificate is signed by digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CERT_AA_03_01_BV
7107
7108
7109
7110
7111
7112
7113
7114
7115
7116
7117
7118
7119
7120
7121
7122
7123
7124
7125
7126
7127
7128
7129
7130
7131
7132
7133
7134
7135
7136
/**
* @desc Check that AA certificate is signed by Root CA or other authority
* @remark There is no clear specification that AA cert shall be signed by the Root CA only
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* containing certificates
* containing certificates[last-1]
* containing signer_info
* containing type
* indicating 'certificate_digest_with_ecdsap256'
* and containing digest
* referencing to the trusted certificate
* containing subject_info.subject_type
* indicating 'root_ca'
* or indicating 'authorisation_authority'
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_04_01_BV
* @reference ETSI TS 103 097 [1], clauses 6.3
7139
7140
7141
7142
7143
7144
7145
7146
7147
7148
7149
7150
7151
7152
7153
7154
7155
7156
7157
7158
7159
7160
7161
7162
7163
7164
7165
7166
7167
7168
7169
7170
7171
7172
7173
7174
7175
7176
7177
7178
7179
7180
7181
7182
7183
*/
testcase TC_SEC_ITSS_SND_CERT_AA_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var Certificate v_aa_cert, v_ca_cert;
var SignerInfo v_si;
var HashedId8 v_ca_digest;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
v_aa_cert := v_chain[lengthof(v_chain) - 2];
// Process signerInfo field
if ( true != f_getCertificateSignerInfo(v_aa_cert, v_si)) {
log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo fields ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_si.type_ == e_certificate_digest_with_sha256) {
log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo field containing a certificate_digest_with_ecdsap256 ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
f_readCertificate(cc_taCert_CA, v_ca_cert);
v_ca_digest := f_calculateDigestFromCertificate(v_ca_cert);
if (not match(v_aa_cert, mw_aa_certificate(mw_signerInfo_digest(v_ca_digest)))) {
log("*** " & testcasename() & ": FAIL: AA certificate signer info doesn't reference the CA certificate from the chain ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (not f_verifyCertificateSignatureWithIssuingCertificate(v_aa_cert, v_ca_cert)) {
log("*** " & testcasename() & ": FAIL: AT certificate signature verification failed ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: AA certificate was signed by the CA certificate from the given chain ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CERT_AA_04_01_BV
* @desc Check that all neccesary subject attributes are present and arranged in accesing order
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing certificates[last-1]
* containing subject_attributes [0..N]
* indicating subject_attributes[n].type < subject_attributes[n+ 1].type
* containing subject_attributes['verification_key']
* containing subject_attributes['assurance_level']
* containing subject_attributes['its_aid_list']
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_05_01_BV
* @reference ETSI TS 103 097 [1], clauses 6.1, 7.4.1 and 7.4.4
testcase TC_SEC_ITSS_SND_CERT_AA_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
7230
7231
7232
7233
7234
7235
7236
7237
7238
7239
7240
7241
7242
7243
7244
7245
7246
7247
7248
7249
7250
7251
7252
7253
7254
7255
7256
7257
7258
7259
7260
7261
7262
7263
7264
7265
7266
7267
7268
7269
7270
7271
7272
7273
7274
7275
7276
7277
7278
7279
7280
7281
7282
7283
var CertificateChain v_chain;
var SubjectAttributes v_attrs;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
if (not match(v_chain[lengthof(v_chain) - 2],
mw_aa_certificate(?,
superset(mw_subject_attribute_verification_key,
mw_subject_attribute_assurance_level,
mw_subject_attribute_its_aid_list)))
) {
log("*** " & testcasename() & ": FAIL: Required subject attribute of AA certificate is not found ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_attrs := v_chain[lengthof(v_chain) - 2].subject_attributes;
for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) {
if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) {
log("*** " & testcasename() & ": FAIL: AA certificate subject attributes are not arranged in accening order ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
log("*** " & testcasename() & ": PASS: All required AA certificate subject attributes are presents ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that all AIDs containing in the its_aid_list in AA certificate are unique
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing certificates[last-1]
* containing subject_attributes['its_aid_list']
* containing its_aid_list[0..N]
* containing no more then 31 unique item
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_08_01_BV
testcase TC_SEC_ITSS_SND_CERT_AA_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var Certificate v_aa_cert;
7317
7318
7319
7320
7321
7322
7323
7324
7325
7326
7327
7328
7329
7330
7331
7332
7333
7334
7335
7336
7337
7338
7339
7340
7341
7342
7343
7344
7345
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
v_aa_cert := v_chain[lengthof(v_chain) - 2];
if (f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) {
if (lengthof(v_sa.attribute.its_aid_list) > 31) {
log("*** " & testcasename() & ": FAIL: ITS-AID list contains " & int2str(lengthof(v_sa.attribute.its_aid_list)) & " items (>31) ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
for (var integer v_counter :=0; v_counter < lengthof(v_sa.attribute.its_aid_list); v_counter := v_counter + 1) {
for (var integer j :=0; j < lengthof(v_sa.attribute.its_aid_list); j := j + 1) {
if (v_counter != j and v_sa.attribute.its_aid_list[v_counter] == v_sa.attribute.its_aid_list[j]) {
log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_sa.attribute.its_aid_list[j]) & " is duplicated in AA certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
} // End of 'for' statement
} else {
log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that all mandatory validity restrictions are present and arranged in ascending order
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates
* containing certificates[last-1]
* containing validity_restrictions[0..N]
* indicating validity_restrictions[n].type < validity_restrictions[n+1].type
* and containing validity_restrictions['time_start_and_end']
* and not containing validity_restrictions['time_end']
* and not containing validity_restrictions['time_start_and_duration']
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_10_01_BV
testcase TC_SEC_ITSS_SND_CERT_AA_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var Certificate v_cert;
var integer v_previousValidityRestrictionType;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
7427
7428
7429
7430
7431
7432
7433
7434
7435
7436
7437
7438
7439
7440
7441
7442
7443
7444
7445
7446
7447
7448
7449
7450
7451
7452
7453
7454
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
// Test Body
// Process certificate[last - 1]
v_cert := v_chain[lengthof(v_chain) - 2];
if (match(
v_cert.validity_restrictions,
(
superset(
mw_validity_restriction_time_end,
mw_validity_restriction_time_start_and_duration
)
)
)) {
log("*** " & testcasename() & ": FAIL: certificate[last-2] must not contain time_end and time_start_and_duration restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
for (var integer v_counter := 1; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
// Check forbidden header
if (not match(v_cert.validity_restrictions[v_counter].type_, e_time_start_and_end)) { // FIXME To be reviewed
log("*** " & testcasename() & ": FAIL: Forbidden header present");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_counter > 1 ) {
// Check that headers are ordered
if (match(v_cert.validity_restrictions[v_counter].type_, integer:(0..v_previousValidityRestrictionType))) {
// Check that header is duplicated
if (match(v_cert.validity_restrictions[v_counter].type_, v_previousValidityRestrictionType)) {
log("*** " & testcasename() & ": FAIL: multiple instances of same header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": FAIL: headers not in correct order");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_previousValidityRestrictionType := enum2int(v_cert.validity_restrictions[v_counter].type_);
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: Time validity restriction of the certificate[last-2] is good ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
* @desc Check that time_start_and_end is included in the AA certificate validation restrictions;
* Check that end_validity is greater than start_validity
* Check that validity restriction of AA certificate is inside the validity restriction of its issuing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing certificates[last-1] {
* containing validity_restrictions
7500
7501
7502
7503
7504
7505
7506
7507
7508
7509
7510
7511
7512
7513
7514
7515
7516
7517
7518
7519
7520
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_AA_VALIDITY
* containing end_validity
* indicating END_AA_VALIDITY >=START_AA_VALIDITY
* and containing signer_info
* containing digest
* referenced to the trusted certificate
* containing validity_restrictions['time_end']
* containing end_validity
* indicating value > AA_END_VALIDITY
* or containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating value <= AA_START_VALIDITY
* and containing end_validity
* indicating value > AA_END_VALIDITY
* or containing validity_restrictions['time_start_and_duration']
* containing start_validity
* indicating X_START_VALIDITY <= AA_START_VALIDITY
* and containing duration
* indicating value > AA_END_VALIDITY - X_START_VALIDITY
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_11_01_BV
testcase TC_SEC_ITSS_SND_CERT_AA_11_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
7528
7529
7530
7531
7532
7533
7534
7535
7536
7537
7538
7539
7540
7541
7542
7543
7544
7545
7546
7547
7548
7549
7550
7551
7552
7553
7554
7555
7556
7557
7558
7559
7560
7561
7562
7563
7564
7565
7566
7567
7568
7569
7570
7571
7572
7573
7574
7575
7576
7577
7578
7579
7580
7581
7582
var CertificateChain v_chain;
var Certificate v_aa_cert;
var ValidityRestriction v_vr;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
v_aa_cert := v_chain[lengthof(v_chain) - 2];
if (match (v_aa_cert.validity_restrictions, (superset(mw_validity_restriction_time_end,
mw_validity_restriction_time_start_and_duration)))
) {
log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) {
log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Sending behaviour test cases for AT certificate profil
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7.8 AT certificate profile
*/
group AT_Certificates {
/**
* @desc Check that the subject_type of the AT certificate is set to 'authorization_ticket'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* and containing certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket' (1)
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_01_01_BV
testcase TC_SEC_ITSS_SND_CERT_AT_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
7619
7620
7621
7622
7623
7624
7625
7626
7627
7628
7629
7630
7631
7632
7633
7634
7635
7636
7637
7638
7639
7640
7641
7642
7643
7644
7645
7646
7647
7648
7649
7650
7651
7652
7653
var Certificate v_at_cert;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
tc_ac.start;
if (not f_waitForCertificate(v_at_cert)) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (not match(v_at_cert, mw_at_certificate)) {
log("*** " & testcasename() & ": FAIL: Message wasn't signed by AT certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: AT certificate has the 'authorization_ticket' subject_type ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the subject_name variable-length vector is empty for AT certificates
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* and containing certificates
* containing subject_info.subject_name
* indicating length = 0
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_02_01_BV
* @reference ETSI TS 103 097 [1], clause 7.4.2
testcase TC_SEC_ITSS_SND_CERT_AT_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
tc_ac.start;
if (not f_waitForCertificate(v_at_cert)) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (0 != lengthof(v_at_cert.subject_info.subject_name)) {
log("*** " & testcasename() & ": FAIL: Subject name of the AT certificate is not empty ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: Subject name of the AT certificate is empty ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that signer_info type of AT certificates is set to 'certificate_digest_with_sha256'
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* and containing certificate
* containing signer_info
* containing type
* indicating 'certificate_digest_with_sha256'
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_03_01_BV
* @reference ETSI TS 103 097 [1], clauses 7.4.2
testcase TC_SEC_ITSS_SND_CERT_AT_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
tc_ac.start;
if (not f_waitForCertificate(v_at_cert)) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (
not match(v_at_cert, mw_certificate(mw_signerInfo_digest))
) {
log("*** " & testcasename() & ": FAIL: AT certificate doesn't contain a digest of issuing cert ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: The signer info of AT certificate is a digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that subject attributes are present and arranged in ascending order
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* containing certificate
* containing subject_attributes [0..N]
* indicating subject_attributes[n].type < subject_attributes[n+ 1].type
* containing subject_attributes['verification_key']
* containing subject_attributes['assurance_level']
* containing subject_attributes['its_aid_ssp_list']
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_04_01_BV
* @reference ETSI TS 103 097 [1], clauses 7.4.1 and 7.4.2
testcase TC_SEC_ITSS_SND_CERT_AT_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var Certificate v_at_cert;
var SubjectAttributes v_attrs;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
7820
7821
7822
7823
7824
7825
7826
7827
7828
7829
7830
7831
7832
7833
7834
7835
7836
7837
7838
7839
7840
7841
7842
7843
7844
7845
7846
7847
7848
7849
7850
7851
7852
7853
7854
7855
7856
7857
7858
7859
7860
7861
7862
7863
7864
7865
7866
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
tc_ac.start;
if (not f_waitForCertificate(v_at_cert)) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (not match(
v_at_cert,
mw_at_certificate(
?,
superset(
mw_subject_attribute_verification_key,
mw_subject_attribute_assurance_level,
mw_subject_attribute_its_aid_ssp_list
)))) {
log("*** " & testcasename() & ": FAIL: Required subject attribute of AT certificate is not found ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_attrs := v_at_cert.subject_attributes;
for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) {
if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) {
log("*** " & testcasename() & ": FAIL: AT certificate subject attributes are not arranged in ascending order ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: All required AT certificate subject attributes are presents and arranged in ascending order ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
/**
* @desc Check that time_start_and_end is included in the AT certificate validation restrictions
* Check that time_start_and_end is inside the AA certificate time restrictions
* Check that validity restriction of AT certificate is inside the validity restriction of its issuing certificate
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing subject_info.subject_type
* indicating 'authorization_ticket' (1)
* not containing validity_restrictions['time_end']
* and not containing validity_restrictions['time_start_and_duration']
* and containing validity_restrictions['time_start_and_end']
* and containing certificates[last-1]
* containing validity_restrictions['time_end']
* containing end_validity
* indicating value > AT_END_VALIDITY
* or containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating value <= AT_START_VALIDITY
* containing end_validity
* indicating value > AT_END_VALIDITY
* or containing validity_restrictions['time_start_and_duration']
* containing start_validity
* indicating X_START_VALIDITY <= AT_START_VALIDITY
* and containing duration
* indicating value > AT_END_VALIDITY - X_START_VALIDITY
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_05_01_BV
testcase TC_SEC_ITSS_SND_CERT_AT_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var Certificate v_aa_cert, v_at_cert;
var ValidityRestriction v_vr, v_aa_vr;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
7925
7926
7927
7928
7929
7930
7931
7932
7933
7934
7935
7936
7937
7938
7939
7940
7941
7942
7943
7944
7945
7946
7947
7948
7949
7950
7951
7952
7953
7954
7955
7956
7957
7958
7959
7960
7961
7962
7963
7964
7965
7966
7967
7968
7969
7970
7971
7972
7973
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
v_aa_cert := v_chain[lengthof(v_chain) - 2];
v_at_cert := v_chain[lengthof(v_chain) - 1];
if (match (
v_at_cert.validity_restrictions,
(
superset(
mw_validity_restriction_time_end,
mw_validity_restriction_time_start_and_duration
)
)
)) {
log("*** " & testcasename() & ": FAIL: AT certificate must not contain time_end and time_start_and_duration restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if ( true != f_getCertificateValidityRestriction(v_at_cert, e_time_start_and_end, v_vr)) {
log("*** " & testcasename() & ": FAIL: AT certificate must contain time_start_and_end restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
log("*** " & testcasename() & ": FAIL: start validity must not be greater then end validity in the validity restrictions of AT certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
7974
7975
7976
7977
7978
7979
7980
7981
7982
7983
7984
7985
7986
7987
7988
7989
7990
7991
7992
7993
7994
7995
7996
7997
if (true == f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_aa_vr)) {
if (
(v_vr.validity.time_start_and_end.start_validity < v_aa_vr.validity.time_start_and_end.start_validity) or
(v_vr.validity.time_start_and_end.end_validity > v_aa_vr.validity.time_start_and_end.end_validity)
) {
log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (true == f_getCertificateValidityRestriction(v_aa_cert, e_time_end, v_aa_vr)) {
if (v_vr.validity.time_start_and_end.end_validity > v_aa_vr.validity.end_validity) {
log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else if (true == f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_duration, v_aa_vr)) {
var Time64 v_end := v_aa_vr.validity.time_start_and_duration.start_validity + f_duration2time(v_aa_vr.validity.time_start_and_duration.duration_);
if (
(v_vr.validity.time_start_and_end.start_validity < v_aa_vr.validity.time_start_and_duration.start_validity) or
(v_vr.validity.time_start_and_end.end_validity > v_end)
) {
log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: Wrong AA certificate time restrictions ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: Time validity restriction of the AT certificate is good ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that all AIDs containing in the its_aid_ssp_list in AT certificate are unique
* Check that all AIDs containing in the its_aid_ssp_list in AT certificate are also containing in the
* its_aid_list in the correspondent AA certificate
* Check that the length of SSP of each AID is 31 octet maximum
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* containing subject_info.subject_type
* indicating 'authorization_authority' (2)
* containing subject_attributes['its_aid_list']
* containing its_aid_list[0..N]
* indicating ITS_AID_LIST_AA
* containing subject_info.subject_type
* indicating 'authorization_ticket' (1)
* containing subject_attributes['its_aid_ssp_list']
* containing its_aid_ssp_list[0..N]
* containing its_aid_ssp_list[n]
* containing its_aid
* indicating unique value containing in the ITS_AID_LIST_AA
* containing service_specific_permissions
* indicating length <= 31 octet
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_07_01_BV
testcase TC_SEC_ITSS_SND_CERT_AT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var Certificate v_aa_cert, v_at_cert;
var SubjectAttribute v_sa;
var IntXs v_aid_list;
var ItsAidSsps v_aid_ssp_list;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
8059
8060
8061
8062
8063
8064
8065
8066
8067
8068
8069
8070
8071
8072
8073
8074
8075
8076
8077
8078
8079
8080
8081
8082
8083
8084
8085
8086
8087
8088
8089
8090
8091
8092
8093
8094
8095
8096
8097
8098
8099
8100
8101
8102
8103
8104
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
v_aa_cert := v_chain[lengthof(v_chain) - 2];
v_at_cert := v_chain[lengthof(v_chain) - 1];
if (not f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) {
log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_aid_list := v_sa.attribute.its_aid_list;
if (not f_getCertificateSubjectAttribute(v_at_cert, e_its_aid_ssp_list, v_sa)) {
log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_aid_ssp_list := v_sa.attribute.its_aid_ssp_list;
for (var integer v_counter :=0; v_counter < lengthof(v_aid_ssp_list); v_counter := v_counter + 1) {
// Check unique
for (var integer j :=0; j < lengthof(v_aid_ssp_list); j := j + 1) {
if (v_counter != j and v_aid_ssp_list[v_counter].its_aid == v_aid_ssp_list[j].its_aid) {
log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is duplicated in AT certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
// if (not match(v_aid_ssp_list[v_counter], (all from v_aid_list))) {
// log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is not exist in AA certificate ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// if (lengthof(v_aid_ssp_list[v_counter].service_specific_permissions.sspContainer) > 31) {
// log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " has too long service_specific_permissions ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: The ITS_AID_SSP list of the AT certificate is good ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
/**
* @desc Check that AT certificate is signed by AA cert
* <pre>
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate chain in the next CAM
* } ensure that {
* when {
* indicating 'certificate_chain'
* containing certificates[last-1] (CERT_AA)
* containing subject_info.subject_type
* indicating 'authorization_authority' (2)
* and containing subject_attributes['verification key'] (KEY)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (1)
* containing type
* indicating 'certificate_digest_with_sha256'
* containing digest
* referencing to CERT_AA
* and containing signature
* verifiable using KEY
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_08_01_BV
testcase TC_SEC_ITSS_SND_CERT_AT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var CertificateChain v_chain;
var Certificate v_aa_cert, v_at_cert;
var HashedId8 v_aa_digest;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
8168
8169
8170
8171
8172
8173
8174
8175
8176
8177
8178
8179
8180
8181
8182
8183
8184
8185
8186
8187
8188
8189
8190
8191
8192
8193
8194
8195
8196
8197
8198
8199
8200
8201
8202
8203
8204
8205
8206
8207
8208
8209
8210
8211
8212
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
tc_ac.start;
if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (lengthof(v_chain) < 2) {
log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
}
v_at_cert := v_chain[lengthof(v_chain) - 1];
v_aa_cert := v_chain[lengthof(v_chain) - 2];
v_aa_digest := f_calculateDigestFromCertificate(v_aa_cert);
if (not match(v_at_cert, mw_at_certificate(mw_signerInfo_digest(v_aa_digest)))) {
log("*** " & testcasename() & ": FAIL: AT certificate signer info doesn't reference the AA certificate from the chain ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
if (not f_verifyCertificateSignatureWithIssuingCertificate(v_at_cert, v_aa_cert)) {
log("*** " & testcasename() & ": FAIL: AT certificate signature verification failed ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: AT certificate was signed by the AA certificate from the given chain ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CERT_AT_08_01_BV
* @desc Check that all necessary validity restrictions are present and arranged in ascending order
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* the IUT being requested to include certificate in the next CAM
* } ensure that {
* when {
* the IUT is requested to send a CAM
* } then {
* the IUT sends a SecuredMessage
* indicating 'certificate'
* containing certificate
* containing subject_attributes [0..N]
* indicating subject_attributes[n].type < subject_attributes[n+ 1].type
* containing subject_attributes['verification_key']
* containing subject_attributes['assurance_level']
* containing subject_attributes['its_aid_ssp_list']
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_10_01_BV
testcase TC_SEC_ITSS_SND_CERT_AT_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var Certificate v_at_cert;
var ValidityRestriction v_vr;
var ValidityRestrictions v_vrs;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
tc_ac.stop;
if (not match(
v_at_cert,
mw_at_certificate(
mw_signerInfo_certificate
))) {
if (true != f_getCertificateValidityRestriction(v_at_cert.signer_info.signerInfo.certificate, e_time_start_and_end, v_vr)) {
log("*** " & testcasename() & ": FAIL: Required 'time_start_and_end' validity_restriction attribute of AT certificate is not found ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
v_vrs := v_at_cert.signer_info.signerInfo.certificate.validity_restrictions;
for (var integer v_counter := 1; v_counter < lengthof(v_vrs); v_counter := v_counter + 1 ) {
if (v_vrs[v_counter].type_ <= v_vrs[v_counter-1].type_) {
log("*** " & testcasename() & ": FAIL: AT certificate subject attributes are not arranged in ascending order ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: All required AT certificate subject attributes are presents and arranged in ascending order ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} // End of group AT_Certificates
} // End of group sendCertificatesProfile
} // End of group sendingBehavior
/**
* @desc Receiver behaviour test cases
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3 Receiver behaviour
*/
group receiverBehavior {
/**
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3.2 CAM Profile
*/
group recvCamProfile {
/**
* @desc Check that IUT accepts a well-formed Secured CAM containing certificate in signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing any other header fields
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing CAM payload
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, omit, e_certificate);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT accepts a well-formed Secured CAM containing certificate digest of the known certificate in signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* and the IUT already sent a Secured message containing certificate (CERT_TS_A_AT)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* containing type
* indicating 'certificate_digest_with_sha256'
* and containing digest
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing any other header fields
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing CAM payload
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, omit, e_certificate_digest_with_sha256);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT accepts a well-formed Secured CAM containing certificate chain in signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* containing type
* indicating 'certificate_chain'
* and containing certificates
* containing subject_info.subject_type
* indicating 'authorization_authority'
* and containing subject_attributes['verification key'] (KEY_TS_AA)
* and containing certificate (CERT_TS_A_AT) at index 1
* containing subject_info.subject_type
* indicating 'authorization_ticket'
* containing type
* indicating 'certificate_digest_with_sha256'
* containing digest
* verifiable using KEY_TS_AA
* and containing subject_attributes['verification key'] (KEY_TS_AT)
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing any other header fields
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing CAM payload
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_01_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, -, e_certificate_chain);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a Secured CAM containing protocol version set to a value less then 2
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing protocol_version
* indicating 1
* } then {
* the IUT discards a SecuredMessage
* }
* }
* </pre>
*
*/
testcase TC_SEC_ITSS_RCV_CAM_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a Secured CAM containing protocol version set to a value greater then 2
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing protocol_version
* indicating 3
* } then {
* the IUT discards a SecuredMessage
* }
* }
* </pre>
*
*/
testcase TC_SEC_ITSS_RCV_CAM_02_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION); // Change PX_WRONG_PROTOCOL_VERSION to 3
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a secured CAM if the header_fields contains more than one element of header field type: signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'signer_info'
* and containing header_fields[2].type
* indicating 'generation_time'
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_signer_info(
m_signerInfo_certificate(
vc_atCertificate
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a secured CAM if the header_fields does not contain the header field type: signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'generation_time'
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
if (PICS_DEBUG_ADDON) {
f_sendCertificateAndWaitForCertificateChainRequest(cc_taCert_F, f_generateDefaultCam());
}
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT is able to receive a secured CAM if the signer_info header field is not encoded first
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'signer_info'
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM,
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
))
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
/**
* @desc Check that IUT discards a secured CAM if the header_fields doesn't contain the element of header field of type: generation_time
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
9084
9085
9086
9087
9088
9089
9090
9091
9092
9093
9094
9095
9096
9097
9098
9099
9100
9101
9102
9103
9104
9105
9106
9107
9108
9109
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_its_aid_CAM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
9111
9112
9113
9114
9115
9116
9117
9118
9119
9120
9121
9122
9123
9124
9125
9126
9127
9128
9129
9130
9131
9132
9133
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_04_BO
/**
* @desc Check that IUT discards a secured CAM if the header_fields does not contain the header field type: generation_time
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_05_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
9170
9171
9172
9173
9174
9175
9176
9177
9178
9179
9180
9181
9182
9183
9184
9185
9186
9187
9188
9189
9190
9191
9192
9193
9194
9195
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_its_aid_CAM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
9197
9198
9199
9200
9201
9202
9203
9204
9205
9206
9207
9208
9209
9210
9211
9212
9213
9214
9215
9216
9217
9218
9219
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_05_BO
/**
* @desc Check that IUT discards a secured CAM if the header_fields contain more than one element of header field of type: its_aid
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
9221
9222
9223
9224
9225
9226
9227
9228
9229
9230
9231
9232
9233
9234
9235
9236
9237
9238
9239
9240
9241
9242
9243
9244
9245
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_DENM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
9263
9264
9265
9266
9267
9268
9269
9270
9271
9272
9273
9274
9275
9276
9277
9278
9279
9280
9281
9282
9283
9284
9285
9286
9287
9288
9289
9290
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM,
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_06_BO
9307
9308
9309
9310
9311
9312
9313
9314
9315
9316
9317
9318
9319
9320
9321
9322
9323
9324
9325
9326
9327
9328
9329
9330
9331
9332
9333
9334
9335
9336
9337
9338
9339
9340
9341
9342
9343
9344
9345
9346
9347
9348
9349
9350
9351
9352
9353
9354
9355
9356
9357
9358
9359
9360
9361
9362
9363
9364
9365
9366
9367
9368
9369
9370
9371
9372
9373
9374
9375
9376
9377
9378
9379
9380
9381
9382
9383
9384
9385
9386
9387
9388
9389
/**
* @desc Check that IUT discards a secured CAM if the header_fields contain more than one element of header field of type: its_aid
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_06a_BO
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_06a_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()) // In us
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
// Empty on purpose
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_06a_BO
/**
* @desc Check that IUT discards a secured CAM if the header fields are not in the ascending order according to the numbering of the enumeration
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and containing header_fields[2].type
* indicating 'generation_time'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_07_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
9436
9437
9438
9439
9440
9441
9442
9443
9444
9445
9446
9447
9448
9449
9450
9451
9452
9453
9454
9455
9456
9457
9458
9459
9460
9461
9462
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_its_aid_CAM,
m_header_field_generation_time(1000 * f_getCurrentTime()) // In us
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
9464
9465
9466
9467
9468
9469
9470
9471
9472
9473
9474
9475
9476
9477
9478
9479
9480
9481
9482
9483
9484
9485
9486
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_07_BO
/**
* @desc Check that IUT ignores the HeaderFields generation_time_standard_deviation of received Secured CAM
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
9488
9489
9490
9491
9492
9493
9494
9495
9496
9497
9498
9499
9500
9501
9502
9503
9504
9505
9506
9507
9508
9509
9510
9511
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* indicating TIME_1 inside the validity period of the signer certificate
* and containing header_fields[2].type
* indicating 'generation_time_with_standard_deviation'
* indicating TIME_2 inside the validity period of the signer certificate
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_08_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
9529
9530
9531
9532
9533
9534
9535
9536
9537
9538
9539
9540
9541
9542
9543
9544
9545
9546
9547
9548
9549
