Newer
Older
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_09_BV
/**
* @desc Check that IUT sends the secured DENM containing generation location which is inside the identified
* region defined by the validity restriction of the root certificate when subordinate AA and AT
* certificates don't contain any region restriction.
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_CA2_AT)
* containing toBeSigned
* not containing region
* and issuied by the certificate AA (CERT_IUT_CC_AA)
* containing toBeSigned
* containing circularRegion
* indicating REGION
* and issuied by the certificate RCA (CERT_IUT_C_RCA)
* containing toBeSigned
* containing circularRegion
* indicating REGION
* }
* ensure that {
* when {
* the IUT is requested to send a DENM
* } then {
* the IUT sends a SecuredMessage of type EtsiTs103097Data
* containing headerInfo
* containing generationLocation
* indicating value inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_10_BV
* @reference ETSI TS 103 097 [1] Clauses 7.1.2
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 & 6.4.8
*/
testcase TC_SEC_ITSS_SND_DENM_10_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderInfo v_headerInfo;
var SignerIdentifier v_signerIdentifier;
var Certificate v_at_certificate;
var Certificate v_aa_certificate;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_readCertificate(cc_taCert_CA2, v_at_certificate);
f_readCertificate(cc_taCert_CC_AA, v_aa_certificate);
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate(
mw_etsiTs103097Certificate(
-,
mw_toBeSignedCertificate_at(
v_at_certificate.toBeSigned.appPermissions,
v_at_certificate.toBeSigned.verifyKeyIndicator,
v_at_certificate.toBeSigned.validityPeriod,
omit
)
)
)
)
),
mw_geoNwBroadcastPacket
))) -> value v_geoNwInd {
tc_ac.stop;
if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo)) {
var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation };
if (f_isLocationInsideRegion(v_at_certificate.toBeSigned.region, v_location) == true) {
log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***");
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
mw_geoNwBroadcastPacket
))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_10_BV
/**
* @desc Check that IUT sends the secured DENM containing the 'data' field in signed data payload,
* containing the EtsiTs103097Data of type unsecured, contained the DENM payload
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A_AT)
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* the IUT sends a message of type EtsiTs103097Data
* contains content
* contains signedData
* containing tbsData
* containing payload
* containing data
* containing content
* containing unsecuredData
* containing not-empty data
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_11_BV
* @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2
*/
testcase TC_SEC_ITSS_SND_DENM_11_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
5212
5213
5214
5215
5216
5217
5218
5219
5220
5221
5222
5223
5224
5225
5226
5227
5228
5229
5230
5231
5232
5233
5234
5235
5236
5237
5238
5239
5240
5241
5242
5243
5244
5245
5246
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload(
mw_ieee1609Dot2Data(
mw_ieee1609Dot2Data_unsecured
)),
mw_headerInfo_denm
)
)
),
mw_geoNwBroadcastPacket
))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: DENM received with a well formated payload");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
mw_geoNwBroadcastPacket
))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
5253
5254
5255
5256
5257
5258
5259
5260
5261
5262
5263
5264
5265
5266
5267
5268
5269
5270
5271
5272
5273
5274
5275
5276
5277
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_11_BV
/**
* @desc Check that the IUT sends the secured DENM signed with the certificate containing appPermisions
* allowing to sign DEN messages
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A_AT)
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* the IUT sends a message of type EtsiTs103097Data
* containing signer
* containing certificate
* containing appPermissions
* containing an item of type PsidSsp
* containing psid = AID_DENM
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_12_BV
* @reference ETSI TS 103 097 [1] Clauses 7.1.2
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2
5290
5291
5292
5293
5294
5295
5296
5297
5298
5299
5300
5301
5302
5303
5304
5305
5306
5307
5308
5309
5310
5311
5312
5313
*/
testcase TC_SEC_ITSS_SND_DENM_12_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate( // containing certificate
-,
mw_toBeSignedCertificate_at(
log("*** " & testcasename() & ": PASS: DEN message received with a well formated certificate ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
log("*** " & testcasename() & ": INFO: DEN message with digest was received ***");
repeat;
log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_12_BV
/**
* @desc Check that IUT sends the secured DENM containing signature;
5370
5371
5372
5373
5374
5375
5376
5377
