ItsSecurity_TestCases.ttcn3 1.4 MB
Newer Older
                     [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                     )))) { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                        
                        // Send secured message from unknown ITS-S
                        geoNetworkingPort.clear;
                        f_sendSecuredCam(cc_taCert_F, omit, e_certificate_digest_with_sha256);
                        
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                }
                
                // Test Body
                t_maxTransInterval.start;
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    )))) {
                        tc_ac.stop; 
                        t_maxTransInterval.stop;
                        log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
                        repeat;
                    }
                    [] t_maxTransInterval.timeout {
                        log("*** " & testcasename() & ": FAIL: CAM was transmited w/o unrecognized request header ***"); 
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_06_01_BV
            
            /**
             * @desc    Check that IUT restart the certificate sending timer when the certificate has been sent
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more then one CAM per second
             *      and the IUT having already sent CAM at TIME_1
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
garciay's avatar
garciay committed
             *      and the IUT having received a CAM at TIME_2 (TIME_1 +0.3sec)
             *          containing header_fields['request_unrecognized_certificate']
             *              containing digests
             *                  containing HashedId3 value
             *                      referencing to the the IUT certificate
             *      and the IUT having sent CAM at TIME_3 (TIME_3 > TIME_2)
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *  }
             *  ensure that {
             *      when {
             *          the IUT is sending the next CAM at TIME_4
             *              containing header_fields['signer_info'].signer.type
             *                  indicating 'certificate'
             *      } then {
             *          the difference between TIME_4 and TIME_3 is about of 1sec
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_07_01_TI
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_07_01_TI() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 1.0;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
                var ItsCam v_component;
                var boolean v_firstCertReceived := false;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                v_component := f_setCamFrequencyGreatherThan1Hz();
                    [v_firstCertReceived == false] geoNetworkingPort.receive(
                                                    mw_geoNwInd(
                                                        mw_geoNwSecPdu(
                                                            mdw_securedMessage_CAMs(
                                                                mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd {
                        log("*** " & testcasename() & ": INFO: Initial conditions: The first CAM with certificate is received ***");
                        v_firstCertReceived := true;
                        f_sleep(0.3);
                        // Send secured message with request for unrecognized certificate
                        f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerInfo);
                        f_sendSecuredCam(
                            {
                                m_header_field_unrecognised_certificate(
                                    f_HashedId3FromHashedId8(
                                       f_calculateDigestFromCertificate(
                                           v_signerInfo.signerInfo.certificate
                                       )
                            },
                            e_certificate_digest_with_sha256
                        );
                        repeat;
                    }
                    [v_firstCertReceived == true] geoNetworkingPort.receive(
                                                    mw_geoNwInd(
                                                        mw_geoNwSecPdu(
                                                            mdw_securedMessage_CAMs(
                                                                mw_header_field_signer_info_certificate
                    )))) {
                        tc_ac.stop;
                        // start a timeout of one second to check
                        // that the next cert will be received after this timeout
                        t_maxTransInterval.start;
                        log("*** " & testcasename() & ": INFO: Initial conditions: The requested CAM with certificate is received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    )))) {
                        tc_ac.stop;
                        t_maxTransInterval.stop;
                        log("*** " & testcasename() & ": FAIL: CAM certificate inclusion time wasn't restarted ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); 
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: The CAM certificate inclusion timer has been restarted ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_07_01_TI
garciay's avatar
garciay committed
             * @desc    Check that the IUT sends the Secured CAM containing the signer_info of type certificate 
             *          when it received a CAM containing a request of unrecognized certificate that matches 
             *          with the currently used AT certificate ID of the IUT 
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent CAM at TIME_1
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate' 
garciay's avatar
garciay committed
             *      and the IUT having received a SecuredMessage at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
             *          containing header_fields['request_unrecognized_certificate']
             *              containing digests {
             *                  containing HashedId3 value
             *                      referencing to the AT certificate
             *                  and not containing HashedId3 value
             *                      referencing to the AA certificate
             *              }
             *  }
             *  ensure that {
             *      when {
garciay's avatar
garciay committed
             *          the IUT is requested to send a CAM at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
             *              containing header_fields['signer_info']
             *                  containing signer
             *                      containing type
             *                          indicating 'certificate'
             *                      containing certificate
             *                          referenced by the requested digest 
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_08_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 1.0;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                var SignerInfo v_si;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd {
                        t_maxTransInterval.start;
                        