9550
9551
9552
9553
9554
9555
9556
9557
9558
9559
9560
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_time_with_standard_deviation(
m_time64WithStandardDeviation(
1000, // In us
0
)),
m_header_field_its_aid_CAM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
9562
9563
9564
9565
9566
9567
9568
9569
9570
9571
9572
9573
9574
9575
9576
9577
9578
9579
9580
9581
9582
9583
9584
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_08_BO
/**
* @desc Check that IUT ignores the HeaderFields generation_time_standard_deviation of received Secured CAM
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
9586
9587
9588
9589
9590
9591
9592
9593
9594
9595
9596
9597
9598
9599
9600
9601
9602
9603
9604
9605
9606
9607
9608
9609
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* indicating TIME_1 outside the validity period of the signer certificate
* and containing header_fields[2].type
* indicating 'generation_time_with_standard_deviation'
* indicating TIME_2 inside the validity period of the signer certificate
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_09_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
9627
9628
9629
9630
9631
9632
9633
9634
9635
9636
9637
9638
9639
9640
9641
9642
9643
9644
9645
9646
9647
9648
9649
9650
9651
9652
9653
9654
9655
9656
9657
9658
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_time_with_standard_deviation(
m_time64WithStandardDeviation(
1000 * f_getCurrentTime(), // In us
0
)),
m_header_field_its_aid_CAM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
9660
9661
9662
9663
9664
9665
9666
9667
9668
9669
9670
9671
9672
9673
9674
9675
9676
9677
9678
9679
9680
9681
9682
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_09_BO
/**
* @desc Check that IUT discards the Secured CAM containing the expiry_time HeaderField
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
9684
9685
9686
9687
9688
9689
9690
9691
9692
9693
9694
9695
9696
9697
9698
9699
9700
9701
9702
9703
9704
9705
9706
9707
9708
9709
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* indicating CURRENT_TIME
* and containing header_fields[2]
* containing type
* indicating 'expiration'
* and containing expiry_time
* indicating CURRENT_TIME + 1h
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_10_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
9727
9728
9729
9730
9731
9732
9733
9734
9735
9736
9737
9738
9739
9740
9741
9742
9743
9744
9745
9746
9747
9748
9749
9750
9751
9752
9753
9754
9755
9756
9757
9758
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(
1000 * f_getCurrentTime()
), // In us
m_header_field_expiry_time(
f_getCurrentTime() - 3600/*1h*/
),
m_header_field_its_aid_CAM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
9760
9761
9762
9763
9764
9765
9766
9767
9768
9769
9770
9771
9772
9773
9774
9775
9776
9777
9778
9779
9780
9781
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_10_BO
/**
* @desc Check that IUT ignores the HeaderFields generation_location of received Secured CAM
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
9784
9785
9786
9787
9788
9789
9790
9791
9792
9793
9794
9795
9796
9797
9798
9799
9800
9801
9802
9803
9804
9805
9806
9807
9808
9809
9810
9811
9812
9813
9814
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating certificate
* and containing certificate (CERT_TS_AT_B)
* containing validity_restrictions['region']
* containing region (X_CERT_REGION)
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2]
* containing type
* indicating 'generation_location'
* and containing generation_location
* indicating position outside of the validity restriction of X_CERT_REGION
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_11_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
9832
9833
9834
9835
9836
9837
9838
9839
9840
9841
9842
9843
9844
9845
9846
9847
9848
9849
9850
9851
9852
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_B,
{
m_header_field_generation_time(1000 * (f_getCurrentTime())), // In us
m_header_field_generation_location(
m_threeDLocation(
PX_WGSLONGITUDE,
PX_WGSLATITUDE,
int2oct(0, 2)
)
),
m_header_field_its_aid_CAM
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
9878
9879
9880
9881
9882
9883
9884
9885
9886
9887
9888
9889
9890
9891
9892
9893
9894
9895
9896
9897
9898
9899
9900
9901
9902
9903
9904
9905
9906
9907
9908
9909
9910
/**
* @desc Check that IUT accepts the Secured CAM containing additional non-standard HeaderField
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and containing header_fields[3]
* containing type
* indicating non-standard header field type (200)
* and containing other_header
* indicating non-empty data
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_12_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
9928
9929
9930
9931
9932
9933
9934
9935
9936
9937
9938
9939
9940
9941
9942
9943
9944
9945
9946
9947
9948
9949
9950
9951
9952
9953
9954
9955
9956
9957
9958
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_B,
{
m_header_field_generation_time(1000 * (f_getCurrentTime())), // In us
m_header_field_generation_location(
m_threeDLocation(
PX_WGSLONGITUDE,
PX_WGSLATITUDE,
int2oct(0, 2)
)
),
m_header_field_its_aid_CAM,
m_header_field_unspecify
},
e_certificate_digest_with_sha256,
true
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_12_BV
/**
* @desc Check that IUT discards the Secured CAM containing the header field 'encryption_parameter and recipient_info'
9977
9978
9979
9980
9981
9982
9983
9984
9985
9986
9987
9988
9989
9990
9991
9992
9993
9994
9995
9996
9997
9998
9999
10000
10001
10002
10003
10004
10005
10006
10007
10008
10009
10010
10011
10012
10013
10014
10015
10016
10017
10018
10019
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* and containing header_fields[3]
* containing type
* indicating 'encryption_parameters'
* and containing enc_params
* containing symm_algorithm
* indicating 'aes_128_ccm'
* and containing nonce
* and containing header_fields[4]
* containing type
* indicating 'recipient_info'
* and containing recipients
* containing recipients[0]
* containing cert_id
* referencing to CERT_IUT_A_AT
* and containing pk_encryption
* indicating 'ecies_nistp256'
* and containing enc_key
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
10021
10022
10023
10024
10025
10026
10027
10028
10029
10030
10031
10032
10033
10034
10035
10036
10037
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_04_13_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var Certificate v_iutATCertificate;
var SubjectAttribute v_encryption_key;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
10039
10040
10041
10042
10043
10044
10045
10046
10047
10048
10049
10050
10051
10052
10053
10054
10055
10056
10057
10058
10059
10060
10061
10062
10063
10064
10065
10066
10067
10068
10069
10070
10071
10072
10073
10074
10075
10076
10077
10078
10079
10080
10081
10082
10083
10084
10085
10086
10087
10088
10089
10090
10091
10092
10093
10094
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
if (
(f_readCertificate(cc_iutCert_A, v_iutATCertificate) == false) or
(f_getCertificateSubjectAttribute(v_iutATCertificate, e_encryption_key, v_encryption_key) == false)
) {
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); // Set verdict to inconc
} else {
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_B,
{
m_header_field_generation_time(1000 * (f_getCurrentTime())), // In us
m_header_field_generation_location(
m_threeDLocation(
PX_WGSLONGITUDE,
PX_WGSLATITUDE,
int2oct(0, 2)
)
),
m_header_field_its_aid_CAM, // containing header_fields[2].type
// indicating 'its_aid'
m_header_field_enc_params( // containing header_fields[3].type.enc_params
m_encryptionParameters_aes_128_ccm( // indicating 'aes_128_ccm'
PX_ENCRYPTIONPARAMETERS_AES_128_CCM_NONCE // and containing nonce
)
),
m_header_field_multiple_recipients( // containing header_fields[4].type
{ // indicating 'encryption_parameters'
m_recipientInfo_ecies_enc_key(
v_iutATCertificate.signer_info.signerInfo.digest,
e_ecies_nistp256, // containing symm_algorithm
// indicating 'aes_128_ccm'
m_eciesEncryptedKey_aesccm(
v_encryption_key.attribute.rv,
'00000000000000000000000000000000'O, // FIXME Where to find these values
'00000000000000000000000000000000'O
)
)
}
)
},
e_certificate_digest_with_sha256,
true
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_04_13_BO
* @desc Check that IUT discards a secured CAM if the header_fields contains a signer of type 'self'
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields[0].type
* indicating 'signer_info'
* the IUT discards the message
* }
* </pre>
*
testcase TC_SEC_ITSS_RCV_CAM_05_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
if (PICS_DEBUG_ADDON) {
f_sendCertificate(cc_taCert_F, f_generateDefaultCam());
}
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
m_signerInfo_self
),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a secured CAM if the header_fields contains a signer of type certificate_digest_with_other_algorithm
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_02)
* containing header_fields[0].type
* indicating 'signer_info'
* containing signer.type
* indicating 'certificate_digest_with_other_algorithm'
* } then {
* the IUT discards the message
* }
* }
* </pre>
testcase TC_SEC_ITSS_RCV_CAM_05_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
if (PICS_DEBUG_ADDON) {
f_sendCertificate(cc_taCert_F, f_generateDefaultCam());
}
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
m_signerInfo_other_certificates(
m_certificateWithAlgo_ecdsa(
PX_OTHER_CERT_DIGEST
))),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a secured CAM if the header_fields contains a signer of type certificate_chain and the chain is empty
* Pics Selection: PICS_GN_SECURITY
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_02)
* containing header_fields[0].type
* indicating 'signer_info'
* containing signer.type
* indicating 'certificate_chain'
* and containing certificates
* indicating length = 0
* } then {
* the IUT discards the message
* }
* }
testcase TC_SEC_ITSS_RCV_CAM_05_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
if (PICS_DEBUG_ADDON) {
f_sendCertificate(cc_taCert_F, f_generateDefaultCam());
}
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a secured CAM if the header_fields contains a signer of type certificate_chain and the chain contains only one certificate
* Pics Selection: PICS_GN_SECURITY
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_03)
* containing header_fields[0].type
* indicating 'signer_info'
* containing signer.type
* indicating 'certificate_chain'
* and containing certificates
* } then {
* the IUT discards the message
* }
* }
testcase TC_SEC_ITSS_RCV_CAM_05_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a secured CAM if the header_fields contains a signer info of unknown or reserved type
* Pics Selection: PICS_GN_SECURITY
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
10466
10467
10468
10469
10470
10471
10472
10473
10474
10475
10476
10477
10478
10479
10480
10481
10482
10483
10484
10485
10486
10487
10488
10489
10490
10491
10492
10493
10494
10495
10496
10497
10498
10499
10500
10501
10502
10503
10504
10505
10506
10507
10508
10509
10510
10511
10512
10513
10514
10515
10516
10517
10518
10519
10520
10521
10522
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_02)
* containing header_fields['signer_info']
* containing signer.type
* indicating X_UNKNOWN_SIGNERINFO_TYPE
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_05_05_BO
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_05_05_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_unknown(
'CAFFEEDECA'O
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
e_unknown,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
10524
10525
10526
10527
10528
10529
10530
10531
10532
10533
10534
10535
10536
10537
10538
10539
10540
10541
10542
10543
10544
10545
10546
10547
10548
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_05_05_BO
/**
* @desc Check that IUT discards message containing generation_time before the certificate validity period
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing certificate (CERT_TS_MSG_06_01_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT
* and containing end_validity
* indicating END_VALIDITY_AT
* and containing header_fields ['generation_time']
* containing generation_time
* indicating GEN_TIME < START_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.1
testcase TC_SEC_ITSS_RCV_CAM_06_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_timeValidity);
m_header_field_generation_time(
(v_timeValidity.validity.time_start_and_end.start_validity - 3600) * 1000
},
e_certificate
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards message containing generation_time after the certificate validity period
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing certificate (CERT_TS_MSG_06_02_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT
* and containing end_validity
* indicating END_VALIDITY_AT
* and containing header_fields ['generation_time']
* containing generation_time
* indicating GEN_TIME > END_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_06_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_timeValidity);
m_header_field_generation_time(
(v_timeValidity.validity.time_start_and_end.end_validity + 3600) * 1000
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards Secured CAM if the generation_time is more than 5 minute in the past (C2C only)
* <pre>
10717
10718
10719
10720
10721
10722
10723
10724
10725
10726
10727
10728
10729
10730
10731
10732
10733
10734
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['generation_time']
* containing generation_time
* indicating GEN_TIME ( CURRENT_TIME - 302sec )
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_06_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
(1000 * f_getCurrentTime() - 302) * 1000
) // In us
},
e_certificate_digest_with_sha256
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards Secured CAM if the generation_time is more than 5 minute in the future(C2C only)
* <pre>
10795
10796
10797
10798
10799
10800
10801
10802
10803
10804
10805
10806
10807
10808
10809
10810
10811
10812
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['generation_time']
* containing generation_time
* indicating GEN_TIME ( CURRENT_TIME + 302sec )
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_06_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
(1000 * f_getCurrentTime() + 302) * 1000
) // In us
},
e_certificate_digest_with_sha256
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
10870
10871
10872
10873
10874
10875
10876
10877
10878
10879
10880
10881
10882
10883
10884
10885
10886
10887
10888
10889
10890
10891
10892
10893
10894
10895
* @desc Check that IUT discards secured CAM when its_aid value is not AID_CAM
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['its_aid']
* indicating AID_DENM
* and containing payload_field {
* containing type
* indicating 'signed'
* containing data
* containing CAM payload
* }
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_07_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
10935
10936
10937
10938
10939
10940
10941
10942
10943
10944
10945
10946
10947
10948
10949
10950
10951
10952
10953
10954
10955
10956
10957
10958
10959
10960
10961
10962
10963
10964
10965
10966
10967
10968
10969
10970
10971
10972
10973
10974
10975
10976
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_07_01_BO
/**
* @desc Check that IUT discards secured CAM when its_aid value is undefined
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['its_aid']
* indicating 'AID_UNDEFINED'
* and containing payload_field {
* containing type
* indicating 'signed'
* containing data
* containing CAM payload
* }
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_07_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
10994
10995
10996
10997
10998
10999
11000
11001
11002
11003
11004
11005
11006
11007
11008
11009
11010
11011
11012
11013
11014
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
{
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards the Secured CAM containing empty payload of type 'signed'.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* indicating 'signed'
* and containing data
* indicating length 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_RCV_CAM_09_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC)));
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
))))));
v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket));
f_buildGnSecuredCam(
v_securedMessage,
)
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'unsecured'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing payload_field
* containing type
* indicating 'unsecured'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
testcase TC_SEC_ITSS_RCV_CAM_09_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
11177
11178
11179
11180
11181
11182
11183
11184
11185
11186
11187
11188
11189
11190
11191
11192
11193
11194
11195
11196
v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC)));
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
))))));
v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket));
f_buildGnSecuredCam(
v_securedMessage,
m_payload_unsecured(
v_gnPayload
)
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'encrypted'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* and containing payload_field
* containing type
* indicating 'encrypted'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_RCV_CAM_09_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
11270
11271
11272
11273
11274
11275
11276
11277
11278
11279
11280
11281
11282
11283
11284
11285
11286
11287
11288
11289
11290
11291
11292
11293
v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC)));
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
))))));
v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket));
f_buildGnSecuredCam(
v_securedMessage,
m_payload_encrypted(
v_gnPayload
)
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards the Secured CAM containing exactly one non-empty payload of type 'signed_external'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* indicating 'signed_external'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_RCV_CAM_09_05_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
11363
11364
11365
11366
11367
11368
11369
11370
11371
11372
11373
11374
11375
11376
11377
11378
11379
v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC)));
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
))))));
v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket));
f_buildGnSecuredCam(
v_securedMessage,
m_payload_signed_external(
v_gnPayload
)
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
* @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'signed_and_encrypted'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* indicating 'signed_and_encrypted'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
testcase TC_SEC_ITSS_RCV_CAM_09_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
11456
11457
11458
11459
11460
11461
11462
11463
11464
11465
11466
11467
11468
11469
11470
11471
11472
v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC)));
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
))))));
v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket));
f_buildGnSecuredCam(
v_securedMessage,
m_payload_signed_and_encrypted(
v_gnPayload
)
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_09_06_BO
/**
* @desc Check that IUT discards the Secured CAM containing non-empty payload of unknown type
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
11509
11510
11511
11512
11513
11514
11515
11516
11517
11518
11519
11520
11521
11522
11523
11524
11525
11526
11527
11528
11529
11530
11531
11532
11533
11534
11535
11536
11537
11538
11539
11540
11541
11542
11543
11544
11545
11546
11547
11548
11549
11550
11551
11552
11553
11554
11555
11556
11557
11558
11559
11560
11561
11562
11563
11564
11565
11566
11567
11568
11569
11570
11571
11572
* containing payload_field
* containing type
* indicating X_UNKNOWN_PAYLOAD_TYPE
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_09_07_BO
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_09_07_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC)));
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_camReq(
m_camMsg_vehicle_HF_BV(
f_getTsStationId(),
f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime
LibItsCam_Templates.m_tsPosition
))))));
v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket));
f_buildGnSecuredCam(
v_securedMessage,
m_payload_unknown(
v_gnPayload
)
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_09_07_BO
* @desc Check that IUT discards the Secured CAM doesn't containing the TrailerField of type 'signature'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing trailer_fields
* not containing any instance of type TrailerField
* containing type
* indicating 'signature'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_10_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards the Secured CAM containing more then one instance of TrailerField of type 'signature'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing trailer_fields[0].type
* containing type
* indicating 'signature'
* and containing trailer_fields[1].type
* containing type
* indicating 'signature'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_10_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
11731
11732
11733
11734
11735
11736
11737
11738
11739
11740
11741
11742
11743
11744
11745
11746
11747
11748
11749
11750
11751
11752
11753
11754
11755
11756
11757
11758
/**
* @desc Check that the IUT discards Secured message containing signature that is not verified using the
* verification key from the certificate contained in the message's signer info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info']
* containing certificate
* containing subject_attributes['verification key'] (KEY)
* and containing trailer_fields[0]
* containing type
* indicating 'signature'
* and containing signature
* NOT verifiable using KEY
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_11_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
11778
11779
11780
11781
11782
11783
11784
11785
11786
11787
11788
11789
11790
11791
11792
11793
11794
11795
11796
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam_Bo(
cc_taCert_A,
-,
1,
-,
e_certificate
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
* @desc Check that the IUT discards Secured message containing signature that is not verified using the
* verification key from the certificate, referenced by the digest contained in the message's signer info
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_02)
* containing digest
* referencing to the certificate (CERT_TS_AT_A)
* containing subject_attributes['verification key'] (KEY)
* and containing trailer_fields[0]
* containing type
* indicating 'signature'
* and containing signature
* NOT verifiable using KEY
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_11_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
11859
11860
11861
11862
11863
11864
11865
11866
11867
11868
11869
11870
11871
11872
11873
11874
11875
11876
11877
11878
11879
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_A,
omit,
e_certificate_digest_with_sha256
);
v_securedGnPdu.gnPacket.securedMsg.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s
:= not4b(v_securedGnPdu.gnPacket.securedMsg.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_11_02_BO
/**
* @desc Check that IUT discards the Secured CAM if the message contains trailer field of type 'signature' with reserved public key algorythms
* @remark Values to be provided as X_RESERVED_PK_ALGORYTHM are: 240, 255
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
11910
11911
11912
11913
11914
11915
11916
11917
11918
11919
11920
11921
11922
11923
11924
11925
11926
11927
11928
11929
11930
11931
11932
11933
11934
11935
11936
11937
11938
11939
11940
11941
11942
11943
11944
11945
11946
11947
11948
11949
11950
11951
11952
11953
11954
11955
11956
* containing an instance of type trailer_field
* containing type
* indicating 'signature'
* and containing signature.algorithm
* indicating X_RESERVED_PK_ALGORYTHM
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_11_03_BO
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_11_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam_Bo(
cc_taCert_A,
-,
3
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_11_03_BO
/**
* @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type 'enrolment_credential'
* Pics Selection: PICS_GN_SECURITY
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate (CERT_TS_EC_A)
* containing subject_info.subject_type
* indicating 'enrolment_credentials'
testcase TC_SEC_ITSS_RCV_CAM_12_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
e_certificate,
true
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type 'authorization_authority'
* Pics Selection: PICS_GN_SECURITY
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate (CERT_TS_AA_A)
* containing subject_info.subject_type
* indicating 'authorization_authority'
testcase TC_SEC_ITSS_RCV_CAM_12_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
e_certificate,
true
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type 'enrolment_authority'
* Pics Selection: PICS_GN_SECURITY
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* Expected behaviour:
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info']
* containing signer
* and certificate (CERT_TS_EA_A)
* containing subject_info.subject_type
* indicating 'enrolment_authority'
* } then {
* the IUT discards the message
testcase TC_SEC_ITSS_RCV_CAM_12_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_EA,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
e_certificate,
true
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type 'root_ca'
* Pics Selection: PICS_GN_SECURITY
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* Expected behaviour:
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info']
* containing signer
* and certificate (CERT_TS_ROOT)
* containing subject_info.subject_type
* indicating 'root_ca'
* } then {
* the IUT discards the message
testcase TC_SEC_ITSS_RCV_CAM_12_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam(
cc_taCert_CA,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_CAM
},
e_certificate,
true
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
12300
12301
12302
12303
12304
12305
12306
12307
12308
12309
12310
12311
12312
12313
12314
12315
12316
12317
12318
12319
12320
12321
12322
12323
12324
12325
12326
/**
* @desc Check that IUT discards secured CAM signed with the not yet valid certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_MSG_13_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_01_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT > CURRENT_TIME
* and containing end_validity
* indicating END_VALIDITY_AT > START_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_13_01_BO
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_13_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1301_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards secured CAM signed with the expired certificate
* Pics Selection: PICS_GN_SECURITY
12379
12380
12381
12382
12383
12384
12385
12386
12387
12388
12389
12390
12391
12392
12393
12394
12395
12396
12397
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_MSG_13_02_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_02_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT < CURRENT_TIME
* and containing end_validity
* indicating END_VALIDITY_AT < START_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_13_02_BO
testcase TC_SEC_ITSS_RCV_CAM_13_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1302_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
12441
12442
12443
12444
12445
12446
12447
12448
12449
12450
12451
12452
12453
12454
12455
12456
12457
12458
12459
12460
12461
12462
12463
12464
12465
12466
12467
12468
12469
12470
12471
12472
12473
12474
12475
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_13_02_BO
/**
* @desc Check that IUT discards secured CAM when IUT location is outside the circular validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_MSG_13_03_BO_AT
* and the IUT current location is set to CURRENT_IUT_LOCATION
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_03_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_13_03_BO
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_13_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1303_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
12514
12515
12516
12517
12518
12519
12520
12521
12522
12523
12524
12525
12526
12527
12528
12529
12530
12531
12532
12533
12534
12535
12536
12537
12538
12539
12540
12541
12542
12543
12544
12545
12546
12547
12548
12549
12550
12551
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_13_03_BO
/**
* @desc Check that IUT discards secured CAM when IUT location is outside the rectangular validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_MSG_13_04_BO_AT
* and the IUT current location is set to CURRENT_IUT_LOCATION
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_04_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'rectangle'
* and containing rectanglar_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_13_04_BO
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_13_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1304_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards secured CAM when IUT location is outside the polygonal validity restriction of the signing certificate
* Pics Selection: PICS_GN_SECURITY
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_MSG_13_05_BO_AT
* and the IUT current location is set to CURRENT_IUT_LOCATION
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_05_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_13_05_BO
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_13_05_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1305_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
12660
12661
12662
12663
12664
12665
12666
12667
12668
12669
12670
12671
12672
12673
12674
12675
12676
12677
12678
12679
12680
12681
12682
12683
12684
12685
12686
12687
12688
12689
12690
12691
12692
12693
12694
12695
12696
12697
12698
12699
12700
12701
12702
12703
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_13_05_BO
/**
* @desc Check that IUT discards secured CAM when IUT location is outside the identified validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_MSG_13_06_BO_AT
* and the IUT current location is set to CURRENT_IUT_LOCATION
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_06_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'id'
* and containing id_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_13_06_BO
* @reference ETSI TS 103 097 [1], clause 7.1
*/
testcase TC_SEC_ITSS_RCV_CAM_13_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1306_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
12736
12737
12738
12739
12740
12741
12742
12743
12744
12745
12746
12747
12748
12749
12750
12751
12752
12753
12754
12755
12756
12757
12758
12759
12760
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_13_06_BO
} // End of group recvCamProfile
/**
* @desc Receiving behaviour test cases for DENM profile
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3.3 DENM Profile
*/
group recvDenmProfile {
/**
* @desc Check that IUT accepts a well-formed Secured DENM signed with the certificate without region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_DENM_A’. Only differences to this snippet are mentioned in subsequent test purposes.
12762
12763
12764
12765
12766
12767
12768
12769
12770
12771
12772
12773
12774
12775
12776
12777
12778
12779
12780
12781
12782
12783
12784
12785
12786
12787
12788
12789
12790
12791
12792
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_AT_A)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and not containing validity_restrictions['region']
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* containing generation_location
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_DENM'
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing DENM payload
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_01_01_BV
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert_A, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
12847
12848
12849
12850
12851
12852
12853
12854
12855
12856
12857
12858
12859
12860
12861
12862
12863
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_01_01_BV
/**
* @desc Check that IUT accepts a well-formed Secured DENM signe with the certificate with a circular region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_DENM_A’. Only differences to this snippet are mentioned in subsequent test purposes.
12865
12866
12867
12868
12869
12870
12871
12872
12873
12874
12875
12876
12877
12878
12879
12880
12881
12882
12883
12884
12885
12886
12887
12888
12889
12890
12891
12892
12893
12894
12895
12896
12897
12898
12899
12900
12901
12902
12903
12904
12905
12906
12907
12908
12909
12910
12911
12912
12913
12914
12915
12916
12917
12918
12919
12920
12921
12922
12923
12924
12925
12926
12927
12928
12929
12930
12931
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_B_AT
* and the IUT current location is inside the region validity period of CERT_TS_B_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer {
* containing type
* indicating 'certificate'
* and containing certificate (CERT_AT_B) {
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and containing validity_restrictions['region'] {
* containing region{
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating REGION
* }
* }
* }
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* containing generation_location
* indicating position inside the REGION
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_DENM'
* and not containing any other header_fields
* and containing payload_fields {
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing DENM payload
* }
* and containing trailer_fields {
* containing single instance of type TrailerField {
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* }
* }
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_01_02_BV
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert_B, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
12964
12965
12966
12967
12968
12969
12970
12971
12972
12973
12974
12975
12976
12977
12978
12979
12980
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_01_02_BV
/**
* @desc Check that IUT accepts a well-formed Secured DENM signe with the certificate with a rectangular region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_DENM_A’. Only differences to this snippet are mentioned in subsequent test purposes.