5378
5379
5380
5381
5382
5383
5384
5385
5386
5387
5388
5389
5390
5391
5392
5393
5394
5395
5396
5397
5398
5399
5400
5401
5402
5403
* Check that the signature is calculated over the right fields
* and using right hash algorythm by cryptographically verifying the signature
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (X_CERTIFICATE)
* containing verifyKeyIndicator
* containing verificationKey
* containing X_KEY
* indicating KEY
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* the IUT sends a message of type EtsiTs103097Data
* containing signedData
* containing signer
* containing certificate
* indicating X_CERTIFICATE
* containing verifyKeyIndicator
* containing verificationKey
* containing X_KEY
* indicating KEY
* and containing signature
* containing X_SIGNATURE
* verifiable using KEY
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_13_BV
* @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2
* @reference IEEE 1609.2 [2], Clauses 5.3.1, 6.3.4, 6.3.29, 6.3.30, 6.3.31
*/
testcase TC_SEC_ITSS_SND_DENM_13_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var EtsiTs103097Certificate v_certificate;
var Signature v_signature;
var GeoNetworkingInd v_geoNwInd;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
5423
5424
5425
5426
5427
5428
5429
5430
5431
5432
5433
5434
5435
5436
5437
5438
5439
5440
5441
5442
5443
5444
5445
5446
5447
5448
5449
5450
5451
5452
5453
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_readCertificate(vc_hashedId8ToBeUsed, v_certificate);
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
PICS_CERTFICATES_FOI[PICS_CERTFICATES_VAR].hashAlgorithm,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate( // or containing containing certificate indicating X_CERTIFICATE
v_certificate
)
)
),
mw_geoNwBroadcastPacket
))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: DEN message with certificate received ***");
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
mw_geoNwBroadcastPacket
))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Check that the signature is calculated over the right fields and using right hash algorythm by cryptographically verifying the signature
if (f_verifyGnSecuredMessageSignatureWithCertificate(f_getSecuredMessage(v_geoNwInd.msgIn), vc_hashedId8ToBeUsed, v_certificate)) {
log("*** " & testcasename() & ": PASS: Signature verified successfully ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Signature not verified successfully ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_13_BV
/**
* @desc Check that IUT doesn't send secured DENMs if IUT doesn't possess an AT certificate allowing
* sending messages in this location.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_C1_AT)
* containing region
* indicating rectangular region
* not containing current IUT position
* and the IUT has no other installed AT certificates
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_14_BV
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2
*/
testcase TC_SEC_ITSS_SND_DENM_14_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
5534
5535
5536
5537
5538
5539
5540
5541
5542
5543
5544
5545
5546
5547
5548
5549
5550
5551
5552
5553
5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
5566
5567
5568
5569
5570
5571
5572
5573
5574
5575
f_cf01Up(); // Initialise IUT with CERT_IUT_C1_AT
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_noac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
)
)
)
))) {
tc_noac.stop;
log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_noac.timeout {
log("*** " & testcasename() & ": PASS: No DENM received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_14_BV
/**
* @desc Check that IUT doesn't send the secured DENM if IUT is configured to use an AT certificate
* without region validity restriction and generation location is outside of the region of the
* issuing AA certificate.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_C3_AT)
* not containing region
* and issued by the AA certificate (CERT_IUT_C3_AA)
* containing region
* indicating rectangular region
* not containing current IUT position
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_15_BV
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2
*/
testcase TC_SEC_ITSS_SND_DENM_15_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
5615
5616
5617
5618
5619
5620
5621
5622
5623
5624
5625
5626
5627
5628
5629
5630
5631
5632
5633
5634
5635
5636
5637
5638
5639
5640
5641
5642
5643
5644
5645
5646
5647
5648
5649
5650
5651
5652
5653
5654
5655
5656
f_cf01Up(); // Initialise IUT with CERT_IUT_C3_AT
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_noac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
)
)
)
))) {
tc_noac.stop;
log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_noac.timeout {
log("*** " & testcasename() & ": PASS: No DENM received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_15_BV
/**
* @desc Check that IUT doesn't send secured DENMs if all AT certificates installed on the IUT are expired.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A1_AT)