                        f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
                        
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                        
                        // Send secured message with request for unrecognized certificate
                        f_sendSecuredCam(
                                m_header_field_unrecognised_certificate(                // containing digests
                                    f_HashedId3FromHashedId8(                           // containing HashedId3 value
                                        f_calculateDigestFromCertificate(
                                            v_si.signerInfo.certificate                 //     referencing to the AT certificate
                                        )
                                    )    
                                                                                        // and not containing HashedId3 value referencing to the AA certificate
                                )
                        
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate(
                                        v_si.signerInfo.certificate
                                    )
                        t_maxTransInterval.stop;
                        log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); 
                        repeat;
                    }
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": FAIL: Requested certificate was not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_08_01_BV
garciay's avatar
garciay committed
             * @desc    Check that the sent secured CAM contains the signer_info of type certificate_chain 
             *          when the ITS-S has received a CAM containing a request of unrecognized certificate that matches 
             *          with the AA certificate ID that issued its currently used AT certificate ID of the IUT
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent a CAM
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *          at TIME_1
             *      and the IUT having received a SecuredMessage
             *          containing header_fields['request_unrecognized_certificate'] {
             *              containing digests {
             *                  containing HashedId3 value
             *                      referencing to the AA certificate
             *              }
             *          }
             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1+ 1sec)
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+ 1sec)
             *      } then {
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
             *              containing header_fields['signer_info']
             *                  containing signer
             *                      containing type
             *                          indicating 'certificate_chain'
             *                      containing certificates[last]
             *                          indicating the AT certificate
             *                      containing certificates[last-1]
             *                          indicating the AA certificate
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_09_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 1.0;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                var SignerInfo v_si;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    ))))  -> value v_geoNwInd { 
                        t_maxTransInterval.start;
                        f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
                        f_getCertificateSignerInfo(v_si.signerInfo.certificate, v_si);
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                                                
                        // Send secured message with request for unrecognized certificate
                        f_sendSecuredCam(
                            {
                                m_header_field_unrecognised_certificate(                    // containing digests
                                    f_HashedId3FromHashedId8(                               //     containing HashedId3 value
                                        v_si.signerInfo.digest                              //         referencing to the AA certificate
                                    )
                                )
                            });
                        
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate_chain
                    )))) -> value v_geoNwInd {
                        var SignerInfo v_signerInfo;
                        var CertificateChain v_certificates;
                        var integer v_certificateChainLength;
                        
                        t_maxTransInterval.stop;
                        // Extract certificate chain
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        v_certificates := v_signerInfo.signerInfo.certificates;
                        v_certificateChainLength := lengthof(v_certificates);
                        if (v_certificateChainLength >= 2) { // Check length
                            if ( // Check Content
                                not(
                                    (v_certificates[0].subject_info.subject_type == e_authorization_authority) and 
                                        // Check the certificate chain contains certificates[last] indicating the AT certificate
                                    (v_certificates[1].subject_info.subject_type == e_authorization_ticket)
                                        // Check the certificate chain contains certificates[last-1] indicating the AA certificate
                            )) {
                                log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); 
                                log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successful ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            } 
                            log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content length ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); 
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***"); 
                        repeat;
                    }
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_09_01_BV
            /**
             * @desc    Check that the IUT doesn't send a secured CAM contains the signer_info of type certificate_chain
             *           when the AA certificate was previously requested and already received from another ITS-S 
             * <pre>
             * Pics Selection: PICS_GN_SECURITY PICS_PLUGTEST_VERSION
             * Config Id: CF01
             * Initial conditions:
             * </pre>
			 * with
			 * 	the IUT being in the 'authorized' state
			 * 	and the IUT is configured to send more than one CAM per second
			 * 	and the IUT having already sent a CAM
			 * 		containing header_fields['signer_info'].signer.type
			 * 			indicating 'certificate'
			 * 		at TIME_1
			 * 	and the IUT having received a SecuredMessage
			 * 		containing header_fields['request_unrecognized_certificate']
			 * 			containing digests
			 * 				containing HashedId3 value (HASH1)
			 * 					referencing to the AA certificate
			 * 		at TIME_2 (TIME_1 < TIME_2 < TIME_1+1sec)
			 * 	and the IUT having received a SecuredMessage
			 * 		containing header_fields['signer_info'].signer.type
			 * 			indicating 'certificate_chain'
			 * 				containing AA certificate
			 * 					having HashedId3 value of HASH1
			 * 		at TIME_3 (TIME_2 < TIME_3 < TIME_2+0.1sec)
			 * ensure that
			 * 	when
			 * 		the IUT is requested to send a CAM
			 * 			at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+1sec)
			 * 	then
			 * 		the IUT sends a SecuredMessage
			 * 			and containing header_fields['signer_info']
			 * 				containing signer
			 * 					containing type
			 * 						indicating 'digest'
			 * 						or indicating 'certificate'
             *
             * @see          ETSI TS 103 096-2 v1.3.3 TP_SEC_ITSS_SND_CAM_09_02_BV
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_SND_CAM_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 1.0;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 1.1;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                var SignerInfo v_si;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                if (not(PICS_PLUGTEST_VERSION)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***");
                    stop;
                }
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    ))))  -> value v_geoNwInd { 
                        tc_ac.stop;
                        t_maxTransInterval.start;
                        