12982
12983
12984
12985
12986
12987
12988
12989
12990
12991
12992
12993
12994
12995
12996
12997
12998
12999
13000
13001
13002
13003
13004
13005
13006
13007
13008
13009
13010
13011
13012
13013
13014
13015
13016
13017
13018
13019
13020
13021
13022
13023
13024
13025
13026
13027
13028
13029
13030
13031
13032
13033
13034
13035
13036
13037
13038
13039
13040
13041
13042
13043
13044
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected Behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_C_AT
* and the IUT current location is inside the region validity period of CERT_TS_C_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_AT_C)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'rectangle'
* and containing rectangular_regions
* indicating REGIONS
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* containing generation_location
* indicating position inside the REGION
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_DENM'
* and not containing any other header_fields
* and containing payload_field
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing DENM payload
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_01_03_BV
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_01_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert_C, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13077
13078
13079
13080
13081
13082
13083
13084
13085
13086
13087
13088
13089
13090
13091
13092
13093
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_01_03_BV
/**
* @desc Check that IUT accepts a well-formed Secured DENM signe with the certificate with a polygonal region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_DENM_A’. Only differences to this snippet are mentioned in subsequent test purposes.
13095
13096
13097
13098
13099
13100
13101
13102
13103
13104
13105
13106
13107
13108
13109
13110
13111
13112
13113
13114
13115
13116
13117
13118
13119
13120
13121
13122
13123
13124
13125
13126
13127
13128
13129
13130
13131
13132
13133
13134
13135
13136
13137
13138
13139
13140
13141
13142
13143
13144
13145
13146
13147
13148
13149
13150
13151
13152
13153
13154
13155
13156
13157
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected Behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_D_AT
* and the IUT current location is inside the region validity period of CERT_TS_D_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_AT_D)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating REGION
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* containing generation_location
* indicating position inside the REGION
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_DENM'
* and not containing any other header_fields
* and containing payload_field
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing DENM payload
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_01_04_BV
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_01_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert_D, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13190
13191
13192
13193
13194
13195
13196
13197
13198
13199
13200
13201
13202
13203
13204
13205
13206
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_01_04_BV
/**
* @desc Check that IUT accepts a well-formed Secured DENM signe with the certificate with a identified region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_DENM_A’. Only differences to this snippet are mentioned in subsequent test purposes.
13208
13209
13210
13211
13212
13213
13214
13215
13216
13217
13218
13219
13220
13221
13222
13223
13224
13225
13226
13227
13228
13229
13230
13231
13232
13233
13234
13235
13236
13237
13238
13239
13240
13241
13242
13243
13244
13245
13246
13247
13248
13249
13250
13251
13252
13253
13254
13255
13256
13257
13258
13259
13260
13261
13262
13263
13264
13265
13266
13267
13268
13269
13270
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected Behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_D_AT
* and the IUT current location is inside the region validity period of CERT_TS_D_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_AT_E)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'id_region'
* and containing identified_region
* indicating REGION
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* containing generation_location
* indicating position inside the REGION
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_DENM'
* and not containing any other header_fields
* and containing payload_field
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing DENM payload
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_01_05_BV
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_01_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert_D, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13303
13304
13305
13306
13307
13308
13309
13310
13311
13312
13313
13314
13315
13316
13317
13318
13319
13320
13321
13322
13323
13324
13325
13326
13327
13328
13329
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_01_05_BV
/**
* @desc Check that IUT discards a Secured DENM containing protocol version set to a value less then 2
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing protocol_version
* indicating 1
* } then {
* the IUT discards a SecuredMessage
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_02_01_BO
* @reference ETSI TS 103 097 [1], clause 5.1
*/
testcase TC_SEC_ITSS_RCV_DENM_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13371
13372
13373
13374
13375
13376
13377
13378
13379
13380
13381
13382
13383
13384
13385
13386
13387
13388
13389
13390
13391
13392
13393
13394
13395
13396
13397
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_02_01_BO
/**
* @desc Check that IUT discards a Secured DENM containing protocol version set to a value greater then 2
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing protocol_version
* indicating 3
* } then {
* the IUT discards a SecuredMessage
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_02_02_BO
* @reference ETSI TS 103 097 [1], clause 5.1
*/
testcase TC_SEC_ITSS_RCV_DENM_02_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13439
13440
13441
13442
13443
13444
13445
13446
13447
13448
13449
13450
13451
13452
13453
13454
13455
13456
13457
13458
13459
13460
13461
13462
13463
13464
13465
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_02_02_BO
/**
* @desc Check that IUT discards a secured DENM if the message contains more than one header field of type 'signer_info'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'signer_info'
* and containing header_fields[2].type
* indicating 'generation_time'
* and containing header_fields[3].type
* indicating 'generation_location'
* and containing header_fields[4].type
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_01_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
13502
13503
13504
13505
13506
13507
13508
13509
13510
13511
13512
13513
13514
13515
13516
13517
13518
13519
13520
13521
13522
13523
13524
13525
13526
13527
13528
13529
13530
13531
13532
13533
13534
13535
13536
13537
13538
13539
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_signer_info(
m_signerInfo_certificate(
vc_aaCertificate
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13541
13542
13543
13544
13545
13546
13547
13548
13549
13550
13551
13552
13553
13554
13555
13556
13557
13558
13559
13560
13561
13562
13563
13564
13565
13566
13567
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_01_BO
/**
* @desc Check that IUT discards a secured DENM if the message does not contain the header field of type 'signer_info'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[0].type
* indicating 'generation_time'
* and containing header_fields[1].type
* indicating 'generation_location'
* and containing header_fields[2].type
* indicating 'its_aid'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_02_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
13600
13601
13602
13603
13604
13605
13606
13607
13608
13609
13610
13611
13612
13613
13614
13615
13616
13617
13618
13619
13620
13621
13622
13623
13624
13625
13626
13627
13628
13629
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13631
13632
13633
13634
13635
13636
13637
13638
13639
13640
13641
13642
13643
13644
13645
13646
13647
13648
13649
13650
13651
13652
13653
13654
13655
13656
13657
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_02_BO
/**
* @desc Check that IUT discards the Secured DENM if the signer_info header field is not encoded first
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[0].type
* indicating 'generation_time'
* and containing header_fields[1].type
* indicating 'generation_location'
* and containing header_fields[2].type
* containing its_aid
* and containing header_fields[3].type
* indicating 'signer_info'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_03_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
13692
13693
13694
13695
13696
13697
13698
13699
13700
13701
13702
13703
13704
13705
13706
13707
13708
13709
13710
13711
13712
13713
13714
13715
13716
13717
13718
13719
13720
13721
13722
13723
13724
13725
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM,
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
))
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13727
13728
13729
13730
13731
13732
13733
13734
13735
13736
13737
13738
13739
13740
13741
13742
13743
13744
13745
13746
13747
13748
13749
13750
13751
13752
13753
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_03_BO
/**
* @desc Check that IUT discards a secured DENM if the message contains more than one header field of type 'generation_time'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
13755
13756
13757
13758
13759
13760
13761
13762
13763
13764
13765
13766
13767
13768
13769
13770
13771
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'generation_time'
* and containing header_fields[3].type
* indicating 'generation_location'
* and containing header_fields[4].type
* containing its_aid
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_04_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
13790
13791
13792
13793
13794
13795
13796
13797
13798
13799
13800
13801
13802
13803
13804
13805
13806
13807
13808
13809
13810
13811
13812
13813
13814
13815
13816
13817
13818
13819
13820
13821
13822
13823
13824
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_time(1000 * f_getCurrentTime() - 1), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13826
13827
13828
13829
13830
13831
13832
13833
13834
13835
13836
13837
13838
13839
13840
13841
13842
13843
13844
13845
13846
13847
13848
13849
13850
13851
13852
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_04_BO
/**
* @desc Check that IUT discards a secured DENM if the message does not contain the header field of type 'generation_time'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_location'
* and containing header_fields[2].type
* containing its_aid
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_05_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_05_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
13885
13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
13896
13897
13898
13899
13900
13901
13902
13903
13904
13905
13906
13907
13908
13909
13910
13911
13912
13913
13914
13915
13916
13917
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
13919
13920
13921
13922
13923
13924
13925
13926
13927
13928
13929
13930
13931
13932
13933
13934
13935
13936
13937
13938
13939
13940
13941
13942
13943
13944
13945
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_05_BO
/**
* @desc Check that IUT discards a secured DENM if the message contains more than one header field of type 'its_aid'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
13947
13948
13949
13950
13951
13952
13953
13954
13955
13956
13957
13958
13959
13960
13961
13962
13963
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'generation_location'
* and containing header_fields[3].type
* containing its_aid
* and containing header_fields[4].type
* containing its_aid
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_06_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
13982
13983
13984
13985
13986
13987
13988
13989
13990
13991
13992
13993
13994
13995
13996
13997
13998
13999
14000
14001
14002
14003
14004
14005
14006
14007
14008
14009
14010
14011
14012
14013
14014
14015
14016
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM,
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
14018
14019
14020
14021
14022
14023
14024
14025
14026
14027
14028
14029
14030
14031
14032
14033
14034
14035
14036
14037
14038
14039
14040
14041
14042
14043
14044
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_06_BO
/**
* @desc Check that IUT discards a secured DENM if the message does not contain the header field of type 'its_aid'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'generation_location'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_06a_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_06a_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
14077
14078
14079
14080
14081
14082
14083
14084
14085
14086
14087
14088
14089
14090
14091
14092
14093
14094
14095
14096
14097
14098
14099
14100
14101
14102
14103
14104
14105
14106
14107
14108
14109
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
)
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
14111
14112
14113
14114
14115
14116
14117
14118
14119
14120
14121
14122
14123
14124
14125
14126
14127
14128
14129
14130
14131
14132
14133
14134
14135
14136
14137
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_06a_BO
/**
* @desc Check that IUT discards a secured DENM if the message contains more than one header field of type 'generation_location'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
14139
14140
14141
14142
14143
14144
14145
14146
14147
14148
14149
14150
14151
14152
14153
14154
14155
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'generation_location'
* and containing header_fields[3].type
* containing 'generation_location'
* and containing header_fields[4].type
* containing its_aid
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_07_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_07_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
14174
14175
14176
14177
14178
14179
14180
14181
14182
14183
14184
14185
14186
14187
14188
14189
14190
14191
14192
14193
14194
14195
14196
14197
14198
14199
14200
14201
14202
14203
14204
14205
14206
14207
14208
14209
14210
14211
14212
14213
14214
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0100'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
14216
14217
14218
14219
14220
14221
14222
14223
14224
14225
14226
14227
14228
14229
14230
14231
14232
14233
14234
14235
14236
14237
14238
14239
14240
14241
14242
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_07_BO
/**
* @desc Check that IUT discards a secured DENM if the message does not contain the header field of type 'generation_location'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* containing its_aid
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_08_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_08_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
14275
14276
14277
14278
14279
14280
14281
14282
14283
14284
14285
14286
14287
14288
14289
14290
14291
14292
14293
14294
14295
14296
14297
14298
14299
14300
14301
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
14303
14304
14305
14306
14307
14308
14309
14310
14311
14312
14313
14314
14315
14316
14317
14318
14319
14320
14321
14322
14323
14324
14325
14326
14327
14328
14329
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_08_BO
/**
* @desc Check that IUT discards a Secured DENM if the header fields are not in the ascending order according to the numbering of the enumeration
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
14331
14332
14333
14334
14335
14336
14337
14338
14339
14340
14341
14342
14343
14344
14345
14346
14347
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* containing its_aid
* and containing header_fields[2].type
* indicating 'generation_time'
* and containing header_fields[3].type
* indicating 'generation_location'
* and containing header_fields[4].type
* containing 'generation_location'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_09_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_09_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
14366
14367
14368
14369
14370
14371
14372
14373
14374
14375
14376
14377
14378
14379
14380
14381
14382
14383
14384
14385
14386
14387
14388
14389
14390
14391
14392
14393
14394
14395
14396
14397
14398
14399
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_its_aid_DENM,
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
)
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
14401
14402
14403
14404
14405
14406
14407
14408
14409
14410
14411
14412
14413
14414
14415
14416
14417
14418
14419
14420
14421
14422
14423
14424
14425
14426
14427
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_09_BO
/**
* @desc Check that IUT discards a Secured DENM containing header field of type 'generation_time_standard_deviation'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
14429
14430
14431
14432
14433
14434
14435
14436
14437
14438
14439
14440
14441
14442
14443
14444
14445
14446
14447
14448
14449
14450
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing time
* indicating CURRENT_TIME
* and containing header_fields[2]
* containing type
* indicating 'generation_time_standard_deviation'
* and containing log_std_dev
* indicating 255
* and containing header_fields[3].type
* indicating 'generation_location'
* and containing header_fields[4].type
* containing its_aid
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_10_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_10_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
14469
14470
14471
14472
14473
14474
14475
14476
14477
14478
14479
14480
14481
14482
14483
14484
14485
14486
14487
14488
14489
14490
14491
14492
14493
14494
14495
14496
14497
14498
14499
14500
14501
14502
14503
14504
14505
14506
14507
14508
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_time_with_standard_deviation(
m_time64WithStandardDeviation(
1000 * f_getCurrentTime(),
255
)
),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
14510
14511
14512
14513
14514
14515
14516
14517
14518
14519
14520
14521
14522
14523
14524
14525
14526
14527
14528
14529
14530
14531
14532
14533
14534
14535
14536
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_10_BO
/**
* @desc Check that IUT discards the Secured DENM containing the header fields of type 'expiry_time'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
14538
14539
14540
14541
14542
14543
14544
14545
14546
14547
14548
14549
14550
14551
14552
14553
14554
14555
14556
14557
14558
14559
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing time
* indicating CURRENT_TIME
* and containing header_fields[2]
* containing type
* indicating 'expiration'
* and containing expiry_time
* indicating CURRENT_TIME + 1 h
* and containing header_fields[3].type
* indicating 'generation_location'
* and containing header_fields[4].type
* containing its_aid
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_11_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_11_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
14578
14579
14580
14581
14582
14583
14584
14585
14586
14587
14588
14589
14590
14591
14592
14593
14594
14595
14596
14597
14598
14599
14600
14601
14602
14603
14604
14605
14606
14607
14608
14609
14610
14611
14612
14613
14614
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_expiry_time(
1000 * (3600 + f_getCurrentTime()) // In us
),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
14616
14617
14618
14619
14620
14621
14622
14623
14624
14625
14626
14627
14628
14629
14630
14631
14632
14633
14634
14635
14636
14637
14638
14639
14640
14641
14642
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_11_BO
/**
* @desc Check that IUT accepts the Secured DENM containing additional non-standard HeaderField
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
14644
14645
14646
14647
14648
14649
14650
14651
14652
14653
14654
14655
14656
14657
14658
14659
14660
14661
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[3].type
* containing its_aid
* and containing header_fields[4]
* containing type
* indicating non-standard header field type (200)
* and containing other_header
* indicating non-empty data
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_12_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_12_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
14680
14681
14682
14683
14684
14685
14686
14687
14688
14689
14690
14691
14692
14693
14694
14695
14696
14697
14698
14699
14700
14701
14702
14703
14704
14705
14706
14707
14708
14709
14710
14711
14712
14713
14714
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM,
m_header_field_unspecify
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_12_BO
/**
* @desc Check that IUT discards the Secured CAM containing the header field 'encryption_parameter and recipient_info'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
14744
14745
14746
14747
14748
14749
14750
14751
14752
14753
14754
14755
14756
14757
14758
14759
14760
14761
14762
14763
14764
14765
14766
14767
14768
14769
14770
14771
14772
14773
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[3].type
* containing its_aid
* and containing header_fields[4]
* containing type
* indicating 'encryption_parameters'
* and containing enc_params
* containing symm_algorithm
* indicating 'aes_128_ccm'
* and containing nonce
* and containing header_fields[4]
* containing type
* indicating 'recipient_info'
* and containing recipients
* containing recipients[0]
* containing cert_id
* referencing to CERT_IUT_A_AT
* and containing pk_encryption
* indicating 'ecies_nistp256'
* and containing enc_key
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_13_BO
14775
14776
14777
14778
14779
14780
14781
14782
14783
14784
14785
14786
14787
14788
14789
14790
14791
14792
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_04_13_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var Certificate v_iutATCertificate;
var SubjectAttribute v_encryption_key;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
if (
(f_readCertificate(cc_iutCert_A, v_iutATCertificate) == false) or
(f_getCertificateSubjectAttribute(v_iutATCertificate, e_encryption_key, v_encryption_key) == false)
14807
14808
14809
14810
14811
14812
14813
14814
14815
14816
14817
14818
14819
14820
14821
14822
14823
14824
14825
14826
14827
14828
14829
14830
14831
14832
14833
14834
14835
14836
14837
14838
14839
14840
14841
14842
14843
14844
14845
14846
14847
14848
14849
14850
14851
14852
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); // Set verdict to inconc
} else {
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM,
m_header_field_enc_params( // containing header_fields[3].type.enc_params
m_encryptionParameters_aes_128_ccm( // indicating 'aes_128_ccm'
PX_ENCRYPTIONPARAMETERS_AES_128_CCM_NONCE // and containing nonce
)
),
m_header_field_multiple_recipients( // containing header_fields[4].type
{ // indicating 'encryption_parameters'
m_recipientInfo_ecies_enc_key(
v_iutATCertificate.signer_info.signerInfo.digest,
e_ecies_nistp256, // containing symm_algorithm
// indicating 'aes_128_ccm'
m_eciesEncryptedKey_aesccm(
v_encryption_key.attribute.rv,
'00000000000000000000000000000000'O, // FIXME Where to find these values
'00000000000000000000000000000000'O
)
)
}
)
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
14854
14855
14856
14857
14858
14859
14860
14861
14862
14863
14864
14865
14866
14867
14868
14869
14870
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_13_BO
/**
* @desc Check that IUT discards the Secured DENM containing the header fields of type 'request_unrecognized_certificate'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing generation_time
* indicating CURRENT_TIME
* and containing header_fields[2].type
* indicating 'request_unrecognized_certificate'
* and containing digests[0]
* indicating the digest of X_IUT_AT_CERT
* and containing header_fields[3].type
* indicating 'generation_location'
* and containing header_fields[4].type
* indicating 'its_aid'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_04_14_BO
testcase TC_SEC_ITSS_RCV_DENM_04_14_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var Certificate v_iutATCertificate;
var SignerInfo v_signerInfo;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
14933
14934
14935
14936
14937
14938
14939
14940
14941
14942
14943
14944
14945
14946
14947
14948
14949
14950
14951
14952
14953
14954
14955
14956
14957
14958
14959
14960
14961
14962
14963
14964
14965
14966
14967
14968
14969
14970
if (
(f_readCertificate(cc_iutCert_A, v_iutATCertificate) == false) or
(f_getCertificateSignerInfo(v_iutATCertificate, v_signerInfo) == false)
) {
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); // Set verdict to inconc
} else {
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_unrecognised_certificate(
f_HashedId3FromHashedId8(
f_calculateDigestFromCertificate(
v_signerInfo.signerInfo.certificate
)
)
),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
14972
14973
14974
14975
14976
14977
14978
14979
14980
14981
14982
14983
14984
14985
14986
14987
14988
14989
14990
14991
14992
14993
14994
14995
14996
14997
14998
14999
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_04_14_BO
/**
* @desc Check that IUT discards a Secured DENM if the header_fields contains a signer of type 'self'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
15001
15002
15003
15004
15005
15006
15007
15008
15009
15010
15011
15012
15013
15014
15015
15016
15017
15018
15019
15020
15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
* containing header_fields[0].type
* indicating 'signer_info'
* containing signer.type
* indicating 'self'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_05_01_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_05_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_self
),
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_self,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_05_01_BO
/**
* @desc Check that IUT discards a Secured DENM if the header_fields contains a signer of type 'certificate_digest_with_other_algorithm'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[0].type
* indicating 'signer_info'
* containing signer.type
* indicating 'certificate_digest_with_other_algorithm'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_05_02_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_05_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
15119
15120
15121
15122
15123
15124
15125
15126
15127
15128
15129
15130
15131
15132
15133
15134
15135
15136
15137
15138
15139
15140
15141
15142
15143
15144
15145
15146
15147
15148
15149
15150
15151
15152
15153
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_other_certificates(
m_certificateWithAlgo_ecdsa(
PX_OTHER_CERT_DIGEST
))),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_digest_with_other_algorithm,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
15155
15156
15157
15158
15159
15160
15161
15162
15163
15164
15165
15166
15167
15168
15169
15170
15171
15172
15173
15174
15175
15176
15177
15178
15179
15180
15181
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_05_02_BO
/**
* @desc Check that IUT discards a Secured DENM if the header_fields contains a signer of type certificate_chain
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[0].type
* indicating 'signer_info'
* containing signer.type
* indicating 'certificate_digest_with_other_algorithm'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_05_03_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_05_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
15211
15212
15213
15214
15215
15216
15217
15218
15219
15220
15221
15222
15223
15224
15225
15226
15227
15228
15229
15230
15231
15232
15233
15234
15235
15236
15237
15238
15239
15240
15241
15242
15243
15244
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_certificates(
{ vc_aaCertificate, vc_atCertificate }
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_certificate_chain,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_05_03_BO
/**
* @desc Check that IUT discards a secured DENM if the header_fields contains a signer info of unknown or reserved type
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
15274
15275
15276
15277
15278
15279
15280
15281
15282
15283
15284
15285
15286
15287
15288
15289
15290
15291
15292
15293
15294
15295
15296
15297
15298
15299
15300
15301
15302
15303
15304
15305
15306
15307
15308
15309
15310
15311
15312
15313
15314
15315
15316
15317
15318
15319
15320
15321
15322
15323
15324
15325
15326
15327
15328
15329
15330
15331
15332
15333
15334
15335
* containing header_fields[0].type
* indicating 'signer_info'
* containing signer.type
* indicating X_UNKNOWN_SIGNERINFO_TYPE
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_05_04_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_05_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_unknown(
'CAFFEEDECA'O
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_DENM
},
e_unknown,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_05_04_BO
/**
* @desc Check that IUT discards a Secured DENM containing generation_time before the certificate validity period
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing certificate (CERT_TS_MSG_06_01_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT
* and containing end_validity
* indicating END_VALIDITY_AT
* and containing header_fields ['generation_time']
* containing generation_time
* indicating GEN_TIME < START_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_06_01_BO
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.2
testcase TC_SEC_ITSS_RCV_DENM_06_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_timeValidity);
m_header_field_generation_time(
(v_timeValidity.validity.time_start_and_end.start_validity - 3600) * 1000
) // In us
},
e_certificate
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a Secured DENM containing generation_time before the certificate validity period
* Pics Selection: PICS_GN_SECURITY
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing certificate (CERT_TS_MSG_06_02_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT
* and containing end_validity
* indicating END_VALIDITY_AT
* and containing header_fields ['generation_time']
* indicating GEN_TIME > END_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_06_02_BO
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.2
testcase TC_SEC_ITSS_RCV_DENM_06_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_validity);
m_header_field_generation_time(
(v_validity.validity.time_start_and_end.end_validity + 3600) * 1000
) // In us
},
e_certificate
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a Secured DENM if the generation_time is more than 10 minute in the past (C2C only)
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields ['generation_time']
* containing generation_time
* indicating GEN_TIME ( CURRENT_TIME - 11min )
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_06_03_BO
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.2
testcase TC_SEC_ITSS_RCV_DENM_06_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_generation_time(
(1000 * f_getCurrentTime() - 660) * 1000
) // In us
},
e_certificate
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
15592
15593
15594
15595
15596
15597
15598
15599
15600
15601
15602
15603
15604
15605
15606
15607
15608
15609
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_06_03_BO
/**
* @desc Check that IUT discards a Secured DENM if the generation_time is more than 10 minute in the future(C2C only)
* <pre>
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields ['generation_time']
* containing generation_time
* indicating GEN_TIME ( CURRENT_TIME + 11min )
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_06_04_BO
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_06_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
15647
15648
15649
15650
15651
15652
15653
15654
15655
15656
15657
15658
15659
15660
15661
15662
15663
15664
15665
15666
15667
15668
15669
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_generation_time(
(1000 * f_getCurrentTime() + 660) * 1000
) // In us
},
e_certificate
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards secured DENM when its_aid value is not equal to AID_DENM
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_07_01_BO
testcase TC_SEC_ITSS_RCV_DENM_07_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_its_aid_CAM
}
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards a Secured DENM when its_aid value is undefined
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['its_aid']
* indicating 'AID_UNDEFINED'
* and containing payload_field {
* containing type
* indicating 'signed'
* containing data
* containing DENM payload
* } then {
* the IUT discards the DENM
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_07_02_BO
testcase TC_SEC_ITSS_RCV_DENM_07_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the circular validity region of the signing certificate
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send DENM
* containing header_fields['signer_info'].type
* indicating 'certificate'
* and containing header_fields ['signer_info'].certificate (CERT_AT_B)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating REGION
* and containing header_fields ['generation_location']
* containing generation_location
* indicating position outside the REGION
* and containing header_fields['its_aid']
* indicating 'AID_DENM'
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_08_01_BO
testcase TC_SEC_ITSS_RCV_DENM_08_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert_B_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the rectangilar validity region of the signing certificate
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send DENM
* containing header_fields['signer_info'].type
* indicating 'certificate'
* and containing header_fields ['signer_info'].certificate (CERT_AT_C)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'rectangle'
* and containing rectangular_regions
* indicating REGION
* and containing header_fields ['generation_location']
* containing generation_location
* indicating position outside the REGION
* and containing header_fields['its_aid']
* indicating 'AID_DENM'
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_08_02_BO
testcase TC_SEC_ITSS_RCV_DENM_08_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert_C_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the polygonal validity region of the signing certificate
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send DENM
* containing header_fields['signer_info'].type
* indicating 'certificate'
* and containing header_fields ['signer_info'].certificate (CERT_AT_D)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating REGION
* and containing header_fields ['generation_location']
* containing generation_location
* indicating position outside the REGION
* and containing header_fields['its_aid']
* indicating 'AID_DENM'
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_08_03_BO
testcase TC_SEC_ITSS_RCV_DENM_08_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert_D_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the identified validity region of the signing certificate
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send DENM
* containing header_fields['signer_info'].type
* indicating 'certificate'
* and containing header_fields ['signer_info'].certificate (CERT_AT_E)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'id_region'
* and containing identified_region
* indicating REGION
* and containing header_fields ['generation_location']
* containing generation_location
* indicating position outside the REGION
* and containing header_fields['its_aid']
* indicating 'AID_DENM'
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_08_04_BO