* containing validityPeriod
* indicating start + duration < CURRENT_TIME
* and the IUT has no other installed AT certificates
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_16_BV
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2
*/
testcase TC_SEC_ITSS_SND_DENM_16_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
5692
5693
5694
5695
5696
5697
5698
5699
5700
5701
5702
5703
5704
5705
5706
5707
5708
5709
5710
5711
5712
5713
5714
5715
5716
5717
5718
5719
5720
5721
5722
5723
5724
5725
5726
5727
5728
5729
5730
5731
5732
5733
f_cf01Up(); // Initialise IUT with CERT_IUT_A1_AT
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_noac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
)
)
)
))) {
tc_noac.stop;
log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_noac.timeout {
log("*** " & testcasename() & ": PASS: No DENM received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_16_BV
/**
* @desc Check that IUT doesn't send secured DENMs if all AT certificates installed on the IUT have the starting time in the future.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A2_AT)
* containing validityPeriod
* indicating start > CURRENT_TIME
* and the IUT has no other installed AT certificates
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_17_BV
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2
*/
testcase TC_SEC_ITSS_SND_DENM_17_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
5769
5770
5771
5772
5773
5774
5775
5776
5777
5778
5779
5780
5781
5782
5783
5784
5785
5786
5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
5801
5802
5803
5804
5805
5806
5807
5808
5809
5810
f_cf01Up(); // Initialise IUT with CERT_IUT_A2_AT
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_noac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
)
)
)
))) {
tc_noac.stop;
log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_noac.timeout {
log("*** " & testcasename() & ": PASS: No DENM received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_17_BV
/**
* @desc Check that IUT doesn't send secured DENMs if IUT doesn't possess an AT certificate allowing
* sending DENM by its appPermissions.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A4_AT)
* containing appPermissions
* not containing PsidSSP
* containing psid
* indicating AID_CAM
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_18_BV
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2
*/
testcase TC_SEC_ITSS_SND_DENM_18_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
5848
5849
5850
5851
5852
5853
5854
5855
5856
5857
5858
5859
5860
5861
5862
5863
5864
5865
5866
5867
5868
5869
5870
5871
5872
5873
5874
5875
5876
5877
5878
5879
5880
5881
5882
5883
5884
5885
5886
5887
5888
f_cf01Up(); // Initialise IUT with CERT_IUT_A4_AT
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_noac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
)
)
)
))) {
tc_noac.stop;
log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_noac.timeout {
log("*** " & testcasename() & ": PASS: No DENM received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_18_BV
* @desc Sending behaviour test cases for DENM profile
* @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.6 Generic signed message profile
5896
5897
5898
5899
5900
5901
5902
5903
5904
5905
5906
5907
5908
5909
5910
5911
5912
5913
5914
5915
5916
5917
5918
5919
5920
5921
5922
5923
5924
5925
5926
5927
5928
5929
5930
5931
5932
5933
5934
5935
5936
5937
5938
5939
5940
5941
5942
5943
5944
5945
5946
5947
5948
5949
5950
5951
5952
5953
5954
5955
5956
5957
5958
5959
5960
5961
5962
5963
5964
5965
5966
5967
5968
5969
5970
5971
5972
5973
5974
5975
5976
5977
5978
5979
5980
5981
5982
5983
5984
5985
5986
5987
5988
5989
5990
5991
5992
5993
5994
5995
5996
5997
5998
5999
6000
/**
* @desc Check that IUT sends the secured message using signedData container.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A_AT)
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is requested to send a secured Beacon
* } then {
* the IUT sends a message of type EtsiTs103097Data
* containing content
* containing signedData
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_01_BV
* @reference ETSI TS 103 097 [1] Clauses 7.1.3
*/
testcase TC_SEC_ITSS_SND_GENMSG_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_gn
)
)
)
))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: The GN message is secured ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_01_BV
/**
* @desc Check that the sent Secured Message contains HeaderField its_aid that is set to other value then AID_CAM and AID_DENM.
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A_AT)
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is requested to send a secured Beacon
* } then {
* the IUT sends a Ieee1609Dot2Data
* containing content
* containing signedData
* containing tbsData
* containing headerInfo
* containing psid
* indicating 'AID_GNMGMT'
* }
* }
* </pre>
*