                        f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
                        f_getCertificateSignerInfo(v_si.signerInfo.certificate, v_si);
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                                                
                        // Send secured message with request for unrecognized certificate
                        f_sendSecuredCam(
                            cc_taCert_A,
                            {
                                m_header_field_unrecognised_certificate(                    // containing digests
                                    f_HashedId3FromHashedId8(                               //     containing HashedId3 value
                                        v_si.signerInfo.digest                              //         referencing to the AA certificate
                                    )
                                )
                            });

                        // Send secured message signed with certificate_chain
                        f_sendSecuredCam(
                            cc_taCert_A1,
filatov's avatar
filatov committed
                            omit,
							e_certificate_chain
                        );
                        
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate_chain
                    )))) {
                        log("*** " & testcasename() & ": FAIL: CAM retransmition with unexpected certificate_chain ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); 
                    }
					[] geoNetworkingPort.receive(
						mw_geoNwInd(
							mw_geoNwSecPdu(
								mdw_securedMessage_CAMs
					))) {
						log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***"); 
						repeat;
					}
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop; 
						log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successfully skipped ***");
						f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_09_02_BV
            
            
garciay's avatar
garciay committed
            /**
             * @desc    Check that the sent secured CAM contains exactly one HeaderField generation_time which is inside 
             *          the validity time of the certificate referenced by the signer_info
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      the IUT being requested to include certificate in the next CAM 
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send CAM
             *      } then {
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage 
garciay's avatar
garciay committed
             *              containing security_profile
             *                  indicating '1'
garciay's avatar
garciay committed
             *              containing header_fields ['generation_time'] 
garciay's avatar
garciay committed
             *                  containing generation_time
             *                      indicating TIME_1 (CUR_TIME - 5min <= TIME_1 <= CUR_TIME + 5min)
garciay's avatar
garciay committed
             *              containing header_fields ['signer_info'] 
             *                  containing signer 
garciay's avatar
garciay committed
             *                      containing type
             *                          indicating 'certificate'
             *                      and containing certificate 
             *                          containing validity_restrictions['time_end']
garciay's avatar
garciay committed
             *                              containing end_validity
             *                                  indicating value > GEN_TIME
             *                          or containing validity_restrictions['time_start_and_end']
             *                              containing start_validity
             *                                  indicating value <= GEN_TIME
             *                              and containing end_validity
             *                                  indicating value > GEN_TIME
             *                          or containing validity_restrictions['time_start_and_duration']
             *                              containing start_validity (X_START_VALIDITY)
             *                                  indicating value <= GEN_TIME
             *                              and containing duration
             *                                  indicating value > GEN_TIME - X_START_VALIDITY 
garciay's avatar
garciay committed
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_10_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clauses 5.4 and 7.1
             */
            testcase TC_SEC_ITSS_SND_CAM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const integer c_timeThreshold := 1000 * 60; /** Time threshold in milliseconds */
                
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
                var Certificate v_certificate;
                var HeaderField v_headerField;
                var Time64 v_generationTime;
                var ValidityRestriction v_validity;
                var integer v_currentTime, v_lowerBound, v_upperBound;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_generation_time, 
                                        mw_header_field_signer_info_certificate,
                                        mw_header_field_its_aid_CAM
                    ))))) -> value v_geoNwInd {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": INFO: CAM transmission with certificate ***");
                        
                        v_currentTime := f_getCurrentTime();
                        log("v_currentTime (us)=", v_currentTime * 1000);
                        v_lowerBound := (v_currentTime - c_timeThreshold) * 1000;
                        v_upperBound := (v_currentTime + c_timeThreshold) * 1000;
                        