testcase TC_SEC_ITSS_RCV_DENM_08_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert_E_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that IUT accepts a Secured DENM if the distance between the current position of IUT and the value of optional HeaderField generation_location is 29.9 km (C2C only)
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[generation_location].type
* indicating 'generation_location'
* and containing generation_location
* indicating position in 29.9 km from the current position of IUT
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_08_05_BV
testcase TC_SEC_ITSS_RCV_DENM_08_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var Int32 v_latitude;
var Int32 v_longitude;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
fx_computePositionUsingDistance(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
16216
16217
16218
16219
16220
16221
16222
16223
16224
16225
16226
16227
16228
16229
16230
16231
16232
16233
0,
v_latitude,
v_longitude
);
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_generation_location(
valueof(m_threeDLocation(
v_latitude,
v_longitude,
'0000'O
))
)
},
e_certificate_digest_with_sha256
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_08_05_BV
* @desc Check that IUT discards Secured DENM if the distance between the current position of IUT and the value of optional HeaderField generation_location is more than 30 km
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields[generation_location].type
* indicating 'generation_location'
* and containing generation_location
* indicating position in 31 km from the current position of IUT
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_08_06_BO
testcase TC_SEC_ITSS_RCV_DENM_08_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var Int32 v_latitude;
var Int32 v_longitude;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
fx_computePositionUsingDistance(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
16310
16311
16312
16313
16314
16315
16316
16317
16318
16319
16320
16321
16322
16323
16324
16325
16326
16327
0,
v_latitude,
v_longitude
);
v_securedGnPdu := f_prepareSecuredDenm(
cc_taCert_A,
{
m_header_field_generation_location(
valueof(m_threeDLocation(
v_latitude,
v_longitude,
'0000'O
))
)
},
e_certificate_digest_with_sha256
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_08_06_BO
* @desc Check that IUT discards the Secured DENM containing empty payload of type 'signed'
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing payload_field
* containing type
* indicating 'signed'
* and containing data
* indicating length 0
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_09_02_BO
testcase TC_SEC_ITSS_RCV_DENM_09_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_);
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
16402
16403
16404
16405
16406
16407
16408
16409
16410
16411
16412
16413
16414
16415
16416
16417
16418
16419
16420
16421
16422
16423
16424
16425
16426
16427
16428
16429
16430
16431
16432
16433
16434
16435
16436
16437
16438
16439
16440
16441
16442
16443
16444
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Add the DENM payload
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_denmReq(
m_denmPdu(
m_denm(
m_denmMgmtCon(
m_tsActionId
),
v_situation,
m_denmLocation_zeroDelta
)))))));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredDenm(
v_securedMessage,
m_payload_signed(
''O
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_09_02_BO
* @desc Check that IUT discards the Secured DENM containing payload of type 'unsecured'
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing payload_field
* containing type
* indicating 'unsecured'
* and containing data
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_09_03_BO
testcase TC_SEC_ITSS_RCV_DENM_09_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_);
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
16519
16520
16521
16522
16523
16524
16525
16526
16527
16528
16529
16530
16531
16532
16533
16534
16535
16536
16537
16538
16539
16540
16541
16542
16543
16544
16545
16546
16547
16548
16549
16550
16551
16552
16553
16554
16555
16556
16557
16558
16559
16560
16561
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Add the DENM payload
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_denmReq(
m_denmPdu(
m_denm(
m_denmMgmtCon(
m_tsActionId
),
v_situation,
m_denmLocation_zeroDelta
)))))));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredDenm(
v_securedMessage,
m_payload_unsecured(
v_gnPayload
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_09_03_BO
* @desc Check that IUT discards the Secured DENM containing payload of type 'encrypted'
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing payload_field
* containing type
* indicating 'encrypted'
* and containing data
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_09_04_BO
testcase TC_SEC_ITSS_RCV_DENM_09_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_);
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
16636
16637
16638
16639
16640
16641
16642
16643
16644
16645
16646
16647
16648
16649
16650
16651
16652
16653
16654
16655
16656
16657
16658
16659
16660
16661
16662
16663
16664
16665
16666
16667
16668
16669
16670
16671
16672
16673
16674
16675
16676
16677
16678
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Add the DENM payload
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_denmReq(
m_denmPdu(
m_denm(
m_denmMgmtCon(
m_tsActionId
),
v_situation,
m_denmLocation_zeroDelta
)))))));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredDenm(
v_securedMessage,
m_payload_encrypted(
v_gnPayload
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_09_04_BO
* @desc Check that IUT discards the Secured DENM containing payload of type 'signed_external'
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing payload_field
* containing type
* indicating 'signed_external'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_09_05_BO
testcase TC_SEC_ITSS_RCV_DENM_09_05_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_);
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
16753
16754
16755
16756
16757
16758
16759
16760
16761
16762
16763
16764
16765
16766
16767
16768
16769
16770
16771
16772
16773
16774
16775
16776
16777
16778
16779
16780
16781
16782
16783
16784
16785
16786
16787
16788
16789
16790
16791
16792
16793
16794
16795
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Add the DENM payload
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_denmReq(
m_denmPdu(
m_denm(
m_denmMgmtCon(
m_tsActionId
),
v_situation,
m_denmLocation_zeroDelta
)))))));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredDenm(
v_securedMessage,
m_payload_signed_external(
v_gnPayload
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_09_05_BO
* @desc Check that IUT discards the Secured DENM containing exactly one non-empty payload of type 'signed_and_encrypted'
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing payload_field
* containing type
* indicating 'signed_and_encrypted'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_09_06_BO
testcase TC_SEC_ITSS_RCV_DENM_09_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_);
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
16870
16871
16872
16873
16874
16875
16876
16877
16878
16879
16880
16881
16882
16883
16884
16885
16886
16887
16888
16889
16890
16891
16892
16893
16894
16895
16896
16897
16898
16899
16900
16901
16902
16903
16904
16905
16906
16907
16908
16909
16910
16911
16912
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Add the DENM payload
v_gnNonSecuredPacket.payload := valueof(
f_adaptPayload_m(
bit2oct(
encvalue(
m_denmReq(
m_denmPdu(
m_denm(
m_denmMgmtCon(
m_tsActionId
),
v_situation,
m_denmLocation_zeroDelta
)))))));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredDenm(
v_securedMessage,
m_payload_signed_and_encrypted(
v_gnPayload
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
} // End of 'for' statement
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_09_06_BO
* @desc Check that IUT discards the Secured DENM if the message does not contain the trailer field of type signature
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing trailer_fields
* not containing any instance of type TrailerField
* containing type
* indicating 'signature'
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_10_01_BO
testcase TC_SEC_ITSS_RCV_DENM_10_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm_Bo(cc_taCert_A, -, 0);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_10_01_BO
* @desc Check that IUT discards the Secured DENM containing more than one instance of TrailerField of type 'signature'
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing trailer_fields[0].type
* containing type
* indicating 'signature'
* and containing trailer_fields[1].type
* containing type
* indicating 'signature'
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_10_02_BO
testcase TC_SEC_ITSS_RCV_DENM_10_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm_Bo(cc_taCert_A, -, 2);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_10_02_BO
* @desc Check that the IUT discards Secured DENM containing signature that is not verified using the verification key from the certificate contained in the message's signer info
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields ['signer_info']
* containing certificate (CERT_TS_A_AT)
* containing subject_attributes['verification key'] (KEY)
* and containing trailer_fields[0]
* containing type
* indicating 'signature'
* and containing signature
* NOT verifiable using KEY
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_11_01_BO
testcase TC_SEC_ITSS_RCV_DENM_11_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm_Bo(
cc_taCert_A,
-,
1,
-,
e_certificate
);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_11_01_BO
/**
* @desc Check that IUT discards the Secured DENM if the message contains trailer field of type 'signature' with reserved public key algorythms
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing trailer_fields
* containing an instance of type TrailerField
* containing type
* indicating 'signature'
* and containing signature.algorithm
* indicating X_RESERVED_PK_ALGORYTHM
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_11_02_BO
17178
17179
17180
17181
17182
17183
17184
17185
17186
17187
17188
17189
17190
17191
17192
17193
17194
17195
17196
17197
17198
17199
17200
17201
17202
17203
17204
17205
17206
17207
17208
17209
17210
*/
testcase TC_SEC_ITSS_RCV_DENM_11_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm_Bo(
cc_taCert_A,
-,
3
);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_11_02_BO
/**
* @desc Check that IUT discards a Secured DENM if the signer certificate of the message contains the subject type 'enrolment_credential'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate (CERT_TS_EC_A)
* containing subject_info.subject_type
* indicating 'enrolment_credentials'
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_12_01_BO
*/
testcase TC_SEC_ITSS_RCV_DENM_12_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
17257
17258
17259
17260
17261
17262
17263
17264
17265
17266
17267
17268
17269
17270
17271
17272
17273
17274
17275
17276
17277
17278
17279
17280
17281
17282
17283
17284
17285
17286
17287
17288
17289
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(
cc_taCert_EC,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_DENM
},
e_certificate
);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17291
17292
17293
17294
17295
17296
17297
17298
17299
17300
17301
17302
17303
17304
17305
17306
17307
17308
17309
17310
17311
17312
17313
17314
17315
17316
17317
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_12_01_BO
/**
* @desc Check that IUT discards a Secured DENM if the signer certificate of the message contains the subject type "authorization_authority"
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate (CERT_TS_A_AA)
* containing subject_info.subject_type
* indicating 'authorization_authority'
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_12_02_BO
17333
17334
17335
17336
17337
17338
17339
17340
17341
17342
17343
17344
17345
17346
17347
17348
17349
17350
17351
17352
17353
17354
17355
17356
17357
17358
17359
17360
17361
17362
17363
17364
17365
17366
17367
17368
*/
testcase TC_SEC_ITSS_RCV_DENM_12_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(
cc_taCert_AA,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_DENM
},
e_certificate
);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17370
17371
17372
17373
17374
17375
17376
17377
17378
17379
17380
17381
17382
17383
17384
17385
17386
17387
17388
17389
17390
17391
17392
17393
17394
17395
17396
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_12_02_BO
/**
* @desc Check that IUT discards a Secured DENM if the signer certificate of the message contains the subject type 'enrolment_authority'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* and certificate (CERT_TS_EA_A)
* containing subject_info.subject_type
* indicating 'enrolment_authority'
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_12_03_BO
17412
17413
17414
17415
17416
17417
17418
17419
17420
17421
17422
17423
17424
17425
17426
17427
17428
17429
17430
17431
17432
17433
17434
17435
17436
17437
17438
17439
17440
17441
17442
17443
17444
17445
17446
17447
*/
testcase TC_SEC_ITSS_RCV_DENM_12_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(
cc_taCert_EA,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_DENM
},
e_certificate
);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17449
17450
17451
17452
17453
17454
17455
17456
17457
17458
17459
17460
17461
17462
17463
17464
17465
17466
17467
17468
17469
17470
17471
17472
17473
17474
17475
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_12_03_BO
/**
* @desc Check that IUT discards a Secured DENM if the signer certificate of the message contains the subject type 'root_ca'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* and certificate (CERT_TS_ROOT)
* containing subject_info.subject_type
* indicating 'root_ca'
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_12_04_BO
17491
17492
17493
17494
17495
17496
17497
17498
17499
17500
17501
17502
17503
17504
17505
17506
17507
17508
17509
17510
17511
17512
17513
17514
17515
17516
17517
17518
17519
17520
17521
17522
17523
17524
17525
17526
*/
testcase TC_SEC_ITSS_RCV_DENM_12_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(
cc_taCert_CA,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_DENM
},
e_certificate
);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17528
17529
17530
17531
17532
17533
17534
17535
17536
17537
17538
17539
17540
17541
17542
17543
17544
17545
17546
17547
17548
17549
17550
17551
17552
17553
17554
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_12_04_BO
/**
* @desc Check that IUT discards secured DENM signed with the not yet valid certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_01_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT > CURRENT_TIME
* and containing end_validity
* indicating END_VALIDITY_AT > START_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_13_01_BO
17569
17570
17571
17572
17573
17574
17575
17576
17577
17578
17579
17580
17581
17582
17583
17584
17585
17586
17587
17588
17589
17590
17591
17592
17593
17594
17595
17596
17597
17598
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_13_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1301_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17600
17601
17602
17603
17604
17605
17606
17607
17608
17609
17610
17611
17612
17613
17614
17615
17616
17617
17618
17619
17620
17621
17622
17623
17624
17625
17626
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_13_01_BO
/**
* @desc Check that IUT discards secured DENM signed with the expired certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_02_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT < CURRENT_TIME
* and containing end_validity
* indicating END_VALIDITY_AT < START_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_13_02_BO
17641
17642
17643
17644
17645
17646
17647
17648
17649
17650
17651
17652
17653
17654
17655
17656
17657
17658
17659
17660
17661
17662
17663
17664
17665
17666
17667
17668
17669
17670
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_13_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1302_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17672
17673
17674
17675
17676
17677
17678
17679
17680
17681
17682
17683
17684
17685
17686
17687
17688
17689
17690
17691
17692
17693
17694
17695
17696
17697
17698
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_13_02_BO
/**
* @desc Check that IUT discards secured DENM when IUT location is outside the circular validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_03_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_13_03_BO
17715
17716
17717
17718
17719
17720
17721
17722
17723
17724
17725
17726
17727
17728
17729
17730
17731
17732
17733
17734
17735
17736
17737
17738
17739
17740
17741
17742
17743
17744
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_13_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1303_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17746
17747
17748
17749
17750
17751
17752
17753
17754
17755
17756
17757
17758
17759
17760
17761
17762
17763
17764
17765
17766
17767
17768
17769
17770
17771
17772
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_13_03_BO
/**
* @desc Check that IUT discards secured DENM when IUT location is outside the rectangular validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_04_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_13_04_BO
17789
17790
17791
17792
17793
17794
17795
17796
17797
17798
17799
17800
17801
17802
17803
17804
17805
17806
17807
17808
17809
17810
17811
17812
17813
17814
17815
17816
17817
17818
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_13_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1304_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17820
17821
17822
17823
17824
17825
17826
17827
17828
17829
17830
17831
17832
17833
17834
17835
17836
17837
17838
17839
17840
17841
17842
17843
17844
17845
17846
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_13_04_BO
/**
* @desc Check that IUT discards secured DENM when IUT location is outside the polygonal validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_05_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'rectangle'
* and containing rectanglar_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_13_05_BO
17863
17864
17865
17866
17867
17868
17869
17870
17871
17872
17873
17874
17875
17876
17877
17878
17879
17880
17881
17882
17883
17884
17885
17886
17887
17888
17889
17890
17891
17892
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_13_05_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1305_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17894
17895
17896
17897
17898
17899
17900
17901
17902
17903
17904
17905
17906
17907
17908
17909
17910
17911
17912
17913
17914
17915
17916
17917
17918
17919
17920
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_13_05_BO
/**
* @desc Check that IUT discards secured DENM when IUT location is outside the identified validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_06_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'id'
* and containing id_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_DENM_13_06_BO
17937
17938
17939
17940
17941
17942
17943
17944
17945
17946
17947
17948
17949
17950
17951
17952
17953
17954
17955
17956
17957
17958
17959
17960
17961
17962
17963
17964
17965
17966
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_DENM_13_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1306_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
17968
17969
17970
17971
17972
17973
17974
17975
17976
17977
17978
17979
17980
17981
17982
17983
17984
17985
17986
17987
17988
17989
17990
17991
17992
17993
17994
17995
17996
17997
17998
17999
18000
18001
18002
18003
18004
18005
18006
18007
18008
18009
18010
18011
18012
18013
18014
18015
18016
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_DENM_13_06_BO
} // End of group recvDenmProfile
/**
* @desc Receiving behaviour test cases for Other profile
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3.4 Generic Signed Message Profile
*/
group recvOtherProfile {
/**
* @desc Function used to verify the IUT has forwarded or discarded the received secured message sent by the TA
*/
group commonFunctions {
/**
* @desc Behavior function for NodeD in case of forwarding is expected
* @see TC_GEONW_PON_GBC_BV_01
*/
function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD() runs on ItsGeoNetworking {
// Local variables
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_dummy,
mw_geoNwBroadcastPacketWithArea(
18018
18019
18020
18021
18022
18023
18024
18025
18026
18027
18028
18029
18030
18031
18032
18033
18034
18035
18036
18037
18038
18039
18040
18041
18042
18043
18044
18045
18046
18047
18048
18049
18050
18051
18052
18053
18054
18055
18056
18057
18058
18059
18060
18061
18062
18063
18064
18065
18066
18067
v_longPosVectorNodeB
),
?,
f_getGeoBroadcastArea(c_area1)
)))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: Beacon message was forwarded ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_dummy
))) {
// Do not restart tc_ac timer
log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***");
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": FAIL: GBC message not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
}
// Postamble
f_poNeighbour();
} // End of function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD
/**
* @desc Behavior function for NodeD in case of forwarding is not expected
* @see TC_GEONW_PON_GBC_BV_01
*/
function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD() runs on ItsGeoNetworking {
// Local variables
var LongPosVector v_longPosVectorIut := f_getPosition(c_compIut);
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
// Test Body
tc_noac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_dummy,
mw_geoNwBroadcastPacketWithArea(
18069
18070
18071
18072
18073
18074
18075
18076
18077
18078
18079
18080
18081
18082
18083
18084
18085
18086
18087
18088
18089
18090
18091
18092
18093
18094
18095
18096
18097
18098
18099
18100
18101
v_longPosVectorIut
),
?,
f_getGeoBroadcastArea(c_area1)
)))) {
tc_noac.stop;
log("*** " & testcasename() & ": FAIL: Beacon message shall ot be forwarded ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_dummy
))) {
// Do not restart tc_ac timer
log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***");
repeat;
}
[] tc_noac.timeout {
log("*** " & testcasename() & ": PASS: Secured message was discarded ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
}
// Postamble
f_poNeighbour();
} // End of function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD
} // End of goup commonFunctions
/**
* @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate without region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes
18103
18104
18105
18106
18107
18108
18109
18110
18111
18112
18113
18114
18115
18116
18117
18118
18119
18120
18121
18122
18123
18124
18125
18126
18127
18128
18129
18130
18131
18132
18133
18134
18135
18136
18137
18138
18139
18140
18141
18142
18143
18144
18145
18146
18147
18148
18149
18150
18151
18152
18153
18154
18155
18156
18157
18158
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_AT_A)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and containing validity_restrictions['time_start_and_end']
* indicating CERT_TS_AT_TIME_VALIDITY
* and not containing validity_restrictions['region']
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* inside CERT_TS_AT_TIME_VALIDITY
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* containing generation_location
* and containing generation_location
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* and containing its_aid
* indicating 'AID_BEACON'
* and containing payload_field
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_01_01_BV
*/
testcase TC_SEC_ITSS_RCV_GENMSG_01_01_BV() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
18171
18172
18173
18174
18175
18176
18177
18178
18179
18180
18181
18182
18183
18184
18185
18186
18187
18188
18189
18190
18191
18192
18193
18194
18195
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_A));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_01_BV
/**
* @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a circular region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes
18197
18198
18199
18200
18201
18202
18203
18204
18205
18206
18207
18208
18209
18210
18211
18212
18213
18214
18215
18216
18217
18218
18219
18220
18221
18222
18223
18224
18225
18226
18227
18228
18229
18230
18231
18232
18233
18234
18235
18236
18237
18238
18239
18240
18241
18242
18243
18244
18245
18246
18247
18248
18249
18250
18251
18252
18253
18254
18255
18256
18257
18258
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_B_AT
* and the IUT current location is inside the region validity period of CERT_TS_B_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_B_AT)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and containing validity_restrictions['time_start_and_end']
* indicating CERT_TS_AT_TIME_VALIDITY
* and containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating REGION
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* and containing generation_location
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* and containing its_aid
* indicating 'AID_BEACON'
* and containing payload_field
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_01_02_BV
*/
testcase TC_SEC_ITSS_RCV_GENMSG_01_02_BV() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
18271
18272
18273
18274
18275
18276
18277
18278
18279
18280
18281
18282
18283
18284
18285
18286
18287
18288
18289
18290
18291
18292
18293
18294
18295
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_B));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_02_BV
/**
* @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes
18297
18298
18299
18300
18301
18302
18303
18304
18305
18306
18307
18308
18309
18310
18311
18312
18313
18314
18315
18316
18317
18318
18319
18320
18321
18322
18323
18324
18325
18326
18327
18328
18329
18330
18331
18332
18333
18334
18335
18336
18337
18338
18339
18340
18341
18342
18343
18344
18345
18346
18347
18348
18349
18350
18351
18352
18353
18354
18355
18356
18357
18358
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_C_AT
* and the IUT current location is inside the region validity period of CERT_TS_C_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_C_AT)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and containing validity_restrictions['time_start_and_end']
* indicating CERT_TS_AT_TIME_VALIDITY
* and containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region
* indicating REGION
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* and containing generation_location
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* and containing its_aid
* indicating 'AID_BEACON'
* and containing payload_field
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_01_03_BV
*/
testcase TC_SEC_ITSS_RCV_GENMSG_01_03_BV() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
18371
18372
18373
18374
18375
18376
18377
18378
18379
18380
18381
18382
18383
18384
18385
18386
18387
18388
18389
18390
18391
18392
18393
18394
18395
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_C));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_03_BV
/**
* @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes
18397
18398
18399
18400
18401
18402
18403
18404
18405
18406
18407
18408
18409
18410
18411
18412
18413
18414
18415
18416
18417
18418
18419
18420
18421
18422
18423
18424
18425
18426
18427
18428
18429
18430
18431
18432
18433
18434
18435
18436
18437
18438
18439
18440
18441
18442
18443
18444
18445
18446
18447
18448
18449
18450
18451
18452
18453
18454
18455
18456
18457
18458
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_D_AT
* and the IUT current location is inside the region validity period of CERT_TS_D_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_D_AT)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and containing validity_restrictions['time_start_and_end']
* indicating CERT_TS_AT_TIME_VALIDITY
* and containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating REGION
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* and containing generation_location
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* and containing its_aid
* indicating 'AID_BEACON'
* and containing payload_field
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_01_04_BV
*/
testcase TC_SEC_ITSS_RCV_GENMSG_01_04_BV() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
18471
18472
18473
18474
18475
18476
18477
18478
18479
18480
18481
18482
18483
18484
18485
18486
18487
18488
18489
18490
18491
18492
18493
18494
18495
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_D));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_04_BV
/**
* @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction
* @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes
18497
18498
18499
18500
18501
18502
18503
18504
18505
18506
18507
18508
18509
18510
18511
18512
18513
18514
18515
18516
18517
18518
18519
18520
18521
18522
18523
18524
18525
18526
18527
18528
18529
18530
18531
18532
18533
18534
18535
18536
18537
18538
18539
18540
18541
18542
18543
18544
18545
18546
18547
18548
18549
18550
18551
18552
18553
18554
18555
18556
18557
18558
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_E_AT
* and the IUT current location is inside the region validity period of CERT_TS_E_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_E_AT)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* and containing validity_restrictions['time_start_and_end']
* indicating CERT_TS_AT_TIME_VALIDITY
* and containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'id_region'
* and containing id_region
* indicating REGION
* and containing header_fields [1]
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* and containing header_fields [2]
* containing type
* indicating 'generation_location'
* and containing generation_location
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* and containing its_aid
* indicating 'AID_BEACON'
* and containing payload_field
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* and containing trailer_fields
* containing single instance of type TrailerField
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_01_05_BV
*/
testcase TC_SEC_ITSS_RCV_GENMSG_01_05_BV() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
18571
18572
18573
18574
18575
18576
18577
18578
18579
18580
18581
18582
18583
18584
18585
18586
18587
18588
18589
18590
18591
18592
18593
18594
18595
18596
18597
18598
18599
18600
18601
18602
18603
18604
18605
18606
18607
18608
18609
18610
18611
18612
18613
18614
18615
18616
18617
18618
18619
18620
18621
18622
18623
18624
18625
18626
18627
18628
18629
18630
18631
18632
18633
18634
18635
18636
18637
18638
18639
18640
18641
18642
18643
18644
18645
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_E));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_05_BV
group g_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(
in charstring p_taCert
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredBeacon(p_taCert, omit, e_certificate);
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of function f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV
/**
* @desc Check that IUT discards a Secured GN Message containing protocol version set to a value less than 2
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating 1
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_02_01_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_02_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB(PX_WRONG_PROTOCOL_VERSION));
18671
18672
18673
18674
18675
18676
18677
18678
18679
18680
18681
18682
18683
18684
18685
18686
18687
18688
18689
18690
18691
18692
18693
18694
18695
18696
18697
18698
18699
18700
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_02_01_BO
/**
* @desc Check that IUT discards a Secured GN Message containing protocol version set to a value greater than 2
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating 3
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_02_02_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_02_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB(PX_WRONG_PROTOCOL_VERSION));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_02_02_BO
group g_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB(
18743
18744
18745
18746
18747
18748
18749
18750
18751
18752
18753
18754
18755
18756
18757
18758
18759
18760
18761
18762
18763
18764
18765
18766
18767
18768
18769
18770
18771
18772
18773
18774
18775
18776
18777
18778
18779
18780
18781
18782
18783
18784
18785
18786
18787
18788
18789
18790
18791
18792
18793
18794
18795
18796
18797
18798
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredBeacon_Bo(cc_taCert_A, p_protocolVersion);
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of function f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_02_0x_BV
/**
* @desc Check that IUT discards a secured GN Message if the header_fields contains more than one header field of type 'signer_info'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'signer_info'
* and containing header_fields[2].type
* indicating 'generation_time'
* and containing header_fields[3].type
* indicating ''generation_location''
* and containing header_fields[4].type
* containing its_aid
* indicating 'AID_BEACON'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_01_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_04_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
18811
18812
18813
18814
18815
18816
18817
18818
18819
18820
18821
18822
18823
18824
18825
18826
18827
18828
18829
18830
18831
18832
18833
18834
18835
18836
18837
18838
18839
18840
18841
18842
18843
18844
18845
18846
18847
18848
18849
18850
18851
18852
18853
18854
18855
18856
18857
18858
18859
18860
18861
18862
18863
18864
18865
18866
18867
18868
18869
18870
18871
18872
18873
18874
18875
18876
18877
18878
18879
18880
18881
18882
18883
18884
18885
18886
18887
18888
18889
18890
18891
18892
18893
18894
18895
18896
18897
18898
18899
18900
18901
18902
18903
18904
18905
18906
18907
18908
18909
18910
18911
18912
18913
18914
18915
18916
18917
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_01_BO
group g_TC_SEC_ITSS_RCV_GENMSG_04_01_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_signer_info(
m_signerInfo_certificate(
vc_aaCertificate
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_01_BO
/**
* @desc Check that IUT discards a secured GN Message if the header_fields does not contain the header field of type 'signer_info'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* and containing header_fields[0].type
* indicating 'generation_time'
* and containing header_fields[1].type
* indicating 'generation_location'
* and containing header_fields[2].type
* indicating 'signer_info'
* and containing header_fields[3].type
* containing its_aid
* indicating 'AID_BEACON'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_02_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_04_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
18930
18931
18932
18933
18934
18935
18936
18937
18938
18939
18940
18941
18942
18943
18944
18945
18946
18947
18948
18949
18950
18951
18952
18953
18954
18955
18956
18957
18958
18959
18960
18961
18962
18963
18964
18965
18966
18967
18968
18969
18970
18971
18972
18973
18974
18975
18976
18977
18978
18979
18980
18981
18982
18983
18984
18985
18986
18987
18988
18989
18990
18991
18992
18993
18994
18995
18996
18997
18998
18999
19000
19001
19002
19003
19004
19005
19006
19007
19008
19009
19010
19011
19012
19013
19014
19015
19016
19017
19018
19019
19020
19021
19022
19023
19024
19025
19026
19027
19028
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_02_BO
group g_TC_SEC_ITSS_RCV_GENMSG_04_02_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_02_BO
/**
* @desc Check that IUT is able to receive a secured GN Message if the signer_info header field is not encoded first.
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* and containing header_fields[0].type
* indicating 'generation_time'
* and containing header_fields[1].type
* indicating 'generation_location'
* and containing header_fields[2].type
* containing its_aid
* indicating 'AID_BEACON'
* and containing header_fields[3].type
* indicating 'signer_info'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_03_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_04_03_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
19041
19042
19043
19044
19045
19046
19047
19048
19049
19050
19051
19052
19053
19054
19055
19056
19057
19058
19059
19060
19061
19062
19063
19064
19065
19066
19067
19068
19069
19070
19071
19072
19073
19074
19075
19076
19077
19078
19079
19080
19081
19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
19130
19131
19132
19133
19134
19135
19136
19137
19138
19139
19140
19141
19142
19143
19144
19145
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_03_BO
group g_TC_SEC_ITSS_RCV_GENMSG_04_03_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other,
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
))
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_03_BO
/**
* @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_time'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'generation_time'
* and containing header_fields[3].type
* indicating 'generation_time'
* and containing header_fields[4].type
* containing its_aid
* indicating 'AID_BEACON'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_04_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_04_04_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
19158
19159
19160
19161
19162
19163
19164
19165
19166
19167
19168
19169
19170
19171
19172
19173
19174
19175
19176
19177
19178
19179
19180
19181
19182
19183
19184
19185
19186
19187
19188
19189
19190
19191
19192
19193
19194
19195
19196
19197
19198
19199
19200
19201
19202
19203
19204
19205
19206
19207
19208
19209
19210
19211
19212
19213
19214
19215
19216
19217
19218
19219
19220
19221
19222
19223
19224
19225
19226
19227
19228
19229
19230
19231
19232
19233
19234
19235
19236
19237
19238
19239
19240
19241
19242
19243
19244
19245
19246
19247
19248
19249
19250
19251
19252
19253
19254
19255
19256
19257
19258
19259
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_04_BO
group g_TC_SEC_ITSS_RCV_GENMSG_04_04_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_time(1000 * f_getCurrentTime() - 1), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_04_BO
/**
* @desc Check that IUT discards a secured GN Message if the message does not contain the header field of type 'generation_time'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* containing its_aid
* indicating 'AID_BEACON'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_05_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_04_05_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
19272
19273
19274
19275
19276
19277
19278
19279
19280
19281
19282
19283
19284
19285
19286
19287
19288
19289
19290
19291
19292
19293
19294
19295
19296
19297
19298
19299
19300
19301
19302
19303
19304
19305
19306
19307
19308
19309
19310
19311
19312
19313
19314
19315
19316
19317
19318
19319
19320
19321
19322
19323
19324
19325
19326
19327
19328
19329
19330
19331
19332
19333
19334
19335
19336
19337
19338
19339
19340
19341
19342
19343
19344
19345
19346
19347
19348
19349
19350
19351
19352
19353
19354
19355
19356
19357
19358
19359
19360
19361
19362
19363
19364
19365
19366
19367
19368
19369
19370
19371
19372
19373
19374
19375
19376
19377
19378
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_05_BO
group g_TC_SEC_ITSS_RCV_GENMSG_04_05_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_05_BO
/**
* @desc Check that IUT discards a Secured GN Message if the message contains more than one header field of type 'its_aid'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'generation_location'
* and containing header_fields[3]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_BEACON'
* and containing header_fields[4].type
* containing its_aid
* indicating 'AID_BEACON'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_06_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_04_06_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_06_BO
group g_TC_SEC_ITSS_RCV_GENMSG_04_06_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other,
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_06_BO
/**
* @desc Check that IUT discards a secured GN Message if the message does not contain the header field of type 'its_aid'
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
19484
19485
19486
19487
19488
19489
19490
19491
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'generation_location'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_06a_BO
testcase TC_SEC_ITSS_RCV_GENMSG_04_06a_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO() runs on ItsGeoNetworking {
19533
19534
19535
19536
19537
19538
19539
19540
19541
19542
19543
19544
19545
19546
19547
19548
19549
19550
19551
19552
19553
19554
19555
19556
19557
19558
19559
19560
19561
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
19576
19577
19578
19579
19580
19581
19582
19583
19584
19585
19586
19587
19588
19589
19590
19591
19592
19593
19594
/**
* @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_location'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* indicating 'generation_location'
* and containing header_fields[3].type
* indicating 'generation_location'
* and containing header_fields[4]
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_BEACON'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_07_BO
testcase TC_SEC_ITSS_RCV_GENMSG_04_07_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO() runs on ItsGeoNetworking {
19651
19652
19653
19654
19655
19656
19657
19658
19659
19660
19661
19662
19663
19664
19665
19666
19667
19668
19669
19670
19671
19672
19673
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0100'O
))
),
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
* @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_location'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* and containing header_fields[4].type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_BEACON'
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_08_BO
testcase TC_SEC_ITSS_RCV_GENMSG_04_08_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO() runs on ItsGeoNetworking {
19773
19774
19775
19776
19777
19778
19779
19780
19781
19782
19783
19784
19785
19786
19787
19788
19789
19790
19791
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_its_aid_Other
},
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
* @desc Check that IUT is able to receive a Secured GN Beacon if the header fields are not in the ascending order according to the numbering of the enumeration
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'its_aid'
* and containing header_fields[2].type
* indicating 'generation_time'
* and containing header_fields[3].type
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_09_BO
testcase TC_SEC_ITSS_RCV_GENMSG_04_09_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO() runs on ItsGeoNetworking {
19879
19880
19881
19882
19883
19884
19885
19886
19887
19888
19889
19890
19891
19892
19893
19894
19895
19896
19897
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_its_aid_Other,
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
* @desc Check that IUT accepts a GN Secured Message containing optional header field of type 'expiry_time'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'its_aid'
* and containing header_fields[2].type
* indicating 'generation_time'
* and containing header_fields[3].type
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_11_BO
testcase TC_SEC_ITSS_RCV_GENMSG_04_11_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO() runs on ItsGeoNetworking {
19992
19993
19994
19995
19996
19997
19998
19999
20000
20001
20002
20003
20004
20005
20006
20007
20008
20009
20010
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_expiry_time(
1000 * (3600 + f_getCurrentTime()) // In us
),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
* @desc Check that IUT accepts the Secured GN Message containing additional non-standard HeaderField
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* and containing header_fields[3].type
* indicating 'its_aid'
* and containing header_fields[4]
* containing type
* indicating non-standard header field type (1000)
* and containing other_header
* indicating non-empty data
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_12_BO
testcase TC_SEC_ITSS_RCV_GENMSG_04_12_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO() runs on ItsGeoNetworking {
20113
20114
20115
20116
20117
20118
20119
20120
20121
20122
20123
20124
20125
20126
20127
20128
20129
20130
20131
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_expiry_time(
1000 * (3600 + f_getCurrentTime()) // In us
),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other,
m_header_field_unspecify
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
20160
20161
20162
20163
20164
20165
20166
20167
20168
20169
20170
20171
20172
20173
20174
20175
20176
20177
20178
20179
20180
20181
20182
20183
20184
20185
20186
20187
20188
20189
20190
20191
20192
20193
20194
20195
20196
20197
20198
20199
20200
20201
20202
20203
20204
20205
20206
20207
20208
20209
20210
20211
20212
20213
20214
20215
20216
20217
20218
20219
20220
20221
20222
20223
20224
20225
20226
20227
20228
20229
20230
20231
20232
20233
20234
20235
20236
20237
20238
20239
20240
20241
20242
20243
20244
20245
20246
20247
20248
20249
20250
20251
20252
20253
20254
20255
20256
20257
20258
20259
20260
20261
20262
20263
20264
20265
20266
20267
20268
20269
20270
20271
20272
20273
20274
20275
20276
20277
20278
20279
20280
20281
20282
20283
20284
20285
20286
20287
20288
20289
20290
20291
20292
20293
20294
20295
20296
20297
20298
20299
20300
20301
20302
20303
20304
20305
20306
20307
20308
20309
20310
20311
20312
20313
20314
20315
20316
20317
20318
20319
20320
20321
20322
20323
20324
20325
20326
20327
20328
20329
20330
20331
20332
20333
20334
20335
20336
20337
20338
20339
20340
20341
20342
20343
20344
20345
20346
20347
20348
20349
20350
20351
20352
20353
20354
20355
20356
20357
20358
20359
20360
20361
20362
20363
20364
20365
20366
20367
20368
20369
20370
20371
20372
20373
20374
20375
20376
20377
20378
20379
20380
20381
20382
20383
20384
20385
20386
20387
20388
20389
20390
20391
20392
20393
20394
20395
20396
20397
20398
20399
20400
20401
20402
20403
20404
20405
20406
20407
20408
20409
20410
20411
20412
20413
20414
20415
20416
20417
20418
20419
20420
20421
20422
20423
20424
20425
20426
20427
20428
20429
20430
20431
20432
20433
20434
20435
20436
20437
20438
20439
20440
20441
20442
20443
20444
20445
20446
20447
20448
20449
20450
20451
20452
20453
20454
20455
20456
20457
20458
20459
20460
20461
20462
20463
20464
20465
20466
20467
20468
20469
20470
20471
20472
20473
20474
20475
20476
20477
20478
20479
20480
20481
20482
20483
20484
20485
20486
20487
20488
20489
20490
20491
20492
20493
20494
20495
20496
20497
20498
20499
20500
20501
20502
20503
20504
20505
20506
20507
20508
20509
20510
20511
20512
20513
20514
20515
20516
20517
20518
20519
20520
20521
20522
20523
20524
20525
20526
20527
20528
20529
20530
20531
20532
20533
20534
20535
20536
20537
20538
20539
20540
20541
20542
20543
20544
20545
20546
20547
20548
20549
20550
20551
20552
20553
20554
20555
20556
20557
20558
20559
20560
20561
20562
20563
20564
20565
20566
20567
20568
20569
20570
20571
20572
20573
20574
20575
20576
20577
20578
20579
20580
20581
20582
20583
20584
20585
20586
20587
20588
20589
20590
20591
20592
20593
20594
20595
20596
20597
20598
20599
20600
20601
20602
20603
20604
20605
20606
20607
20608
20609
20610
20611
20612
20613
20614
20615
20616
20617
20618
20619
20620
20621
20622
20623
20624
20625
20626
20627
20628
20629
20630
20631
20632
20633
20634
20635
20636
20637
20638
20639
20640
20641
20642
20643
20644
20645
20646
20647
20648
20649
20650
20651
20652
20653
20654
20655
20656
20657
20658
20659
20660
20661
20662
20663
20664
20665
20666
20667
20668
20669
20670
20671
20672
20673
20674
20675
20676
20677
20678
20679
20680
20681
20682
20683
20684
20685
20686
20687
20688
20689
20690
20691
20692
20693
20694
20695
20696
20697
20698
20699
20700
20701
20702
20703
20704
20705
20706
20707
20708
20709
20710
20711
20712
20713
20714
20715
20716
20717
20718
20719
20720
20721
20722
20723
20724
20725
20726
20727
20728
20729
20730
20731
20732
20733
20734
20735
20736
20737
20738
20739
20740
20741
20742
20743
20744
20745
20746
20747
20748
20749
20750
20751
20752
20753
20754
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_12_BO
/**
* @desc Check that IUT accepts the Secured GN Message containing additional non-standard HeaderField
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[0].type
* indicating 'signer_info'
* and containing header_fields[1].type
* indicating 'generation_time'
* and containing header_fields[2].type
* and containing header_fields[3].type
* indicating 'its_aid'
* and containing header_fields[4]
* containing type
* indicating 'encryption_parameters'
* and containing enc_params
* containing symm_algorithm
* indicating 'aes_128_ccm'
* and containing nonce
* and containing header_fields[4]
* containing type
* indicating 'recipient_info'
* and containing recipients
* containing recipients[0]
* containing cert_id
* referencing to CERT_IUT_A_AT
* and containing pk_encryption
* indicating 'ecies_nistp256'
* and containing enc_key
* and not containing other header fields
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_04_13_BO
* @reference ETSI TS 103 097 [1], clause 7.3
*/
testcase TC_SEC_ITSS_RCV_GENMSG_04_13_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_13_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_13_BO
group g_TC_SEC_ITSS_RCV_GENMSG_04_13_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_04_13_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var Certificate v_iutATCertificate;
var SubjectAttribute v_encryption_key;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
if (
(f_readCertificate(cc_iutCert_A, v_iutATCertificate) == false) or
(f_getCertificateSubjectAttribute(v_iutATCertificate, e_encryption_key, v_encryption_key) == false)
) {
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); // Set verdict to inconc
} else {
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_expiry_time(
1000 * (3600 + f_getCurrentTime()) // In us
),
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other,
m_header_field_enc_params( // containing header_fields[3].type.enc_params
m_encryptionParameters_aes_128_ccm( // indicating 'aes_128_ccm'
PX_ENCRYPTIONPARAMETERS_AES_128_CCM_NONCE // and containing nonce
)
),
m_header_field_multiple_recipients( // containing header_fields[4].type
{ // indicating 'encryption_parameters'
m_recipientInfo_ecies_enc_key(
v_iutATCertificate.signer_info.signerInfo.digest,
e_ecies_nistp256, // containing symm_algorithm
// indicating 'aes_128_ccm'
m_eciesEncryptedKey_aesccm(
v_encryption_key.attribute.rv,
'00000000000000000000000000000000'O, // FIXME Where to find these values
'00000000000000000000000000000000'O
)
)
}
)
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_13_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_13_BO
/**
* @desc Check that IUT discards a secured GN Beacon if the header_fields contains a signer of type 'self'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info']
* containing signer.type
* indicating 'self''
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_05_01_BO
* @reference ETSI TS 103 097 [1], clause 7.3
*/
testcase TC_SEC_ITSS_RCV_GENMSG_05_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_05_01_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_05_01_BO
group g_TC_SEC_ITSS_RCV_GENMSG_05_01_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_05_01_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_self
),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_self,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_05_01_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_05_01_BO
/**
* @desc Check that IUT discards a secured GN Beacon if the header_fields contains a signer of type 'certificate_digest_with_other_algorithm'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info']
* containing signer.type
* indicating 'certificate_digest_with_other_algorithm'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_05_02_BO
* @reference ETSI TS 103 097 [1], clause 7.3
*/
testcase TC_SEC_ITSS_RCV_GENMSG_05_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_05_02_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_05_02_BO
group g_TC_SEC_ITSS_RCV_GENMSG_05_02_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_05_02_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_other_certificates(
m_certificateWithAlgo_ecdsa(
PX_OTHER_CERT_DIGEST
))),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate_digest_with_other_algorithm,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_05_02_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_05_02_BO
/**
* @desc Check that IUT discards a secured GN Beacon if the header_fields contains a signer of type 'certificate_chain'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info']
* containing signer.type
* indicating 'certificate_chain'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_05_03_BO
* @reference ETSI TS 103 097 [1], clause 7.3
*/
testcase TC_SEC_ITSS_RCV_GENMSG_05_03_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_05_03_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_05_03_BO
group g_TC_SEC_ITSS_RCV_GENMSG_05_03_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_05_03_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_certificates(
{ vc_atCertificate }
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate_chain,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_05_03_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_05_03_BO
/**
* @desc Check that IUT discards a Secured Messageif the header_fields contains a signer info of unknown or reserved type
* @remark Values to be used as X_UNKNOWN_SIGNERINFO_TYPE are 5, 239, 240 and 255
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info']
* containing signer.type
* indicating X_UNKNOWN_SIGNERINFO_TYPE
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_05_04_BO
* @reference ETSI TS 103 097 [1], clause 7.3
*/
testcase TC_SEC_ITSS_RCV_GENMSG_05_04_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_05_04_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_05_04_BO
group g_TC_SEC_ITSS_RCV_GENMSG_05_04_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_05_04_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_signer_info(
m_signerInfo_unknown(
'CAFFEEDECA'O
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_unknown,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_05_04_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_05_04_BO
20755
20756
20757
20758
20759
20760
20761
20762
20763
20764
20765
20766
20767
20768
20769
20770
20771
/**
* @desc Check that IUT discards a secured GN Message containing generation_time before the message signing certificate validity period
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info'].type
* indicating 'signer_info'
* containing certificate (CERT_TS_MSG_06_01_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT
* and containing end_validity
* indicating END_VALIDITY_AT
* and containing header_fields ['generation_time']
* containing generation_time
* indicating GEN_TIME < TIME_CERT_TS_AT_START
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_06_01_BO
* @reference ETSI TS 103 097 [1], clauses 5.4 and 7.3
*/
testcase TC_SEC_ITSS_RCV_GENMSG_06_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
20798
20799
20800
20801
20802
20803
20804
20805
20806
20807
20808
20809
20810
20811
20812
20813
20814
20815
20816
20817
20818
20819
20820
20821
20822
20823
20824
20825
20826
20827
20828
20829
20830
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_06_01_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_06_01_BO
group g_TC_SEC_ITSS_RCV_GENMSG_06_01_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_06_01_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_validity);
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(
(v_validity.validity.time_start_and_end.start_validity - 3600) * 1000
20853
20854
20855
20856
20857
20858
20859
20860
20861
20862
20863
20864
20865
20866
20867
20868
20869
20870
20871
20872
20873
20874
20875
20876
20877
20878
20879
20880
20881
20882
20883
20884
20885
20886
20887
20888
20889
20890
), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_06_01_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_06_01_BO
/**
* @desc Check that IUT discards the secured GN Message containing generation_time after the message signing certificate validity period
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info'].type
* indicating 'signer_info'
* containing certificate (CERT_TS_MSG_06_02_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT
* and containing end_validity
* indicating END_VALIDITY_AT
* and containing header_fields ['generation_time']
* containing generation_time
* indicating GEN_TIME > TIME_CERT_TS_E_ATND
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_06_02_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_06_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
20918
20919
20920
20921
20922
20923
20924
20925
20926
20927
20928
20929
20930
20931
20932
20933
20934
20935
20936
20937
20938
20939
20940
20941
20942
20943
20944
20945
20946
20947
20948
20949
20950
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_06_02_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_06_02_BO
group g_TC_SEC_ITSS_RCV_GENMSG_06_02_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_06_02_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_validity);
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(
(v_validity.validity.time_start_and_end.end_validity + 3600) * 1000
20973
20974
20975
20976
20977
20978
20979
20980
20981
20982
20983
20984
20985
20986
20987
20988
20989
20990
20991
20992
20993
20994
20995
20996
20997
20998
), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_06_02_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_06_02_BO
/**
* @desc Check that IUT discards Secured GN Message if the generation_time is more than 10 minute in the past (C2C only)
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
21000
21001
21002
21003
21004
21005
21006
21007
21008
21009
21010
21011
21012
21013
21014
21015
21016
21017
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields ['generation_time']
* containing generation_time
* indicating TIME_1 (TIME_1 < CUR_TIME - 10min)
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_06_03_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_06_03_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
21030
21031
21032
21033
21034
21035
21036
21037
21038
21039
21040
21041
21042
21043
21044
21045
21046
21047
21048
21049
21050
21051
21052
21053
21054
21055
21056
21057
21058
21059
21060
21061
21062
21063
21064
21065
21066
21067
21068
21069
21070
21071
21072
21073
21074
21075
21076
21077
21078
21079
21080
21081
21082
21083
21084
21085
21086
21087
21088
21089
21090
21091
21092
21093
21094
21095
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_06_03_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_06_03_BO
group g_TC_SEC_ITSS_RCV_GENMSG_06_03_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_06_03_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_generation_time(
(1000 * f_getCurrentTime() - 600) * 1000
) // In us
},
e_certificate
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_06_03_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_06_03_BO
/**
* @desc Check that IUT discards Secured GN Message if the generation_time is more than 10 minute in the future(C2C only)
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
21097
21098
21099
21100
21101
21102
21103
21104
21105
21106
21107
21108
21109
21110
21111
21112
21113
21114
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields ['generation_time']
* containing generation_time
* indicating TIME_1 (TIME_1 > CUR_TIME + 10min)
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_06_04_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_06_04_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
21127
21128
21129
21130
21131
21132
21133
21134
21135
21136
21137
21138
21139
21140
21141
21142
21143
21144
21145
21146
21147
21148
21149
21150
21151
21152
21153
21154
21155
21156
21157
21158
21159
21160
21161
21162
21163
21164
21165
21166
21167
21168
21169
21170
21171
21172
21173
21174
21175
21176
21177
21178
21179
21180
21181
21182
21183
21184
21185
21186
21187
21188
21189
21190
21191
21192
21193
21194
21195
21196
21197
21198
21199
21200
21201
21202
21203
21204
21205
21206
21207
21208
21209
21210
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_06_04_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_06_04_BO
group g_TC_SEC_ITSS_RCV_GENMSG_06_04_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_06_04_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_generation_time(
(1000 * f_getCurrentTime() + 600) * 1000
) // In us
},
e_certificate
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_06_04_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_06_04_BO
/**
* @desc Check that IUT discards SecuredMessage when its_aid value is undefined
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['its_aid']
* indicating indicating 'AID_UNDEFINED'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_07_01_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_07_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
21223
21224
21225
21226
21227
21228
21229
21230
21231
21232
21233
21234
21235
21236
21237
21238
21239
21240
21241
21242
21243
21244
21245
21246
21247
21248
21249
21250
21251
21252
21253
21254
21255
21256
21257
21258
21259
21260
21261
21262
21263
21264
21265
21266
21267
21268
21269
21270
21271
21272
21273
21274
21275
21276
21277
21278
21279
21280
21281
21282
21283
21284
21285
21286
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_07_01_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_07_01_BO
group g_TC_SEC_ITSS_RCV_GENMSG_07_01_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_07_01_BO() runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_07_01_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_07_01_BO
/**
* @desc Check that IUT discards Secured GN Message if the HeaderField generation_location is outside of the circular validity region of the signing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRCand PICS_USE_CIRCULAR_REGION
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_B_AT
* and the IUT current location is inside the validity region of CERT_TS_B_AT
21294
21295
21296
21297
21298
21299
21300
21301
21302
21303
21304
21305
21306
21307
21308
21309
21310
21311
21312
21313
21314
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage ((MSG_SEC_RCV_GENMSG_B))
* containing header_fields[0].type
* indicating 'signer_info'
* containing certificate (CERT_TS_B_AT)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating REGION
* and containing header_fields ['generation_location']
* indicating location outside of the REGION
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_08_01_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_08_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
21327
21328
21329
21330
21331
21332
21333
21334
21335
21336
21337
21338
21339
21340
21341
21342
21343
21344
21345
21346
21347
21348
21349
21350
21351
21352
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO(cc_taCert_B));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_01_BO
/**
* @desc Check that IUT discards Secured GN Message if the HeaderField generation_location is outside of the rectangular validity region of the signing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_RECTANGULAR_REGION
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_C_AT
* and the IUT current location is inside the validity region of CERT_TS_C_AT
21360
21361
21362
21363
21364
21365
21366
21367
21368
21369
21370
21371
21372
21373
21374
21375
21376
21377
21378
21379
21380
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage ((MSG_SEC_RCV_GENMSG_C))
* containing header_fields[0].type
* indicating 'signer_info'
* containing certificate (CERT_TS_C_AT)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'rectangle'
* and containing rectanglar_region
* indicating REGION
* and containing header_fields ['generation_location']
* indicating location outside of the REGION
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_08_02_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_08_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
21393
21394
21395
21396
21397
21398
21399
21400
21401
21402
21403
21404
21405
21406
21407
21408
21409
21410
21411
21412
21413
21414
21415
21416
21417
21418
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO(cc_taCert_C));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_02_BO
/**
* @desc Check that IUT discards Secured GN Message if the HeaderField generation_location is outside of the rectangular validity region of the signing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_POLYGONAL_REGION
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_D_AT
* and the IUT current location is inside the validity region of CERT_TS_D_AT
21426
21427
21428
21429
21430
21431
21432
21433
21434
21435
21436
21437
21438
21439
21440
21441
21442
21443
21444
21445
21446
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage ((MSG_SEC_RCV_GENMSG_D))
* containing header_fields[0].type
* indicating 'signer_info'
* containing certificate (CERT_TS_D_AT)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating REGION
* and containing header_fields ['generation_location']
* indicating location outside of the REGION
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_08_03_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_08_03_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
21459
21460
21461
21462
21463
21464
21465
21466
21467
21468
21469
21470
21471
21472
21473
21474
21475
21476
21477
21478
21479
21480
21481
21482
21483
21484
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO(cc_taCert_D));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_03_BO
/**
* @desc Check that IUT discards Secured GN Message if the optional HeaderField generation_location is outside of the identified validity region of the signing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_IDENTIFIED_REGION
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_E_AT
* and the IUT current location is inside the validity region of CERT_TS_E_AT
21492
21493
21494
21495
21496
21497
21498
21499
21500
21501
21502
21503
21504
21505
21506
21507
21508
21509
21510
21511
21512
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage ((MSG_SEC_RCV_GENMSG_E))
* containing header_fields[0].type
* indicating 'signer_info'
* containing certificate (CERT_TS_E_AT)
* containing validity_restrictions ['region']
* containing region
* containing region_type
* indicating 'id_region'
* and containing identified_region
* indicating REGION
* and containing header_fields ['generation_location']
* indicating location outside of the REGION
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_08_04_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_08_04_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
21525
21526
21527
21528
21529
21530
21531
21532
21533
21534
21535
21536
21537
21538
21539
21540
21541
21542
21543
21544
21545
21546
21547
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO(cc_taCert_E));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_04_BO
/**
* @desc Check that IUT accepts a Secured DENM if the distance between the current position of IUT and the value of optional HeaderField generation_location is 29.9 km (C2C only)
* <pre>
21552
21553
21554
21555
21556
21557
21558
21559
21560
21561
21562
21563
21564
21565
21566
21567
21568
21569
21570
21571
21572
21573
21574
21575
21576
21577
21578
21579
21580
21581
21582
21583
21584
21585
21586
21587
21588
21589
21590
21591
21592
21593
21594
21595
21596
21597
21598
21599
21600
21601
21602
21603
21604
21605
21606
21607
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[generation_location].type
* indicating 'generation_location'
* and containing generation_location
* indicating position in 29.9 km from the current position of IUT
* } then {
* the IUT accepts the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_08_05_BV
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_GENMSG_08_05_BV() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_05_BV());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_05_BV
/**
* @desc Check that IUT discards Secured DENM if the distance between the current position of IUT and the value of optional HeaderField generation_location is more than 30 km
* <pre>
21609
21610
21611
21612
21613
21614
21615
21616
21617
21618
21619
21620
21621
21622
21623
21624
21625
21626
21627
21628
21629
21630
21631
21632
21633
21634
21635
21636
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields[generation_location].type
* indicating 'generation_location'
* and containing generation_location
* indicating position in 31 km from the current position of IUT
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_08_06_BO
* @reference ETSI TS 103 097 [1], clause 7.2
*/
testcase TC_SEC_ITSS_RCV_GENMSG_08_06_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
21639
21640
21641
21642
21643
21644
21645
21646
21647
21648
21649
21650
21651
21652
21653
21654
21655
21656
21657
21658
21659
21660
21661
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_06_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_06_BO
21664
21665
21666
21667
21668
21669
21670
21671
21672
21673
21674
21675
21676
21677
21678
21679
21680
21681
21682
21683
21684
21685
21686
21687
21688
21689
21690
21691
21692
21693
21694
21695
21696
21697
21698
21699
21700
21701
21702
21703
21704
21705
21706
21707
21708
21709
21710
21711
21712
21713
21714
21715
21716
21717
21718
21719
21720
21721
21722
21723
21724
21725
21726
21727
21728
21729
21730
21731
21732
21733
21734
21735
21736
21737
21738
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO(
in charstring p_taCert
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
p_taCert,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
PX_WGSLATITUDE,
PX_WGSLONGITUDE,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate_digest_with_sha256,
false
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_08_05_BV() runs on ItsGeoNetworking {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var Int32 v_latitude;
var Int32 v_longitude;
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
fx_computePositionUsingDistance(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
21740
21741
21742
21743
21744
21745
21746
21747
21748
21749
21750
21751
21752
21753
21754
21755
21756
21757
21758
21759
21760
21761
21762
21763
21764
21765
21766
21767
21768
0,
v_latitude,
v_longitude
);
v_securedGnPdu := f_prepareSecuredBeacon(
cc_taCert_A,
{
m_header_field_generation_location(
valueof(m_threeDLocation(
v_latitude,
v_longitude,
'0000'O
))
)
},
e_certificate_digest_with_sha256
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_08_05_BV
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_08_06_BO() runs on ItsGeoNetworking {
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
fx_computePositionUsingDistance(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
{
m_header_field_generation_location(
valueof(m_threeDLocation(
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_08_06_BO
21816
21817
21818
21819
21820
21821
21822
21823
21824
21825
21826
21827
21828
21829
21830
21831
21832
21833
21834
21835
21836
21837
21838
21839
21840
21841
21842
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO
/**
* @desc Check that IUT discards the Secured GN Message containing empty payload of type 'signed'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing payload_field
* containing type
* indicating 'signed'
* and containing data
* indicating length 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_09_02_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_09_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
21855
21856
21857
21858
21859
21860
21861
21862
21863
21864
21865
21866
21867
21868
21869
21870
21871
21872
21873
21874
21875
21876
21877
21878
21879
21880
21881
21882
21883
21884
21885
21886
21887
21888
21889
21890
21891
21892
21893
21894
21895
21896
21897
21898
21899
21900
21901
21902
21903
21904
21905
21906
21907
21908
21909
21910
21911
21912
21913
21914
21915
21916
21917
21918
21919
21920
21921
21922
21923
21924
21925
21926
21927
21928
21929
21930
21931
21932
21933
21934
21935
21936
21937
21938
21939
21940
21941
21942
21943
21944
21945
21946
21947
21948
21949
21950
21951
21952
21953
21954
21955
21956
21957
21958
21959
21960
21961
21962
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_02_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_02_BO
group g_TC_SEC_ITSS_RCV_GENMSG_09_02_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_09_02_BO() runs on ItsGeoNetworking {
// Local variables
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredOtherMessage(
v_securedMessage,
m_payload_signed(
''O
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_02_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_02_BO
/**
* @desc Check that IUT discards the Secured GN Message containing payload element of type 'unsecured'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing payload_field
* containing type
* indicating 'unsecured'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_09_03_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_09_03_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
21975
21976
21977
21978
21979
21980
21981
21982
21983
21984
21985
21986
21987
21988
21989
21990
21991
21992
21993
21994
21995
21996
21997
21998
21999
22000
22001
22002
22003
22004
22005
22006
22007
22008
22009
22010
22011
22012
22013
22014
22015
22016
22017
22018
22019
22020
22021
22022
22023
22024
22025
22026
22027
22028
22029
22030
22031
22032
22033
22034
22035
22036
22037
22038
22039
22040
22041
22042
22043
22044
22045
22046
22047
22048
22049
22050
22051
22052
22053
22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
22064
22065
22066
22067
22068
22069
22070
22071
22072
22073
22074
22075
22076
22077
22078
22079
22080
22081
22082
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_03_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_03_BO
group g_TC_SEC_ITSS_RCV_GENMSG_09_03_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_09_03_BO() runs on ItsGeoNetworking {
// Local variables
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredOtherMessage(
v_securedMessage,
m_payload_unsecured(
v_gnPayload
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_03_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_03_BO
/**
* @desc Check that IUT discards the Secured GN Message containing payload element of type 'encrypted'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing payload_field
* containing type
* indicating 'encrypted'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_09_04_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_09_04_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22095
22096
22097
22098
22099
22100
22101
22102
22103
22104
22105
22106
22107
22108
22109
22110
22111
22112
22113
22114
22115
22116
22117
22118
22119
22120
22121
22122
22123
22124
22125
22126
22127
22128
22129
22130
22131
22132
22133
22134
22135
22136
22137
22138
22139
22140
22141
22142
22143
22144
22145
22146
22147
22148
22149
22150
22151
22152
22153
22154
22155
22156
22157
22158
22159
22160
22161
22162
22163
22164
22165
22166
22167
22168
22169
22170
22171
22172
22173
22174
22175
22176
22177
22178
22179
22180
22181
22182
22183
22184
22185
22186
22187
22188
22189
22190
22191
22192
22193
22194
22195
22196
22197
22198
22199
22200
22201
22202
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_04_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_04_BO
group g_TC_SEC_ITSS_RCV_GENMSG_09_04_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_09_04_BO() runs on ItsGeoNetworking {
// Local variables
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredOtherMessage(
v_securedMessage,
m_payload_encrypted(
v_gnPayload
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_04_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_04_BO
/**
* @desc Check that IUT accepts a well-formed Secured GN Message containing payload of type signed_external
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing payload_field
* containing type
* indicating 'signed_external'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_09_05_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_09_05_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22215
22216
22217
22218
22219
22220
22221
22222
22223
22224
22225
22226
22227
22228
22229
22230
22231
22232
22233
22234
22235
22236
22237
22238
22239
22240
22241
22242
22243
22244
22245
22246
22247
22248
22249
22250
22251
22252
22253
22254
22255
22256
22257
22258
22259
22260
22261
22262
22263
22264
22265
22266
22267
22268
22269
22270
22271
22272
22273
22274
22275
22276
22277
22278
22279
22280
22281
22282
22283
22284
22285
22286
22287
22288
22289
22290
22291
22292
22293
22294
22295
22296
22297
22298
22299
22300
22301
22302
22303
22304
22305
22306
22307
22308
22309
22310
22311
22312
22313
22314
22315
22316
22317
22318
22319
22320
22321
22322
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_05_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_05_BO
group g_TC_SEC_ITSS_RCV_GENMSG_09_05_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_09_05_BO() runs on ItsGeoNetworking {
// Local variables
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredOtherMessage(
v_securedMessage,
m_payload_signed_external(
v_gnPayload
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_05_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_05_BO
/**
* @desc Check that IUT accepts a well-formed Secured GN Message containing payload of type signed_and_encrypted
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing payload_field
* containing type
* indicating 'signed_and_encrypted'
* and containing data
* indicating length > 0
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_09_06_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_09_06_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22335
22336
22337
22338
22339
22340
22341
22342
22343
22344
22345
22346
22347
22348
22349
22350
22351
22352
22353
22354
22355
22356
22357
22358
22359
22360
22361
22362
22363
22364
22365
22366
22367
22368
22369
22370
22371
22372
22373
22374
22375
22376
22377
22378
22379
22380
22381
22382
22383
22384
22385
22386
22387
22388
22389
22390
22391
22392
22393
22394
22395
22396
22397
22398
22399
22400
22401
22402
22403
22404
22405
22406
22407
22408
22409
22410
22411
22412
22413
22414
22415
22416
22417
22418
22419
22420
22421
22422
22423
22424
22425
22426
22427
22428
22429
22430
22431
22432
22433
22434
22435
22436
22437
22438
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_06_BO());
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_06_BO
group g_TC_SEC_ITSS_RCV_GENMSG_09_06_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_09_06_BO() runs on ItsGeoNetworking {
// Local variables
var GnNonSecuredPacket v_gnNonSecuredPacket;
var octetstring v_gnPayload;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
var template (value) SecuredMessage v_securedMessage;
var GeoNetworkingPdu v_securedGnPdu;
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_gnNonSecuredPacket := valueof(
m_geoNwBroadcastPacket(
v_longPosVectorNodeB,
vc_localSeqNumber,
f_getGeoBroadcastArea(
c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1)
)));
// Encode it
v_gnPayload := bit2oct(
encvalue(
v_gnNonSecuredPacket
)
);
f_buildGnSecuredOtherMessage(
v_securedMessage,
m_payload_signed_and_encrypted(
v_gnPayload
),
e_certificate_digest_with_sha256,
valueof(m_threeDLocation(
v_longPosVectorNodeB.latitude,
v_longPosVectorNodeB.longitude,
'0000'O
))
);
v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage));
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_06_BO
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_06_BO
/**
* @desc Check that IUT discards the Secured GN Message if the message does not contain the trailer field of type 'signature'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing trailer_fields
* not containing trailer_fields['signature']
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_10_01_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_10_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22451
22452
22453
22454
22455
22456
22457
22458
22459
22460
22461
22462
22463
22464
22465
22466
22467
22468
22469
22470
22471
22472
22473
22474
22475
22476
22477
22478
22479
22480
22481
22482
22483
22484
22485
22486
22487
22488
22489
22490
22491
22492
22493
22494
22495
22496
22497
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO_nodeB(0));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_10_01_BO
/**
* @desc Check that IUT discards the Secured GN Message containing more than one instance of TrailerField of type 'signature'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing trailer_fields[0]
* containing type
* indicating 'signature'
* and containing trailer_fields[1]
* containing type
* indicating 'signature'
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_10_02_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_10_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22510
22511
22512
22513
22514
22515
22516
22517
22518
22519
22520
22521
22522
22523
22524
22525
22526
22527
22528
22529
22530
22531
22532
22533
22534
22535
22536
22537
22538
22539
22540
22541
22542
22543
22544
22545
22546
22547
22548
22549
22550
22551
22552
22553
22554
22555
22556
22557
22558
22559
22560
22561
22562
22563
22564
22565
22566
22567
22568
22569
22570
22571
22572
22573
22574
22575
22576
22577
22578
22579
22580
22581
22582
22583
22584
22585
22586
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO_nodeB(2));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_10_02_BO
group g_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO_nodeB(
in integer p_trailerStatus
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
// Preamble
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredBeacon_Bo(cc_taCert_A, -, p_trailerStatus);
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of function f_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO_nodeB
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_10_0x_BV
/**
* @desc Check that the IUT discards Secured GN Message containing signature that is not verified using the verification key from the certificate contained in the message's signer info
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields ['signer_info']
* containing certificate
* containing subject_attributes['verification key']
* containing key (KEY)
* and containing trailer_fields[0]
* containing type
* indicating 'signature'
* and containing signature
* NOT verifiable using KEY
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_11_01_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_11_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_11_01_BO
22622
22623
22624
22625
22626
22627
22628
22629
22630
22631
22632
22633
22634
22635
22636
22637
22638
22639
22640
22641
22642
22643
22644
22645
22646
22647
/**
* @desc Check that IUT discards the Secured Message if the message contains trailer field of type 'signature' with reserved public key algorythms
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing trailer_fields
* containing an instance of type TrailerField
* containing type
* indicating 'signature'
* and containing signature
* indicating X_RESERVED_PK_ALGORYTHM
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_11_02_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_11_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22659
22660
22661
22662
22663
22664
22665
22666
22667
22668
22669
22670
22671
22672
22673
22674
22675
22676
22677
22678
22679
22680
22681
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_11_0x_BO_nodeB(3));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_11_02_BO
group g_TC_SEC_ITSS_RCV_GENMSG_11_0x_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_11_0x_BO_nodeB(
in integer p_trailerStatus
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
// Preamble
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredBeacon_Bo(
cc_taCert_A,
-,
22702
22703
22704
22705
22706
22707
22708
22709
22710
22711
22712
22713
22714
22715
22716
22717
22718
22719
22720
22721
22722
22723
22724
22725
22726
22727
22728
22729
22730
22731
22732
22733
22734
22735
22736
22737
22738
-,
e_certificate
);
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of function f_TC_SEC_ITSS_RCV_GENMSG_11_0x_BO_nodeB
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_11_0x_BV
/**
* @desc Check that IUT discards a Secured GN Message if the signer certificate of the message contains the subject type 'enrolment_credential'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate (CERT_TS_EC_A)
* containing subject_info.subject_type
* indicating 'enrolment_credentials'
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_12_01_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_12_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22751
22752
22753
22754
22755
22756
22757
22758
22759
22760
22761
22762
22763
22764
22765
22766
22767
22768
22769
22770
22771
22772
22773
22774
22775
22776
22777
22778
22779
22780
22781
22782
22783
22784
22785
22786
22787
22788
22789
22790
22791
22792
22793
22794
22795
22796
22797
22798
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB(cc_taCert_EC));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_12_01_BO
/**
* @desc Check that IUT discards a Secured GN Message if the signer certificate of the message contains the subject type 'authorization_authority'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate (CERT_TS_A_AA)
* containing subject_info.subject_type
* indicating 'enrolment_credentials'
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_12_02_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_12_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22811
22812
22813
22814
22815
22816
22817
22818
22819
22820
22821
22822
22823
22824
22825
22826
22827
22828
22829
22830
22831
22832
22833
22834
22835
22836
22837
22838
22839
22840
22841
22842
22843
22844
22845
22846
22847
22848
22849
22850
22851
22852
22853
22854
22855
22856
22857
22858
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB(cc_taCert_AA));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_12_02_BO
/**
* @desc Check that IUT discards a Secured GN Message if the signer certificate of the message contains the subject type 'enrolment_authority'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate (CERT_TS_A_EA)
* containing subject_info.subject_type
* indicating 'enrolment_credentials'
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_12_03_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_12_03_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22871
22872
22873
22874
22875
22876
22877
22878
22879
22880
22881
22882
22883
22884
22885
22886
22887
22888
22889
22890
22891
22892
22893
22894
22895
22896
22897
22898
22899
22900
22901
22902
22903
22904
22905
22906
22907
22908
22909
22910
22911
22912
22913
22914
22915
22916
22917
22918
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB(cc_taCert_EA));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_12_03_BO
/**
* @desc Check that IUT discards a Secured GN Message if the signer certificate of the message contains the subject type 'root_ca'
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info']
* containing signer
* containing type
* indicating 'certificate'
* containing certificate (CERT_TS_A_CA)
* containing subject_info.subject_type
* indicating 'enrolment_credentials'
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_12_04_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_12_04_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
22931
22932
22933
22934
22935
22936
22937
22938
22939
22940
22941
22942
22943
22944
22945
22946
22947
22948
22949
22950
22951
22952
22953
22954
22955
22956
22957
22958
22959
22960
22961
22962
22963
22964
22965
22966
22967
22968
22969
22970
22971
22972
22973
22974
22975
22976
22977
22978
22979
22980
22981
22982
22983
22984
22985
22986
22987
22988
22989
22990
22991
22992
22993
22994
22995
22996
22997
22998
22999
23000
23001
23002
23003
23004
23005
23006
23007
23008
23009
23010
23011
23012
23013
23014
23015
23016
23017
23018
23019
23020
23021
23022
23023
23024
23025
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB(cc_taCert_CA));
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_12_04_BO
group g_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB(
in charstring p_taCert
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingPdu v_securedGnPdu;
var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB
// Preamble
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredBeacon(
p_taCert,
{
m_header_field_signer_info(
m_signerInfo_digest(
vc_atCertificate.signer_info.signerInfo.digest
)),
m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
m_header_field_generation_location(
valueof(m_threeDLocation(
PX_WGSLATITUDE,
PX_WGSLONGITUDE,
'0000'O
))
),
m_header_field_its_aid_Other
},
e_certificate,
true
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of function f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_12_0x_BV
/**
* @desc Check that IUT discards secured message signed with the not yet valid certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_01_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT > CURRENT_TIME
* and containing end_validity
* indicating END_VALIDITY_AT > START_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_13_01_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_13_01_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1301_BO));
23051
23052
23053
23054
23055
23056
23057
23058
23059
23060
23061
23062
23063
23064
23065
23066
23067
23068
23069
23070
23071
23072
23073
23074
23075
23076
23077
23078
23079
23080
23081
23082
23083
23084
23085
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_01_BO
/**
* @desc Check that IUT discards secured message signed with the expired certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_02_BO_AT)
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AT < CURRENT_TIME
* and containing end_validity
* indicating END_VALIDITY_AT < START_VALIDITY_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_13_02_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_13_02_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1302_BO));
23111
23112
23113
23114
23115
23116
23117
23118
23119
23120
23121
23122
23123
23124
23125
23126
23127
23128
23129
23130
23131
23132
23133
23134
23135
23136
23137
23138
23139
23140
23141
23142
23143
23144
23145
23146
23147
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_02_BO
/**
* @desc Check that IUT discards secured message when IUT location is outside the circular validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_03_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_13_03_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_13_03_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1303_BO));
23173
23174
23175
23176
23177
23178
23179
23180
23181
23182
23183
23184
23185
23186
23187
23188
23189
23190
23191
23192
23193
23194
23195
23196
23197
23198
23199
23200
23201
23202
23203
23204
23205
23206
23207
23208
23209
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_03_BO
/**
* @desc Check that IUT discards secured message when IUT location is outside the rectangular validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_04_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_13_04_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_13_04_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1304_BO));
23235
23236
23237
23238
23239
23240
23241
23242
23243
23244
23245
23246
23247
23248
23249
23250
23251
23252
23253
23254
23255
23256
23257
23258
23259
23260
23261
23262
23263
23264
23265
23266
23267
23268
23269
23270
23271
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_04_BO
/**
* @desc Check that IUT discards secured message when IUT location is outside the polygonal validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_05_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'rectangle'
* and containing rectanglar_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_13_05_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_13_05_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1305_BO));
23297
23298
23299
23300
23301
23302
23303
23304
23305
23306
23307
23308
23309
23310
23311
23312
23313
23314
23315
23316
23317
23318
23319
23320
23321
23322
23323
23324
23325
23326
23327
23328
23329
23330
23331
23332
23333
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_05_BO
/**
* @desc Check that IUT discards secured message when IUT location is outside the identified validity restriction of the signing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
* Config Id: CF01
* Expected behavior:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
* containing header_fields['signer_info'].signer
* containing certificate (CERT_TS_MSG_13_06_BO_AT)
* containing validity_restrictions['region']
* containing region
* containing region_type
* indicating 'id'
* and containing id_region
* indicating REGION
* not containing the CURRENT_IUT_LOCATION
* } then {
* the IUT discards the message
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_GENMSG_13_06_BO
*/
testcase TC_SEC_ITSS_RCV_GENMSG_13_06_BO() runs on ItsMtc system ItsSecSystem {
// Local variables
var ItsGeoNetworking v_nodeB;
var ItsGeoNetworking v_nodeD;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) {
log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cf02Up();
// Preamble
// Start components
v_nodeB := f_getComponent(c_compNodeB);
v_nodeD := f_getComponent(c_compNodeD);
v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1306_BO));
23359
23360
23361
23362
23363
23364
23365
23366
23367
23368
23369
23370
23371
23372
23373
23374
23375
23376
23377
23378
23379
23380
23381
v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone});
// Cleanup
f_cf02Down();
} // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_06_BO
group g_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO {
/**
* @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01)
*/
function f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(
in charstring p_taCert
) runs on ItsGeoNetworking {
// Local variables
f_cf01Up();
// Preamble
23386
23387
23388
23389
23390
23391
23392
23393
23394
23395
23396
23397
23398
23399
23400
23401
23402
23403
23404
23405
23406
23407
23408
23409
23410
23411
23412
23413
23414
23415
23416
23417
23418
23419
23420
23421
f_sendSecuredBeacon(p_taCert, omit, e_certificate);
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_selfOrClientSyncAndVerdict(c_poDone, e_success);
} // End of function f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB
} // End of group g_TC_SEC_ITSS_RCV_GENMSG_13_0x_BV
} // End of group recvOtherProfile
/**
* @desc Receiving behaviour test cases for certificates profile
* @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3.5 Profiles for certificates
*/
group recvCertificatesProfile {
/**
* @desc Check that IUT discards the AT certificate with version 3
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_01_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_01_01_BO_AT)
* containing version
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_01_01_BO
23431
23432
23433
23434
23435
23436
23437
23438
23439
23440
23441
23442
23443
23444
23445
23446
23447
23448
23449
23450
23451
23452
23453
23454
23455
23456
23457
23458
23459
*/
testcase TC_SEC_ITSS_RCV_CERT_01_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0101_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
23461
23462
23463
23464
23465
23466
23467
23468
23469
23470
23471
23472
23473
23474
23475
23476
23477
23478
23479
23480
23481
23482
23483
23484
23485
23486
23487
23488
23489
23490
23491
23492
23493
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_01_01_BO
/**
* @desc Check that IUT discards the AT certificate with version 1
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_01_02_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_01_02_BO_AT)
* containing version
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_01_02_BO
23503
23504
23505
23506
23507
23508
23509
23510
23511
23512
23513
23514
23515
23516
23517
23518
23519
23520
23521
23522
23523
23524
23525
23526
23527
23528
23529
23530
23531
*/
testcase TC_SEC_ITSS_RCV_CERT_01_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0102_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
23533
23534
23535
23536
23537
23538
23539
23540
23541
23542
23543
23544
23545
23546
23547
23548
23549
23550
23551
23552
23553
23554
23555
23556
23557
23558
23559
23560
23561
23562
23563
23564
23565
23566
23567
23568
23569
23570
23571
23572
23573
23574
23575
23576
23577
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_01_02_BO
/**
* @desc Check that IUT discards the AA certificate with version 3
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_01_03_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificate[0] (CERT_TS_01_03_BO_AA)
* containing version
* indicating '3'
* and containing certificate[1] (CERT_TS_01_03_BO_AT)
* containing signer_info.type
* indicating 'certificate_digest_with_sha256'
* and containing signer_info.digest
* referencing to CERT_TS_01_03_BO_AA
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_01_03_BO
23580
23581
23582
23583
23584
23585
23586
23587
23588
23589
23590
23591
23592
23593
23594
23595
23596
23597
23598
23599
23600
23601
23602
23603
23604
23605
23606
23607
23608
*/
testcase TC_SEC_ITSS_RCV_CERT_01_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0103_BO, -, e_certificate_chain);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
23610
23611
23612
23613
23614
23615
23616
23617
23618
23619
23620
23621
23622
23623
23624
23625
23626
23627
23628
23629
23630
23631
23632
23633
23634
23635
23636
23637
23638
23639
23640
23641
23642
23643
23644
23645
23646
23647
23648
23649
23650
23651
23652
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_01_03_BO
/**
* @desc Check that IUT discards the AA certificate with version 1
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_01_04_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificate[0] (CERT_TS_01_04_BO_AA)
* containing version
* indicating '1'
* and containing certificate[1] (CERT_TS_01_04_BO_AT)
* and containing signer_info.digest
* referencing to CERT_TS_01_04_BO_AA
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_01_04_BO
23655
23656
23657
23658
23659
23660
23661
23662
23663
23664
23665
23666
23667
23668
23669
23670
23671
23672
23673
23674
23675
*/
testcase TC_SEC_ITSS_RCV_CERT_01_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
if (PICS_DEBUG_ADDON) {
f_sendCertificateAndWaitForCertificateChainRequest(cc_taCert_F, f_generateDefaultCam());
}
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0104_BO, -, e_certificate_chain);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
23688
23689
23690
23691
23692
23693
23694
23695
23696
23697
23698
23699
23700
23701
23702
23703
23704
23705
23706
23707
23708
23709
23710
23711
23712
23713
23714
23715
23716
23717
23718
23719
23720
23721
23722
23723
23724
23725
23726
23727
23728
23729
23730
23731
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_01_04_BO
/**
* @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_credential'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_02_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_02_01_BO_AT)
* containing signer_info.type
* indicating 'certificate_digest_with_sha256'
* and containing signer_info.digest
* referencing to certificate (CERT_TS_A_EC)
* containing subject_info.subject_type
* indicating 'enrolment_credential'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_02_01_BO
23734
23735
23736
23737
23738
23739
23740
23741
23742
23743
23744
23745
23746
23747
23748
23749
23750
23751
23752
23753
23754
23755
23756
23757
23758
23759
23760
23761
23762
*/
testcase TC_SEC_ITSS_RCV_CERT_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0201_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
23764
23765
23766
23767
23768
23769
23770
23771
23772
23773
23774
23775
23776
23777
23778
23779
23780
23781
23782
23783
23784
23785
23786
23787
23788
23789
23790
23791
23792
23793
23794
23795
23796
23797
23798
23799
23800
23801
23802
23803
23804
23805
23806
23807
23808
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_02_01_BO
/**
* @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_credential'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_02_02_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates[0] (CERT_TS_02_02_BO_AA)
* containing signer_info.digest
* referencing to certificate CERT_TS_A_EC
* containing subject_info.subject_type
* indicating 'enrolment_credential'
* and containing certificates[1] (CERT_TS_02_02_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_02_02_BO_AA
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_02_02_BO
23811
23812
23813
23814
23815
23816
23817
23818
23819
23820
23821
23822
23823
23824
23825
23826
23827
23828
23829
23830
23831
23832
23833
23834
23835
23836
23837
23838
23839
*/
testcase TC_SEC_ITSS_RCV_CERT_02_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0202_BO, omit, e_certificate_chain);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
23841
23842
23843
23844
23845
23846
23847
23848
23849
23850
23851
23852
23853
23854
23855
23856
23857
23858
23859
23860
23861
23862
23863
23864
23865
23866
23867
23868
23869
23870
23871
23872
23873
23874
23875
23876
23877
23878
23879
23880
23881
23882
23883
23884
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_02_02_BO
/**
* @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_authority'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_02_03_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_02_03_BO_AT)
* containing signer_info.type
* indicating 'certificate_digest_with_sha256'
* and containing signer_info.digest
* referencing to certificate (CERT_TS_A_EA)
* containing subject_info.subject_type
* indicating 'enrolment_authority'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_02_03_BO
23887
23888
23889
23890
23891
23892
23893
23894
23895
23896
23897
23898
23899
23900
23901
23902
23903
23904
23905
23906
23907
23908
23909
23910
23911
23912
23913
23914
23915
*/
testcase TC_SEC_ITSS_RCV_CERT_02_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0203_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
23917
23918
23919
23920
23921
23922
23923
23924
23925
23926
23927
23928
23929
23930
23931
23932
23933
23934
23935
23936
23937
23938
23939
23940
23941
23942
23943
23944
23945
23946
23947
23948
23949
23950
23951
23952
23953
23954
23955
23956
23957
23958
23959
23960
23961
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_02_03_BO
/**
* @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_authority'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_02_04_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates[0] (CERT_TS_02_04_BO_AA)
* containing signer_info.digest
* referencing to certificate CERT_TS_A_EA
* containing subject_info.subject_type
* indicating 'enrolment_authority'
* and containing certificates[1] (CERT_TS_02_04_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_02_04_BO_AA
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_02_04_BO
23964
23965
23966
23967
23968
23969
23970
23971
23972
23973
23974
23975
23976
23977
23978
23979
23980
23981
23982
23983
23984
23985
23986
23987
23988
23989
23990
23991
23992
*/
testcase TC_SEC_ITSS_RCV_CERT_02_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0204_BO, omit, e_certificate_chain);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
23994
23995
23996
23997
23998
23999
24000
24001
24002
24003
24004
24005
24006
24007
24008
24009
24010
24011
24012
24013
24014
24015
24016
24017
24018
24019
24020
24021
24022
24023
24024
24025
24026
24027
24028
24029
24030
24031
24032
24033
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_02_04_BO
/**
* @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'authorization_ticket'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_03_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['signer_info'].signer
* containing certificate (CERT_TS_03_01_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_03_BO_CA
* containing subject_info.subject_type
* indicating 'authorization_ticket'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_03_01_BO
24036
24037
24038
24039
24040
24041
24042
24043
24044
24045
24046
24047
24048
24049
24050
24051
24052
24053
24054
24055
24056
24057
24058
24059
24060
24061
24062
24063
24064
*/
testcase TC_SEC_ITSS_RCV_CERT_03_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0301_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24066
24067
24068
24069
24070
24071
24072
24073
24074
24075
24076
24077
24078
24079
24080
24081
24082
24083
24084
24085
24086
24087
24088
24089
24090
24091
24092
24093
24094
24095
24096
24097
24098
24099
24100
24101
24102
24103
24104
24105
24106
24107
24108
24109
24110
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_03_01_BO
/**
* @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'authorization_ticket'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_03_02_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates[0] (CERT_TS_03_02_BO_AA)
* containing signer_info.digest
* referencing to CERT_TS_03_BO_CA
* containing subject_info.subject_type
* indicating 'authorization_ticket'
* and containing certificates[1] (CERT_TS_03_02_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_03_02_BO_AA
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_03_02_BO
24113
24114
24115
24116
24117
24118
24119
24120
24121
24122
24123
24124
24125
24126
24127
24128
24129
24130
24131
24132
24133
24134
24135
24136
24137
24138
24139
24140
24141
*/
testcase TC_SEC_ITSS_RCV_CERT_03_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0302_BO, omit, e_certificate_chain);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24143
24144
24145
24146
24147
24148
24149
24150
24151
24152
24153
24154
24155
24156
24157
24158
24159
24160
24161
24162
24163
24164
24165
24166
24167
24168
24169
24170
24171
24172
24173
24174
24175
24176
24177
24178
24179
24180
24181
24182
24183
24184
24185
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_03_02_BO
/**
* @desc Check that IUT discards a SecuredMessage if the issuer certificate of the AA certificate contains the subject type 'authorization_authority'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_04_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates[0] (CERT_TS_04_01_BO_AA)
* containing signer_info.digest
* referencing to CERT_TS_A_AA
* and containing certificates[1] (CERT_TS_04_01_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_04_01_BO_AA
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_04_01_BO
24188
24189
24190
24191
24192
24193
24194
24195
24196
24197
24198
24199
24200
24201
24202
24203
24204
24205
24206
24207
24208
24209
24210
24211
24212
24213
24214
24215
24216
*/
testcase TC_SEC_ITSS_RCV_CERT_04_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0401_BO, omit, e_certificate_chain);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24218
24219
24220
24221
24222
24223
24224
24225
24226
24227
24228
24229
24230
24231
24232
24233
24234
24235
24236
24237
24238
24239
24240
24241
24242
24243
24244
24245
24246
24247
24248
24249
24250
24251
24252
24253
24254
24255
24256
24257
24258
24259
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_04_01_BO
/**
* @desc Check that IUT discards the message when signing AT certificate has an invalid signature
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['signer_info'].signer
* containing type
* indicating 'certificate'
* and containing certificates (CERT_TS_A_AT)
* containing signer_info.digest
* referencing to CERT_TS_A_AA
* and containing signature
* NOT verifiable with CERT_TS_A_AA.subject_attributes['verification_key'].key
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_05_01_BO
* @reference ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
24262
24263
24264
24265
24266
24267
24268
24269
24270
24271
24272
24273
24274
24275
24276
24277
24278
24279
24280
24281
24282
24283
24284
24285
24286
24287
24288
24289
24290
24291
24292
24293
24294
24295
24296
24297
24298
24299
*/
testcase TC_SEC_ITSS_RCV_CERT_05_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam_Bo(
cc_taCert_A,
-,
1,
-,
e_certificate,
true,
true
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24301
24302
24303
24304
24305
24306
24307
24308
24309
24310
24311
24312
24313
24314
24315
24316
24317
24318
24319
24320
24321
24322
24323
24324
24325
24326
24327
24328
24329
24330
24331
24332
24333
24334
24335
24336
24337
24338
24339
24340
24341
24342
24343
24344
24345
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_05_01_BO
/**
* @desc Check that IUT discards the message when the issuing AA certificate of the signing AT certificate has an invalid signature
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_A_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['signer_info'].signer
* containing type
* indicating 'certificate_chain'
* and containing certificates[0] (CERT_TS_A_AT)
* containing signer_info.digest
* referencing to CERT_ROOT
* and containing signature
* NOT verifiable with CERT_ROOT.subject_attributes['verification_key'].key
* and containing certificates[1] (CERT_TS_A_AT)
* containing signer_info.digest
* referencing to a CERT_TS_A_AA
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_05_02_BO
* @reference ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
24348
24349
24350
24351
24352
24353
24354
24355
24356
24357
24358
24359
24360
24361
24362
24363
24364
24365
24366
24367
24368
24369
24370
24371
24372
24373
24374
24375
24376
24377
24378
24379
24380
24381
24382
24383
24384
24385
24386
*/
testcase TC_SEC_ITSS_RCV_CERT_05_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_prepareSecuredCam_Bo(
cc_taCert_A,
-,
1,
-,
e_certificate_chain,
true,
false,
true
);
f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24388
24389
24390
24391
24392
24393
24394
24395
24396
24397
24398
24399
24400
24401
24402
24403
24404
24405
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_05_02_BO
/**
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the same circular region validity restriction as its issuing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
24407
24408
24409
24410
24411
24412
24413
24414
24415
24416
24417
24418
24419
24420
24421
24422
24423
24424
24425
24426
24427
24428
24429
24430
24431
24432
24433
24434
24435
24436
24437
24438
24439
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_06_01_BV_AT
* and the IUT current location is inside the CURCULAR_REGION_AA
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_06_01_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating CURCULAR_REGION_AA
* and containing signer_info.digest
* referencing to a CERT_TS_B_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating CURCULAR_REGION_AA
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_06_01_BV
*/
testcase TC_SEC_ITSS_RCV_CERT_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
24453
24454
24455
24456
24457
24458
24459
24460
24461
24462
24463
24464
24465
24466
24467
24468
24469
24470
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0601_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24472
24473
24474
24475
24476
24477
24478
24479
24480
24481
24482
24483
24484
24485
24486
24487
24488
24489
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_06_01_BV
/**
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
24491
24492
24493
24494
24495
24496
24497
24498
24499
24500
24501
24502
24503
24504
24505
24506
24507
24508
24509
24510
24511
24512
24513
24514
24515
24516
24517
24518
24519
24520
24521
24522
24523
24524
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_06_02_BV_AT
* and the IUT current location is inside the CURCULAR_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_06_02_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating CURCULAR_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_B_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating CURCULAR_REGION_AA
* fully covering CURCULAR_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_06_02_BV
*/
testcase TC_SEC_ITSS_RCV_CERT_06_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
24538
24539
24540
24541
24542
24543
24544
24545
24546
24547
24548
24549
24550
24551
24552
24553
24554
24555
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0602_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24557
24558
24559
24560
24561
24562
24563
24564
24565
24566
24567
24568
24569
24570
24571
24572
24573
24574
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_06_02_BV
/**
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
24576
24577
24578
24579
24580
24581
24582
24583
24584
24585
24586
24587
24588
24589
24590
24591
24592
24593
24594
24595
24596
24597
24598
24599
24600
24601
24602
24603
24604
24605
24606
24607
24608
24609
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_06_03_BV_AT
* and the IUT current location is inside the CURCULAR_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_06_03_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating CURCULAR_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_C_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region[0]
* indicating RECT_REGION_AA
* fully covering CURCULAR_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_06_03_BV
*/
testcase TC_SEC_ITSS_RCV_CERT_06_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
24623
24624
24625
24626
24627
24628
24629
24630
24631
24632
24633
24634
24635
24636
24637
24638
24639
24640
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0603_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24642
24643
24644
24645
24646
24647
24648
24649
24650
24651
24652
24653
24654
24655
24656
24657
24658
24659
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_06_03_BV
/**
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
24661
24662
24663
24664
24665
24666
24667
24668
24669
24670
24671
24672
24673
24674
24675
24676
24677
24678
24679
24680
24681
24682
24683
24684
24685
24686
24687
24688
24689
24690
24691
24692
24693
24694
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_06_04_BV_AT
* and the IUT current location is inside the CURCULAR_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_06_04_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating CURCULAR_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_D_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating POLYGON_REGION_AA
* fully covering CURCULAR_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_06_04_BV
*/
testcase TC_SEC_ITSS_RCV_CERT_06_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
24708
24709
24710
24711
24712
24713
24714
24715
24716
24717
24718
24719
24720
24721
24722
24723
24724
24725
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0604_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24727
24728
24729
24730
24731
24732
24733
24734
24735
24736
24737
24738
24739
24740
24741
24742
24743
24744
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_06_04_BV
/**
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
24746
24747
24748
24749
24750
24751
24752
24753
24754
24755
24756
24757
24758
24759
24760
24761
24762
24763
24764
24765
24766
24767
24768
24769
24770
24771
24772
24773
24774
24775
24776
24777
24778
24779
24780
24781
24782
24783
24784
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_06_05_BV_AT
* and the IUT current location is inside the CURCULAR_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_06_05_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating CURCULAR_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_E_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing local_region
* indicating 0
* and containing region_identifier
* indicating ID_REGION_AT
* fully covering CURCULAR_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_06_05_BV
*/
testcase TC_SEC_ITSS_RCV_CERT_06_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
24798
24799
24800
24801
24802
24803
24804
24805
24806
24807
24808
24809
24810
24811
24812
24813
24814
24815
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0605_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_06_05_BV
* @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the circular region validity restriction
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
24838
24839
24840
24841
24842
24843
24844
24845
24846
24847
24848
24849
24850
24851
24852
24853
24854
24855
24856
24857
24858
24859
24860
24861
24862
24863
24864
24865
24866
24867
24868
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_06_06_BO_AT
* and the IUT current location is inside the CURCULAR_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_06_06_BO_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating CURCULAR_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_B_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating CURCULAR_REGION_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_06_06_BO
*/
testcase TC_SEC_ITSS_RCV_CERT_06_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
24882
24883
24884
24885
24886
24887
24888
24889
24890
24891
24892
24893
24894
24895
24896
24897
24898
24899
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0606_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24901
24902
24903
24904
24905
24906
24907
24908
24909
24910
24911
24912
24913
24914
24915
24916
24917
24918
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_06_06_BO
/**
* @desc Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is outside of the circular region validity restriction of its issuing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
24920
24921
24922
24923
24924
24925
24926
24927
24928
24929
24930
24931
24932
24933
24934
24935
24936
24937
24938
24939
24940
24941
24942
24943
24944
24945
24946
24947
24948
24949
24950
24951
24952
24953
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_06_07_BO_AT
* and the IUT current location is inside the CURCULAR_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_06_07_BO_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating CURCULAR_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_06_07_BO_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating CURCULAR_REGION_AA_OUTSIDE
* not including CURCULAR_REGION_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_06_07_BO
*/
testcase TC_SEC_ITSS_RCV_CERT_06_07_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
24967
24968
24969
24970
24971
24972
24973
24974
24975
24976
24977
24978
24979
24980
24981
24982
24983
24984
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0607_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
24986
24987
24988
24989
24990
24991
24992
24993
24994
24995
24996
24997
24998
24999
25000
25001
25002
25003
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_06_07_BO
/**
* @desc Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is not fully covered by the the circular region validity restriction of its issuing certificate
* <pre>
garciay
committed
* Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
25005
25006
25007
25008
25009
25010
25011
25012
25013
25014
25015
25016
25017
25018
25019
25020
25021
25022
25023
25024
25025
25026
25027
25028
25029
25030
25031
25032
25033
25034
25035
25036
25037
25038
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_06_08_BO_AT
* and the IUT current location is inside the CURCULAR_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_06_08_BO_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* containing circular_region
* indicating CURCULAR_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_06_08_BO_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating CURCULAR_REGION_AA_INTERSECT
* including partially CURCULAR_REGION_AT
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_06_08_BO
*/
testcase TC_SEC_ITSS_RCV_CERT_06_08_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
garciay
committed
if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
25052
25053
25054
25055
25056
25057
25058
25059
25060
25061
25062
25063
25064
25065
25066
25067
25068
25069
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0608_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
25071
25072
25073
25074
25075
25076
25077
25078
25079
25080
25081
25082
25083
25084
25085
25086
25087
25088
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_06_08_BO
/**
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the same rectangular region validity restriction as its issuing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
25090
25091
25092
25093
25094
25095
25096
25097
25098
25099
25100
25101
25102
25103
25104
25105
25106
25107
25108
25109
25110
25111
25112
25113
25114
25115
25116
25117
25118
25119
25120
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_07_01_BV_AT
* and the IUT current location is inside the RECT_REGION_AA
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_07_01_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* containing rectangular_region[0]
* indicating RECT_REGION_AA
* and containing signer_info.digest
* referencing to a CERT_TS_C_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region[0]
* indicating RECT_REGION_AA
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_07_01_BV
testcase TC_SEC_ITSS_RCV_CERT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0701_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_07_01_BV
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
25176
25177
25178
25179
25180
25181
25182
25183
25184
25185
25186
25187
25188
25189
25190
25191
25192
25193
25194
25195
25196
25197
25198
25199
25200
25201
25202
25203
25204
25205
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_07_02_BV_AT
* and the IUT current location is inside the RECT_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_07_02_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* containing rectangular_region[0]
* indicating RECT_REGION_AA
* and containing signer_info.digest
* referencing to a CERT_TS_B_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating CURCULAR_REGION_AA
fully covering the RECT_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_07_02_BV
testcase TC_SEC_ITSS_RCV_CERT_07_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0702_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
25240
25241
25242
25243
25244
25245
25246
25247
25248
25249
25250
25251
25252
25253
25254
25255
25256
25257
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_07_02_BV
/**
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the validity restriction with rectangular region which is fully inside in the rectangular region validity restriction of its issuing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
25259
25260
25261
25262
25263
25264
25265
25266
25267
25268
25269
25270
25271
25272
25273
25274
25275
25276
25277
25278
25279
25280
25281
25282
25283
25284
25285
25286
25287
25288
25289
25290
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_07_03_BV_AT
* and the IUT current location is inside the RECT_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_07_03_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* containing rectangular_region[0]
* indicating RECT_REGION_AA
* and containing signer_info.digest
* referencing to a CERT_TS_B_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region
* indicating RECT_REGION_AA
fully covering RECT_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_07_03_BV
testcase TC_SEC_ITSS_RCV_CERT_07_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0703_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_07_03_BV
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
25346
25347
25348
25349
25350
25351
25352
25353
25354
25355
25356
25357
25358
25359
25360
25361
25362
25363
25364
25365
25366
25367
25368
25369
25370
25371
25372
25373
25374
25375
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_07_04_BV_AT
* and the IUT current location is inside the RECT_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_07_04_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* containing rectangular_region[0]
* indicating RECT_REGION_AA
* and containing signer_info.digest
* referencing to a CERT_TS_D_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating POLYGON_REGION_AA
fully covering RECT_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_07_04_BV
testcase TC_SEC_ITSS_RCV_CERT_07_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0704_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
25410
25411
25412
25413
25414
25415
25416
25417
25418
25419
25420
25421
25422
25423
25424
25425
25426
25427
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_07_04_BV
/**
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
25429
25430
25431
25432
25433
25434
25435
25436
25437
25438
25439
25440
25441
25442
25443
25444
25445
25446
25447
25448
25449
25450
25451
25452
25453
25454
25455
25456
25457
25458
25459
25460
25461
25462
25463
25464
25465
25466
25467
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_07_05_BV_AT
* and the IUT current location is inside the RECT_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_07_05_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* containing rectangular_region[0]
* indicating RECT_REGION_AA
* and containing signer_info.digest
* referencing to a CERT_TS_E_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing local_region
* indicating 0
* and containing region_identifier
* indicating ID_REGION_AT
fully covering RECT_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_07_05_BV
*/
testcase TC_SEC_ITSS_RCV_CERT_07_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0705_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_07_05_BV
* @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the rectangular region validity restriction
* Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
25521
25522
25523
25524
25525
25526
25527
25528
25529
25530
25531
25532
25533
25534
25535
25536
25537
25538
25539
25540
25541
25542
25543
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_07_06_BO_AT
* and the IUT current location is inside the RECT_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_07_06_BO_AT)
* not containing validity_restrictions['region']
* and containing signer_info.digest
* referencing to a CERT_TS_C_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_07_06_BO
testcase TC_SEC_ITSS_RCV_CERT_07_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0706_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_07_06_BO
* @desc Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is outside of the rectangular region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
25599
25600
25601
25602
25603
25604
25605
25606
25607
25608
25609
25610
25611
25612
25613
25614
25615
25616
25617
25618
25619
25620
25621
25622
25623
25624
25625
25626
25627
25628
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_07_07_BO_AT
* and the IUT current location is inside the RECT_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_07_07_BO_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* containing rectangular_region[0]
* indicating RECT_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_07_07_BO_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region[0]
* indicating RECT_REGION_AA_OUTSIDE
* not including RECT_REGION_AT
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_07_07_BO
testcase TC_SEC_ITSS_RCV_CERT_07_07_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0707_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_07_07_BO
* @desc Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is not fully covered by the the rectangular region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
25684
25685
25686
25687
25688
25689
25690
25691
25692
25693
25694
25695
25696
25697
25698
25699
25700
25701
25702
25703
25704
25705
25706
25707
25708
25709
25710
25711
25712
25713
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_07_08_BO_AT
* and the IUT current location is inside the RECT_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_07_08_BO_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* containing rectangular_region[0]
* indicating RECT_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_07_08_BO_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region[0]
* indicating RECT_REGION_AA_INTERSECT
* not partialy RECT_REGION_AT
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_07_08_BO
testcase TC_SEC_ITSS_RCV_CERT_07_08_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0708_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_07_08_BO
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the same polygonal region validity restriction as its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
25769
25770
25771
25772
25773
25774
25775
25776
25777
25778
25779
25780
25781
25782
25783
25784
25785
25786
25787
25788
25789
25790
25791
25792
25793
25794
25795
25796
25797
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_08_01_BV_AT
* and the IUT current location is inside the POLYGON_REGION_AA
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_08_01_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* containing polygonal_region
* indicating POLYGON_REGION_AA
* and containing signer_info.digest
* referencing to a CERT_TS_D_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating POLYGON_REGION_AA
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_08_01_BV
testcase TC_SEC_ITSS_RCV_CERT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0801_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_08_01_BV
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
25853
25854
25855
25856
25857
25858
25859
25860
25861
25862
25863
25864
25865
25866
25867
25868
25869
25870
25871
25872
25873
25874
25875
25876
25877
25878
25879
25880
25881
25882
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_08_02_BV_AT
* and the IUT current location is inside the POLYGON_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_08_02_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* containing polygonal_region
* indicating POLYGON_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_B_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* and containing circular_region
* indicating CURCULAR_REGION_AA
* fully including POLYGON_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_08_02_BV
testcase TC_SEC_ITSS_RCV_CERT_08_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0802_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_08_02_BV
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
25938
25939
25940
25941
25942
25943
25944
25945
25946
25947
25948
25949
25950
25951
25952
25953
25954
25955
25956
25957
25958
25959
25960
25961
25962
25963
25964
25965
25966
25967
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_08_03_BV_AT
* and the IUT current location is inside the POLYGON_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_08_03_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* containing polygonal_region
* indicating POLYGON_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_C_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region[0]
* indicating RECT_REGION_AA
* fully including POLYGON_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_08_03_BV
testcase TC_SEC_ITSS_RCV_CERT_08_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0803_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_08_03_BV
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
26023
26024
26025
26026
26027
26028
26029
26030
26031
26032
26033
26034
26035
26036
26037
26038
26039
26040
26041
26042
26043
26044
26045
26046
26047
26048
26049
26050
26051
26052
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_08_04_BV_AT
* and the IUT current location is inside the POLYGON_REGION_AA
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_08_04_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* containing polygonal_region
* indicating POLYGON_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_D_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* and containing polygonal_region[0]
* indicating POLYGON_REGION_AA
* fully including POLYGON_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_08_04_BV
testcase TC_SEC_ITSS_RCV_CERT_08_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0804_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_08_04_BV
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
26108
26109
26110
26111
26112
26113
26114
26115
26116
26117
26118
26119
26120
26121
26122
26123
26124
26125
26126
26127
26128
26129
26130
26131
26132
26133
26134
26135
26136
26137
26138
26139
26140
26141
26142
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_08_05_BV_AT
* and the IUT current location is inside the POLYGON_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_08_05_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* containing polygonal_region
* indicating POLYGON_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_D_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing local_region
* indicating 0
* and containing region_identifier
* indicating ID_REGION_AT
* fully including POLYGON_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_08_05_BV
testcase TC_SEC_ITSS_RCV_CERT_08_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0805_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_08_05_BV
* @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the polygonal region validity restriction
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
26198
26199
26200
26201
26202
26203
26204
26205
26206
26207
26208
26209
26210
26211
26212
26213
26214
26215
26216
26217
26218
26219
26220
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_08_06_BO_AT
* and the IUT current location is inside the POLYGON_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_08_06_BO_AT)
* not containing validity_restrictions['region']
* and containing signer_info.digest
* referencing to a CERT_TS_C_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_08_06_BO
testcase TC_SEC_ITSS_RCV_CERT_08_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0806_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_08_06_BO
* @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the polygonal region validity restriction
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_08_07_BO_AT
* and the IUT current location is inside the POLYGON_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_08_07_BO_AT)
* containing validity_restrictions['region']
* indicating 'polygon'
* containing polygonal_region (POLYGON_REGION_08_04_BO)
* indicating length = 2
* and containing signer_info.digest
* referencing to a CERT_TS_D_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating POLYGON_REGION_AA
* fully covering all points of POLYGON_REGION_08_04_BO
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_08_07_BO
testcase TC_SEC_ITSS_RCV_CERT_08_07_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0807_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_08_07_BO
* @desc Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is outside of the polygonal region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_08_08_BO_AT
* and the IUT current location is inside the POLYGON_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_08_08_BO_AT)
* containing validity_restrictions['region']
* indicating 'polygon'
* containing polygonal_region
* indicating POLYGON_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_D_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating POLYGON_REGION_AA_OUTSIDE
* not including POLYGON_REGION_AT
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_08_08_BO
testcase TC_SEC_ITSS_RCV_CERT_08_08_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0808_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_08_08_BO
* @desc Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is not fully covered by the the polygonal region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_08_09_BO_AT
* and the IUT current location is inside the POLYGON_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_08_09_BO_AT)
* containing validity_restrictions['region']
* containing polygonal_region
* indicating POLYGON_REGION_AT
* and containing signer_info.digest
* referencing to a CERT_TS_08_08_BO_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* indicating POLYGON_REGION_AA_INTERSECT
* including partialy POLYGON_REGION_AT
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_08_09_BO
testcase TC_SEC_ITSS_RCV_CERT_08_09_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0809_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_08_09_BO
* @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and without local area definition
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_01_BV_AT
* and the IUT current location is inside the ID_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_01_BV_AT)
* containing validity_restrictions['region']
26546
26547
26548
26549
26550
26551
26552
26553
26554
26555
26556
26557
26558
26559
26560
26561
26562
26563
26564
26565
26566
26567
26568
26569
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating 0
* and containing signer_info.digest
* referencing to a CERT_TS_E_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating 0
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_01_BV
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0901_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_01_BV
* @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and with local area definition
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
26625
26626
26627
26628
26629
26630
26631
26632
26633
26634
26635
26636
26637
26638
26639
26640
26641
26642
26643
26644
26645
26646
26647
26648
26649
26650
26651
26652
26653
26654
26655
26656
26657
26658
26659
26660
26661
26662
26663
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_02_BV_AT
* and the IUT current location is inside the ID_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_02_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating ID_LOCAL_REGION_1
* and containing signer_info.digest
* referencing to a CERT_TS_E_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating 0
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_02_BV
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0902_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_02_BV
/**
* @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction fully containing in the circular validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
26717
26718
26719
26720
26721
26722
26723
26724
26725
26726
26727
26728
26729
26730
26731
26732
26733
26734
26735
26736
26737
26738
26739
26740
26741
26742
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_03_BV_AT
* and the IUT current location is inside the ID_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_03_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating 0
* and containing signer_info.digest
* containing validity_restrictions['region']
* containing region_type
* indicating 'circle'
* and containing circular_region
* fully covering ID_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_03_BV
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0903_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_03_BV
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
26808
26809
26810
26811
26812
26813
26814
26815
26816
26817
26818
26819
26820
26821
26822
26823
26824
26825
26826
26827
26828
26829
26830
26831
26832
26833
26834
26835
26836
26837
26838
26839
26840
26841
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_04_BV_AT
* and the IUT current location is inside the ID_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_04_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating 0
* and containing signer_info.digest
* referencing to a CERT_TS_E_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'rectangle'
* and containing rectangular_region[0]
* fully covering ID_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_04_BV
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0904_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_04_BV
* @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
26896
26897
26898
26899
26900
26901
26902
26903
26904
26905
26906
26907
26908
26909
26910
26911
26912
26913
26914
26915
26916
26917
26918
26919
26920
26921
26922
26923
26924
26925
26926
26927
26928
26929
26930
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_05_BV_AT
* and the IUT current location is inside the ID_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_05_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating 0
* and containing signer_info.digest
* referencing to a CERT_TS_E_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'polygon'
* and containing polygonal_region
* fully covering ID_REGION_AT
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_05_BV
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0905_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_05_BV
* @desc Check that the IUT accepts a message when the signing certificate of the message contains the identified region validity restriction with the identified region which is fully covered by the identified region of the validity restriction of its issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
26985
26986
26987
26988
26989
26990
26991
26992
26993
26994
26995
26996
26997
26998
26999
27000
27001
27002
27003
27004
27005
27006
27007
27008
27009
27010
27011
27012
27013
27014
27015
27016
27017
27018
27019
27020
27021
27022
27023
27024
27025
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_06_BV_AT
* and the IUT current location is inside the ID_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_06_BV_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating 0
* and containing signer_info.digest
* referencing to a CERT_TS_E_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'un_stats'
* and containing region_identifier
* indicating ID_REGION_AA_UNSTATS
* which includes ID_REGION_AT
* and containing local_region
* indicating 0
* } then {
* the IUT accepts the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_06_BV
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_06_BV() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0906_BV, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_06_BV
* @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the identified region validity restriction
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
27080
27081
27082
27083
27084
27085
27086
27087
27088
27089
27090
27091
27092
27093
27094
27095
27096
27097
27098
27099
27100
27101
27102
27103
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_07_BO_AT
* and the IUT current location is inside the ID_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_07_BO_AT)
* not containing validity_restrictions['region']
* and containing signer_info.digest
* referencing to a CERT_TS_E_AA
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_07_BO
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_07_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0907_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_07_BO
* @desc Check that the IUT discards a message when the signing certificate and its issuing certificate are both containing the identified region validity restrictions with the same region id but different local regions
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
27158
27159
27160
27161
27162
27163
27164
27165
27166
27167
27168
27169
27170
27171
27172
27173
27174
27175
27176
27177
27178
27179
27180
27181
27182
27183
27184
27185
27186
27187
27188
27189
27190
27191
27192
27193
27194
27195
27196
27197
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_08_BO_AT
* and the IUT current location is inside the ID_REGION_AA, local region 1
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_08_BO_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating ID_LOCAL_REGION_1
* and containing signer_info.digest
* referencing to a CERT_TS_09_08_BO_AA
* containing validity_restrictions['region']
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AA
* and containing local_region
* indicating ID_LOCAL_REGION_2
* not equal to ID_LOCAL_REGION_1
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_08_BO
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_08_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0908_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_08_BO
* @desc Check that the IUT discards a message when the identified region of the validity restriction of its signing certificate is different and not fully covered by the one in the issuing certificate
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
27252
27253
27254
27255
27256
27257
27258
27259
27260
27261
27262
27263
27264
27265
27266
27267
27268
27269
27270
27271
27272
27273
27274
27275
27276
27277
27278
27279
27280
27281
27282
27283
27284
27285
27286
27287
27288
27289
27290
27291
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_09_BO_AT
* and the IUT current location is inside the ID_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_09_BO_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AT
* and containing local_region
* indicating 0
* and containing signer_info.digest
* referencing to a CERT_TS_09_09_BO_AA
* containing validity_restrictions['region']
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AA_OTHER
* other than ID_REGION_AT
* and containing local_region
* indicating 0
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_09_BO
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_09_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0909_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_09_BO
* @desc Check that the IUT discards a message when the identified region validity restriction of its signing certificate contains unknown area code
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
27346
27347
27348
27349
27350
27351
27352
27353
27354
27355
27356
27357
27358
27359
27360
27361
27362
27363
27364
27365
27366
27367
27368
27369
27370
27371
27372
27373
27374
27375
27376
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_10_BO_AT
* and the IUT current location is inside the ID_REGION_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_10_BO_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_UNKNOWN
* and containing local_region
* indicating 0
* and containing signer_info.digest
* referencing to a CERT_TS_A_AA
* not containing validity_restrictions['region']
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_10_BO
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_10_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0910_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_10_BO
* @desc Check that the IUT discards a message when the validity restriction of its signing certificate contains the identified region of type iso-3166-1 but region code is from the UN-Stats dictionary
* Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
27431
27432
27433
27434
27435
27436
27437
27438
27439
27440
27441
27442
27443
27444
27445
27446
27447
27448
27449
27450
27451
27452
27453
27454
27455
27456
27457
27458
27459
27460
27461
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_09_11_BO_AT
* and the IUT current location is inside the ID_REGION_AA_UNSTATS
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_09_11_BO_AT)
* containing validity_restrictions['region']
* containing region_type
* indicating 'id'
* and containing id_region
* containing region_dictionary
* indicating 'iso_3166_1'
* and containing region_identifier
* indicating ID_REGION_AA_UNSTATS
* and containing local_region
* indicating 0
* and containing signer_info.digest
* referencing to a CERT_TS_A_AA
* not containing validity_restrictions['region']
* } then {
* the IUT discards the message
* }
* }
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_09_11_BO
* @reference ETSI TS 103 097 [1], clauses 4.2.26 and 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_09_11_BO() runs on ItsGeoNetworking system ItsSecSystem {
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
stop;
}
// Test component configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert0911_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_09_11_BO
* @desc Check that the IUT discards a message when its signing certificate does not contain the time validity restriction
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_10_01_BO_AT
* and the IUT current location is inside the CERT_TS_10_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_10_01_BO_AT)
* containing validity_restrictions['time_start_and_end']
* and not containing validity_restrictions['time_end']
* and not containing validity_restrictions['time_start_and_duration']
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_10_01_BO
testcase TC_SEC_ITSS_RCV_CERT_10_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1001_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a message when the issuing certificate of the message signing certificate does not contain the time validity restriction
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current location is inside the CERT_TS_10_02_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_10_02_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_10_02_BO_AA
* containing validity_restrictions['time_start_and_end']
* and not containing validity_restrictions['time_end']
* and not containing validity_restrictions['time_start_and_duration']
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_10_02_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
testcase TC_SEC_ITSS_RCV_CERT_10_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1002_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a message when its signing certificate contains 'time_end' validity restriction
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is less then time_end validity restricyion of CERT_TS_10_03_BO_AT
* and the IUT current location is inside the CERT_TS_10_02_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_10_03_BO_AT)
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_10_03_BO
testcase TC_SEC_ITSS_RCV_CERT_10_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1003_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_10_04_BO_AT
* and the IUT current location is inside the CERT_TS_10_04_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_10_04_BO_AT)
* containing validity_restrictions['time_start_and_duration']
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_10_04_BO
testcase TC_SEC_ITSS_RCV_CERT_10_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1004_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a message when the issuing certificate of the message signing certificate contains 'time_end' validity restriction
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is less then time_end validity restricyion of CERT_TS_10_05_BO_AT
* and the IUT current location is inside the CERT_TS_10_05_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_10_05_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_10_05_BO_AA
* containing validity_restrictions['time_end']
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_10_05_BO
testcase TC_SEC_ITSS_RCV_CERT_10_05_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1005_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is less then time_end validity restricyion of CERT_TS_10_06_BO_AT
* and the IUT current location is inside the CERT_TS_10_06_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields['signer_info']
* and containing signer
* containing type
* indicating 'certificate'
* and containing certificate (CERT_TS_10_06_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_10_06_BO_AA
* containing validity_restrictions['time_start_and_duration']
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_10_06_BO
testcase TC_SEC_ITSS_RCV_CERT_10_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1006_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a message when the validity period of the signing certificate ends after the validity period of its issuing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_01_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_A_AA
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AA
* and containing end_validity
* and containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AA
* and containing end_validity
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_11_01_BO
testcase TC_SEC_ITSS_RCV_CERT_11_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1101_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
28035
28036
28037
28038
28039
28040
28041
28042
28043
28044
28045
28046
28047
28048
28049
28050
28051
28052
28053
28054
28055
28056
28057
28058
28059
28060
28061
28062
28063
28064
28065
28066
28067
28068
28069
28070
28071
28072
28073
28074
28075
28076
28077
28078
28079
28080
28081
28082
28083
28084
28085
28086
28087
28088
28089
28090
28091
28092
28093
28094
28095
28096
28097
28098
28099
} // End of testcase TC_SEC_ITSS_RCV_CERT_11_01_BO
/**
* @desc Check that the IUT discards a message when the validity period of its signing certificate starts before the validity period of the issuing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_02_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_A_AA
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AA
* and containing end_validity
* indicating END_VALIDITY_AA
* and containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AA - 1d
* and containing end_validity
* indicating END_VALIDITY_AA
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_11_02_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_11_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1102_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
28101
28102
28103
28104
28105
28106
28107
28108
28109
28110
28111
28112
28113
28114
28115
28116
28117
28118
28119
28120
28121
28122
28123
28124
28125
28126
28127
28128
28129
28130
28131
28132
28133
28134
28135
28136
28137
28138
28139
28140
28141
28142
28143
28144
28145
28146
28147
28148
28149
28150
28151
28152
28153
28154
28155
28156
28157
28158
28159
28160
28161
28162
28163
28164
28165
28166
28167
28168
28169
28170
28171
28172
28173
28174
28175
28176
28177
28178
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_11_02_BO
/**
* @desc Check that the IUT discards a message when the issuing certificate of signing certificate is expired but the signing certificate is not expired yet.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_03_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_A_AA
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AA - 365d
* and containing end_validity
* indicating END_VALIDITY_AA - 1d
* and containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AA - 365d
* and containing end_validity
* indicating END_VALIDITY_AA
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_11_03_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_11_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1103_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
28180
28181
28182
28183
28184
28185
28186
28187
28188
28189
28190
28191
28192
28193
28194
28195
28196
28197
28198
28199
28200
28201
28202
28203
28204
28205
28206
28207
28208
28209
28210
28211
28212
28213
28214
28215
28216
28217
28218
28219
28220
28221
28222
28223
28224
28225
28226
28227
28228
28229
28230
28231
28232
28233
28234
28235
28236
28237
28238
28239
28240
28241
28242
28243
28244
28245
28246
28247
28248
28249
28250
28251
28252
28253
28254
28255
28256
28257
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_11_03_BO
/**
* @desc Check that the IUT discards a message when the validity period of the signing certificate is after the validity period of its issuing certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_04_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_A_AA
* containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AA
* and containing end_validity
* indicating END_VALIDITY_AA + 365d
* and containing validity_restrictions['time_start_and_end']
* containing start_validity
* indicating START_VALIDITY_AA
* and containing end_validity
* indicating END_VALIDITY_AA + 365d
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_11_04_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_11_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1104_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_11_04_BO
* @desc Check that the IUT discards a message when its signing certificate does not contain the SSP-AID subject attribute
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_12_01_BO_AT
* containing header_fields ['signer_info'].signer.certificate (CERT_TS_12_01_BO_AT)
* not containing subject_attributes['its_aid_ssp_list']
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_12_01_BO
testcase TC_SEC_ITSS_RCV_CERT_12_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1201_BO, omit, e_certificate);
28322
28323
28324
28325
28326
28327
28328
28329
28330
28331
28332
28333
28334
28335
28336
28337
28338
28339
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
// empty on purpose
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a Secured CAM when its signing certificate does not contain a record with AID_CAM in the its_aid_ssp_list subject attribute
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_12_02_BO_AT
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['its_aid']
* containing its_aid
* indicating 'AID_CAM'
* and containing header_fields ['signer_info']
* containing signer
* containing certificate
* indicating CERT_TS_12_02_BO_AT
* containing subject_attributes['its_aid_ssp_list']
* not containing an item
* containing its_aid
* indicating 'AID_CAM'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_12_02_BO
testcase TC_SEC_ITSS_RCV_CERT_12_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1202_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a Secured DENM when its signing certificate does not contain a record with AID_DENM in the its_aid_ssp_list subject attribute
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_12_03_BO_AT
* the IUT is receiving a Secured DENM (MSG_SEC_RCV_DENM_A)
* containing header_fields ['its_aid']
* containing its_aid
* indicating 'AID_DENM'
* and containing header_fields ['signer_info']
* containing signer
* containing certificate
* indicating CERT_TS_12_03_BO_AT
* containing subject_attributes['its_aid_ssp_list']
* not containing an item
* containing its_aid
* indicating 'AID_DENM'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_12_03_BO
testcase TC_SEC_ITSS_RCV_CERT_12_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert1203_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a Secured CAM when its signing certificate contains two records with AID_CAM in the its_aid_ssp_list subject attribute
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
* and the IUT current location is inside the CERT_TS_12_04_BO_AT
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['its_aid']
* containing its_aid
* indicating 'AID_CAM'
* and containing header_fields ['signer_info']
* containing signer
* containing certificate
* indicating CERT_TS_12_04_BO_AT
* containing subject_attributes['its_aid_ssp_list']
* containing item [0].its_aid
* indicating 'AID_CAM'
* and containing item [1].its_aid
* indicating 'AID_CAM'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_12_04_BO
testcase TC_SEC_ITSS_RCV_CERT_12_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1204_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a message when the signing AT certificate contains a CAM AID-SSP record whereas the issuing AA certificate does not contain the record with AID_CAM
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_13_01_BO_AT
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_01_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_13_01_BO_AA
* containing validity_restrictions['its_aid_list']
* not containing 'AID_CAM'
* and containing validity_restrictions['its_aid_ssp_list']
* containing a record
* containing its_aid
* indicating 'AID_CAM'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_13_01_BO
testcase TC_SEC_ITSS_RCV_CERT_13_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1301_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
* @desc Check that the IUT discards a message when the signing AT certificate contains a DENM AID-SSP record whereas the issuing AA certificate does not contain the AID record with AID_DENM
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_13_02_BO_AT
* the IUT is receiving a Secured DENM (MSG_SEC_RCV_DENM_A)
* containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_02_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_13_02_BO_AA
* containing validity_restrictions['its_aid_list']
* not containing 'AID_DENM'
* and containing validity_restrictions['its_aid_ssp_list']
* containing a record
* containing its_aid
* indicating 'AID_DENM'
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_13_02_BO
testcase TC_SEC_ITSS_RCV_CERT_13_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert1302_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
28725
28726
28727
28728
28729
28730
28731
28732
28733
28734
28735
28736
28737
28738
28739
28740
28741
28742
28743
28744
28745
28746
28747
28748
28749
28750
28751
28752
28753
28754
28755
28756
28757
28758
28759
28760
28761
28762
28763
28764
28765
28766
28767
28768
28769
28770
28771
28772
28773
28774
28775
28776
28777
28778
/**
* @desc Check that IUT discards a SecuredMessage if the AA certificate does not contain a subject_attribute of type its_aid_list
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_13_03_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_03_BO_AT)
* containing signer_info.digest
* referencing to CERT_TS_13_03_BO_AA
* not containing validity_restrictions['its_aid_list']
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_13_03_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_13_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredDenm(cc_taCert1303_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
28780
28781
28782
28783
28784
28785
28786
28787
28788
28789
28790
28791
28792
28793
28794
28795
28796
28797
28798
28799
28800
28801
28802
28803
28804
28805
28806
28807
28808
28809
28810
28811
28812
28813
28814
28815
28816
28817
28818
28819
28820
28821
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_13_03_BO
/**
* @desc Check that IUT discards the AT certificate with signer info of type 'certificate'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_14_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_14_01_BO_AT)
* containing signer_info.type
* indicating 'certificate'
* and containing certificate
* indicating CERT_TS_AA_A
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_14_01_BO
28823
28824
28825
28826
28827
28828
28829
28830
28831
28832
28833
28834
28835
28836
28837
28838
28839
28840
28841
28842
28843
28844
28845
28846
28847
28848
28849
28850
28851
*/
testcase TC_SEC_ITSS_RCV_CERT_14_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1401_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
28853
28854
28855
28856
28857
28858
28859
28860
28861
28862
28863
28864
28865
28866
28867
28868
28869
28870
28871
28872
28873
28874
28875
28876
28877
28878
28879
28880
28881
28882
28883
28884
28885
28886
28887
28888
28889
28890
28891
28892
28893
28894
28895
28896
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_14_01_BO
/**
* @desc Check that IUT discards the AT certificate with signer info of type 'certificate_chain'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_14_02_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_14_02_BO_AT)
* containing signer_info.type
* indicating 'certificate_chain'
* and containing certificates[0]
* indicating certificate (CERT_TEST_ROOT)
* and containing certificates[1]
* indicating certificate (CERT_TS_AA_A)
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_14_02_BO
28898
28899
28900
28901
28902
28903
28904
28905
28906
28907
28908
28909
28910
28911
28912
28913
28914
28915
28916
28917
28918
28919
28920
28921
28922
28923
28924
28925
28926
*/
testcase TC_SEC_ITSS_RCV_CERT_14_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1402_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
28928
28929
28930
28931
28932
28933
28934
28935
28936
28937
28938
28939
28940
28941
28942
28943
28944
28945
28946
28947
28948
28949
28950
28951
28952
28953
28954
28955
28956
28957
28958
28959
28960
28961
28962
28963
28964
28965
28966
28967
28968
28969
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_14_02_BO
/**
* @desc Check that IUT discards the AT certificate with signer info of type 'certificate_digest_with_other_algorithm'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_14_03_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_14_03_BO_AT)
* containing signer_info.type
* indicating 'certificate_digest_with_other_algorithm'
* and containing digest
* referencing CERT_TS_AA_A
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_14_03_BO
28971
28972
28973
28974
28975
28976
28977
28978
28979
28980
28981
28982
28983
28984
28985
28986
28987
28988
28989
28990
28991
28992
28993
28994
28995
28996
28997
28998
28999
*/
testcase TC_SEC_ITSS_RCV_CERT_14_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1403_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29001
29002
29003
29004
29005
29006
29007
29008
29009
29010
29011
29012
29013
29014
29015
29016
29017
29018
29019
29020
29021
29022
29023
29024
29025
29026
29027
29028
29029
29030
29031
29032
29033
29034
29035
29036
29037
29038
29039
29040
29041
29042
29043
29044
29045
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_14_03_BO
/**
* @desc Check that IUT discards the AA certificate with signer info of type 'certificate'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_15_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_15_01_BO_AT)
* containing signer_info.digest
* referencing to certificate (CERT_TS_15_01_BO_AA)
* containing signer_info
* containing type
* indicating 'certificate'
* and containing certificate
* indicating CERT_TEST_ROOT
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_15_01_BO
29047
29048
29049
29050
29051
29052
29053
29054
29055
29056
29057
29058
29059
29060
29061
29062
29063
29064
29065
29066
29067
29068
29069
29070
29071
29072
29073
29074
29075
*/
testcase TC_SEC_ITSS_RCV_CERT_15_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1501_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29077
29078
29079
29080
29081
29082
29083
29084
29085
29086
29087
29088
29089
29090
29091
29092
29093
29094
29095
29096
29097
29098
29099
29100
29101
29102
29103
29104
29105
29106
29107
29108
29109
29110
29111
29112
29113
29114
29115
29116
29117
29118
29119
29120
29121
29122
29123
29124
29125
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_15_01_BO
/**
* @desc Check that IUT discards the AA certificate with signer info of type 'certificate_chain'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_15_02_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_15_02_BO_AT)
* containing signer_info.type
* indicating 'certificate_chain'
* and containing certificates[0]
* indicating certificate (CERT_TEST_ROOT)
* and containing certificates[1]
* indicating certificate (CERT_TS_15_02_BO_CA)
* containing signer_info
* containing type
* indicating 'certificate_digest_with_sha256'
* and containing digest
* referencing to CERT_TEST_ROOT
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_15_02_BO
29127
29128
29129
29130
29131
29132
29133
29134
29135
29136
29137
29138
29139
29140
29141
29142
29143
29144
29145
29146
29147
29148
29149
29150
29151
29152
29153
29154
29155
*/
testcase TC_SEC_ITSS_RCV_CERT_15_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1502_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29157
29158
29159
29160
29161
29162
29163
29164
29165
29166
29167
29168
29169
29170
29171
29172
29173
29174
29175
29176
29177
29178
29179
29180
29181
29182
29183
29184
29185
29186
29187
29188
29189
29190
29191
29192
29193
29194
29195
29196
29197
29198
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_15_02_BO
/**
* @desc Check that IUT discards the AA certificate with signer info of type 'certificate_digest_with_other_algorithm'
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_15_03_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_15_03_BO_AT)
* containing signer_info.type
* indicating 'certificate_digest_with_other_algorithm'
* and containing digest
* referencing CERT_TEST_ROOT
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_15_03_BO
29200
29201
29202
29203
29204
29205
29206
29207
29208
29209
29210
29211
29212
29213
29214
29215
29216
29217
29218
29219
29220
29221
29222
29223
29224
29225
29226
29227
29228
*/
testcase TC_SEC_ITSS_RCV_CERT_15_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1503_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29230
29231
29232
29233
29234
29235
29236
29237
29238
29239
29240
29241
29242
29243
29244
29245
29246
29247
29248
29249
29250
29251
29252
29253
29254
29255
29256
29257
29258
29259
29260
29261
29262
29263
29264
29265
29266
29267
29268
29269
29270
29271
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_15_03_BO
/**
* @desc Check that IUT discards a SecuredMessage if the subject_name of the AT certificate is not an empty name field
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_16_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_16_01_BO_AT)
* containing signer_info.digest
* referencing to certificate (CERT_TS_16_01_BO_AA)
* containing signer_infosubject_name
* indicating non-empty string ('Invalid name')
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_16_01_BO
29273
29274
29275
29276
29277
29278
29279
29280
29281
29282
29283
29284
29285
29286
29287
29288
29289
29290
29291
29292
29293
29294
29295
29296
29297
29298
29299
29300
29301
*/
testcase TC_SEC_ITSS_RCV_CERT_16_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1601_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29303
29304
29305
29306
29307
29308
29309
29310
29311
29312
29313
29314
29315
29316
29317
29318
29319
29320
29321
29322
29323
29324
29325
29326
29327
29328
29329
29330
29331
29332
29333
29334
29335
29336
29337
29338
29339
29340
29341
29342
29343
29344
29345
29346
29347
29348
29349
29350
29351
29352
29353
29354
29355
29356
29357
29358
29359
29360
29361
29362
29363
29364
29365
29366
29367
29368
29369
29370
29371
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_16_01_BO
/**
* @desc Check that IUT discards a SecuredMessage if the subject attribute of type assurance_level is missing in the AT certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_17_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_17_01_BO_AT)
* not containing subject_attributes['assurance_level']
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_17_01_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_17_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1701_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29373
29374
29375
29376
29377
29378
29379
29380
29381
29382
29383
29384
29385
29386
29387
29388
29389
29390
29391
29392
29393
29394
29395
29396
29397
29398
29399
29400
29401
29402
29403
29404
29405
29406
29407
29408
29409
29410
29411
29412
29413
29414
29415
29416
29417
29418
29419
29420
29421
29422
29423
29424
29425
29426
29427
29428
29429
29430
29431
29432
29433
29434
29435
29436
29437
29438
29439
29440
29441
29442
29443
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_17_01_BO
/**
* @desc Check that IUT discards a SecuredMessage if the subject attribute of type assurance_level is missing in the AA certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_17_02_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_17_02_BO_AT)
* containing signer_info.digest
* referencing to certificate (CERT_TS_17_02_BO_AA)
* not containing subject_attributes['assurance_level']
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_17_02_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_17_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1702_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29445
29446
29447
29448
29449
29450
29451
29452
29453
29454
29455
29456
29457
29458
29459
29460
29461
29462
29463
29464
29465
29466
29467
29468
29469
29470
29471
29472
29473
29474
29475
29476
29477
29478
29479
29480
29481
29482
29483
29484
29485
29486
29487
29488
29489
29490
29491
29492
29493
29494
29495
29496
29497
29498
29499
29500
29501
29502
29503
29504
29505
29506
29507
29508
29509
29510
29511
29512
29513
29514
29515
29516
29517
29518
29519
29520
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_17_02_BO
/**
* @desc Check that IUT discards a SecuredMessage if the assurance level of issuing certificate is less then assurance level of subordinate certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_17_03_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_17_03_BO_AT)
* containing subject_attributes['assurance_level']
* containing assurance_level
* indicating 0x80 (assurance level=4, confidence=0)
* and containing signer_info.digest
* referencing to certificate (CERT_TS_A_AA)
* containing subject_attributes['assurance_level']
* containing assurance_level
* indicating 0x60 (assurance level=3, confidence=0)
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_17_03_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_17_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1703_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29522
29523
29524
29525
29526
29527
29528
29529
29530
29531
29532
29533
29534
29535
29536
29537
29538
29539
29540
29541
29542
29543
29544
29545
29546
29547
29548
29549
29550
29551
29552
29553
29554
29555
29556
29557
29558
29559
29560
29561
29562
29563
29564
29565
29566
29567
29568
29569
29570
29571
29572
29573
29574
29575
29576
29577
29578
29579
29580
29581
29582
29583
29584
29585
29586
29587
29588
29589
29590
29591
29592
29593
29594
29595
29596
29597
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_17_03_BO
/**
* @desc Check that IUT discards a SecuredMessage if the assurance level of issuing certificate is equal to the assurance level of the subordinate certificate but the confidence of subject assurance of issuing certificate is less then the confidence of the subordinate certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_17_04_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_17_04_BO_AT)
* containing subject_attributes['assurance_level']
* containing assurance_level
* indicating 0x61 (assurance level=3, confidence=1)
* and containing signer_info.digest
* referencing to certificate (CERT_TS_A_AA)
* containing subject_attributes['assurance_level']
* containing assurance_level
* indicating 0x60 (assurance level=3, confidence=0)
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_17_04_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_17_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1704_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29599
29600
29601
29602
29603
29604
29605
29606
29607
29608
29609
29610
29611
29612
29613
29614
29615
29616
29617
29618
29619
29620
29621
29622
29623
29624
29625
29626
29627
29628
29629
29630
29631
29632
29633
29634
29635
29636
29637
29638
29639
29640
29641
29642
29643
29644
29645
29646
29647
29648
29649
29650
29651
29652
29653
29654
29655
29656
29657
29658
29659
29660
29661
29662
29663
29664
29665
29666
29667
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_17_04_BO
/**
* @desc Check that IUT discards a SecuredMessage if the subject attribute of type verification_key is missing in the AT certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_18_01_BO_AT
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_18_01_BO_AT)
* not containing subject_attributes['verification_key']
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_18_01_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_18_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1801_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29669
29670
29671
29672
29673
29674
29675
29676
29677
29678
29679
29680
29681
29682
29683
29684
29685
29686
29687
29688
29689
29690
29691
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_18_01_BO
/**
* @desc Check that IUT discards a SecuredMessage if the subject attribute of type verification_key is missing in the AA certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* and the IUT current time is inside the time validity period of CERT_TS_18_01_BO_AT
29693
29694
29695
29696
29697
29698
29699
29700
29701
29702
29703
29704
29705
29706
29707
29708
29709
29710
29711
29712
29713
29714
29715
29716
29717
29718
29719
29720
29721
29722
29723
29724
29725
29726
29727
29728
29729
29730
29731
29732
29733
29734
29735
29736
29737
29738
29739
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.type
* indicating 'certificate'
* and containing certificate (CERT_TS_18_02_BO_AT)
* containing signer_info.digest
* referencing to certificate (CERT_TS_18_02_BO_AA)
* not containing subject_attributes['verification_key']
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_18_02_BO
* @reference ETSI TS 103 097 [1], clause 7.4.1
*/
testcase TC_SEC_ITSS_RCV_CERT_18_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1802_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
29741
29742
29743
29744
29745
29746
29747
29748
29749
29750
29751
29752
29753
29754
29755
29756
29757
29758
29759
29760
29761
29762
29763
29764
29765
29766
29767
29768
29769
29770
29771
29772
29773
29774
29775
29776
29777
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_18_02_BO
/**
* @desc Check that IUT discards a SecuredMessage if the reserved region type has been used in region validity restriction of the AT certificate
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
* containing header_fields ['signer_info'].signer.certificate (CERT_TS_19_01_BO_AT)
* containing region_type
* indicating 240
* } then {
* the IUT discards the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CERT_19_01_BO
29779
29780
29781
29782
29783
29784
29785
29786
29787
29788
29789
29790
29791
29792
29793
29794
29795
29796
29797
29798
29799
29800
29801
29802
29803
29804
29805
29806
29807
*/
testcase TC_SEC_ITSS_RCV_CERT_19_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert1901_BO, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CERT_19_01_BO
} // End of module ItsSecurity_TestCase