                        // Extract generation_time
                        f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField);
                        v_generationTime := v_headerField.headerField.generation_time;
                        
                        // Extract certificate
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        v_certificate := v_signerInfo.signerInfo.certificate;
                         
                        // Check current time 
                        if (match(v_generationTime, (v_lowerBound .. v_upperBound))) {
                            log("*** " & testcasename() & ": PASS: Generation time matches current time ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
                        } else {
                            log("*** " & testcasename() & ": FAIL: Generation time does not match current time " & int2str(v_currentTime-v_lowerBound) & " / " & int2str(v_upperBound - v_currentTime) & " . ***");
garciay's avatar
garciay committed
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }   
                        
                        // Check generation_time validity
                        if (
                            (f_getCertificateValidityRestriction(v_certificate, e_time_start_and_end, v_validity) == true) and 
garciay's avatar
garciay committed
                            (v_generationTime >= (v_validity.validity.time_start_and_end.start_validity * 1000000) and 
                            (v_generationTime < (v_validity.validity.time_start_and_end.end_validity * 1000000)))
                        ) {
                            log("*** " & testcasename() & ": PASS: Generation time within certificate validity/time_start_and_end ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
                        } else if (
                            (f_getCertificateValidityRestriction(v_certificate, e_time_end, v_validity) == true) and 
                            (v_generationTime < (v_validity.validity.end_validity * 1000000))
                        ) {
                            log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
                        } else if (f_getCertificateValidityRestriction(v_certificate, e_time_start_and_duration, v_validity) == true) {
			                if (PICS_PLUGTEST_VERSION) {
								log("*** " & testcasename() & ": FAIL: Usage of time_start_and_duration is forbidden in TS103097 v1.2.5 ***");
								f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                			}
                			if ((v_generationTime >= (v_validity.validity.time_start_and_duration.start_validity * 1000000)) and 
    	                    	(v_generationTime < (f_duration2time(v_validity.validity.time_start_and_duration.duration_) * 1000000))
                        	) {
                            	log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***");
                            	f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
                        	}
garciay's avatar
garciay committed
                        }
                        log("*** " & testcasename() & ": FAIL: Generation time not within certificate validity ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
garciay's avatar
garciay committed
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate  ***"); 
                        repeat;
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_10_01_BV
            
garciay's avatar
garciay committed
             * @desc    Check that the IUT sends certificate request when it receives a message from unknown station
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             *      and the IUT has receiving a SecuredMessage
             *          containing header_fields['signer_info'].signer
             *              containing type
             *                  indicating 'certificate_digest_with_sha256'
             *              containing digest
             *                  indicating HashedId3 value DIGEST_A
             *                      referenced to unknown certificate
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send CAM
             *      } then {
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
             *              containing header_fields['request_unrecognized_certificate']
             *                  containing digests
             *                      containing HashedId3 value
             *                          indicating DIGEST_A
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_12_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_12_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var HashedId8 v_expectedHashedId8;
                var HashedId3 v_expectedHashedId3;
                var GeoNetworkingPdu v_securedGnPduToBeSent;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Send secured message from unknown ITS-S
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                
                f_getCertificateDigest(
                    cc_taCert_F,
                    v_expectedHashedId8
                );
                v_expectedHashedId3 := f_HashedId3FromHashedId8(v_expectedHashedId8);
                
                // preamble: waiting for CAM with certificate and send a CAM with unknown digest right after that
                v_securedGnPduToBeSent := f_prepareSecuredCam(cc_taCert_F);
                   
                geoNetworkingPort.clear;
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive
                    {
                        f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPduToBeSent));
                        tc_ac.stop;

                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }                        
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of preamble 'alt' statement

                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_request_unrecognized_certificate(
                                        { v_expectedHashedId3 }
                    ))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: CAM received with request for unrecognized certificate");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                        log("*** " & testcasename() & ": FAIL: CAM received without request for unrecognized certificate ***"); 
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_12_01_BV
garciay's avatar
garciay committed
             * @desc    Check that the Secured CAM contains non-empty payload of type signed
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
             *      } then {
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
             *              containing payload_field
garciay's avatar
garciay committed
             *                  containing exactly one element of type Payload
             *                      containing type
             *                          indicating 'signed'
             *                      containing not-empty data
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_14_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_14_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    ?, 
                                    mw_payload(
                                        e_signed
                    ))))) {
                        tc_ac.stop;
                        
                        log("*** " & testcasename() & ": PASS: CAM received with exactly 1 signed payload");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {