Newer
Older
testcase TC_SEC_ITSS_SND_GENMSG_05_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_C; // Load IUT certificate CERT_IUT_C
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_rectangular);
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_03_BV
/**
* @desc Check that the secured GN Message contains exactly one HeaderField generation_location
* which is inside the polygonal region containing in the validity restriction
* of the certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_AT_D) {
* containing validity_restrictions ['region'] {
* containing region{
* containing region_type
* indicating 'polygon'
* containing polygonal_region
* indicating REGION
* }
* }
* }
* }
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* the IUT sends a SecuredMessage {
* containing exactly one header_fields ['generation_location']
* containing generation_location
* indicating value inside the REGION
* not containing header_field ['its_aid']
* indicating 'AID_CAM'
* not containing header_field ['its_aid']
* indicating 'AID_DENM'
* }
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.2.1 TP_SEC_ITSS_SND_GENMSG_05_04_BV
* @reference ETSI TS 103 097 [1], clause 7.3
testcase TC_SEC_ITSS_SND_GENMSG_05_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_D; // Load IUT certificate CERT_IUT_D
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_polygonal);
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_04_BV
/**
* @desc Check that the secured GN Message contains exactly one HeaderField generation_location
* which is inside the identified region containing in the validity restriction
* of the certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_IDENTIFIED_REGION and PICS_CERTIFICATE_SELECTION
* Config Id: CF01
* with {
* the IUT has been authorized with the AT certificate (CERT_IUT_E) {
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
* containing validity_restrictions ['region'] {
* containing region{
* containing region_type
* indicating 'id_region'
* containing identified_region
* indicating REGION
* }
* }
* }
* }
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* the IUT sends a SecuredMessage {
* containing exactly one header_fields ['generation_location']
* containing generation_location
* indicating value inside the REGION
* not containing header_field ['its_aid']
* indicating 'AID_CAM'
* not containing header_field ['its_aid']
* indicating 'AID_DENM'
* }
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.2.1 TP_SEC_ITSS_SND_GENMSG_05_05_BV
* @reference ETSI TS 103 097 [1], clause 7.3
testcase TC_SEC_ITSS_SND_GENMSG_05_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_E; // Load IUT certificate CERT_IUT_E
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_identified);
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_05_BV
/**
* @desc Check that the secured GN Message contains exactly one HeaderField generation_location
* which is inside the region containing in the validity restriction
* of the certificate pointed by the signer_info field
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_CIRCULAR_REGION and PICS_CERTIFICATE_SELECTION
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
* Config Id: CF01
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* the IUT sends a SecuredMessage {
* containing header_fields['signed_info'].certificate {
* containing validity_restrictions ['region']
* {
* containing region.region_type
* indicating 'circle'
* containing region.circular_region
* indicating REGION
* } or {
* containing region.region_type
* indicating 'rectangle'
* containing region.rectangular_region
* containing array of rectangles
* indicating REGION
* } or {
* containing region.region_type
* indicating 'polygonal'
* containing region.polygonal_region
* indicating REGION
* } or {
* containing region.region_type
* indicating 'id_region'
* containing region.circular_region
* indicating REGION
* }
* }
* containing exactly one header_fields['generation_location']
* containing generation_location
* indicating location inside the REGION
* not containing header_field ['its_aid']
* indicating 'AID_CAM'
* not containing header_field ['its_aid']
* indicating 'AID_DENM'
* }
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.2.1 TP_SEC_ITSS_SND_GENMSG_05_06_BV
* @reference ETSI TS 103 097 [1], clause 7.3
testcase TC_SEC_ITSS_SND_GENMSG_05_06_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_CIRCULAR_REGION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := cc_iutCert_B; // Load IUT certificate CERT_IUT_B
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
f_TC_SEC_ITSS_SND_GENMSG_05_BV(); // any type of regions
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_05_06_BV
group f_TC_SEC_ITSS_SND_GENMSG_05_xx {
function f_TC_SEC_ITSS_SND_GENMSG_05_BV(
in template (present) GeographicRegion p_region := ?
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
) runs on ItsGeoNetworking {
// Local variables
var GeoNetworkingInd v_geoNwInd;
tc_ac.start;
alt {
// GN message must contain generation location and the certificate with region restrictions
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage(
superset(
mw_header_field(e_generation_location),
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
superset(
mw_validity_restriction_region(
p_region
))))))))) -> value v_geoNwInd {
var ValidityRestriction v_vr;
var HeaderField v_hf;
tc_ac.stop;
// Check that generation location
if (
f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf) and
f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr)
) {
if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) {
log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("v_vr.validity.region=", v_vr.validity.region);
log("v_hf.headerField.generation_location=", v_hf.headerField.generation_location);
log("*** " & testcasename() & ": FAIL: Invalid location");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
// GN message doesn't contain generation location
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others
))) -> value v_geoNwInd {
var HeaderField v_hf;
tc_ac.stop;
// Check that generation location is not present
f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf);
if (not isbound(v_hf)) {
log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location header");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
// GN signing certificate doesn't contains region restriction
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
mw_header_field_signer_info_certificate(
mw_certificate(
?,
?,
?,
{ } // GN signing certificate doesn't contains region restriction
)))))) {
tc_ac.stop;
log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
} // End of function f_TC_SEC_ITSS_SND_GENMSG_05_BV
} // End of group f_TC_SEC_ITSS_SND_GENMSG_05_xx
/**
* @desc Check that the secured message contains of type signed
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* Expected results:
* ensure that {
* when {
* the IUT is requested to send a Beacon
* } then {
* the IUT sends a SecuredMessage {
* not containing header_field ['its_aid']
* indicating 'AID_CAM'
* not containing header_field ['its_aid']
* indicating 'AID_DENM'
* containing payload_fields
* containing exactly one element of type Payload {
* containing type
* indicating 'signed'
* }
* }
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.2.1 TP_SEC_ITSS_SND_GENMSG_06_01_BV
* @reference ETSI TS 103 097 [1], clause 7.3
testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
?,
mw_payload(
e_signed
)
),
mw_geoNwBeaconPacket(
?
)))) {
log("*** " & testcasename() & ": PASS: Beacon payload is 'signed'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
?,
mw_payload
),
mw_geoNwBeaconPacket(
?
)))) {
log("*** " & testcasename() & ": FAIL: Beacon payload is not 'signed'");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
?,
mw_payload(
e_signed,
? length(0) // TODO ''O ?????
)
),
mw_geoNwBeaconPacket(
?
)))) {
log("*** " & testcasename() & ": FAIL: Beacon payload data is empty");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected Message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV
/**
* @desc Check that the secured GN Message contains only one TrailerField of type signature.
* Check that the signature contained in the SecuredMessage is calculated over the right fields by cryptographically verifying the signature
* Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is requested to send Beacon
* } then {
* the IUT sends a SecuredMessage {
* containing header_fields ['signer_info'] {
* containing signer {
* containing type
* indicating 'certificate'
* containing certificate
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* }
* }
* not containing header_field ['its_aid']
* indicating 'AID_CAM'
* not containing header_field ['its_aid']
* indicating 'AID_DENM'
* containing trailer_fields {
* containing single instance of type TrailerField {
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY }
* }
* }
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.2.1 TP_SEC_ITSS_SND_GENMSG_07_01_BV
* @reference ETSI TS 103 097 [1], clause 7.3
testcase TC_SEC_ITSS_SND_GENMSG_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var LongPosVector v_longPosVectorIut;
var GeoNetworkingInd v_geoNwInd;
var SignerInfo v_signerInfo;
// Test adapter configuration
if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
v_longPosVectorIut := f_getPosition(c_compIut);
// Test adapter configuration
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
// Preamble
f_prNeighbour();
f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others(
mw_header_field_signer_info_certificate
)))) -> value v_geoNwInd {
tc_ac.stop;
log("*** " & testcasename() & ": INFO: Beacon message with certificate received ***");
f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) {
log("*** " & testcasename() & ": FAIL: Beacon received with invalide signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mdw_securedMessage_Others
))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Beacon message without certificate received");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected GN Message not received");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
log("*** " & testcasename() & ": PASS: GN Message received with correct signature");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_acTriggerEvent(m_stopPassBeaconing);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_07_01_BV
} // End of group secOtherProfile
} // End of group g_SecuredMessages
group g_receiverBehavior {
group g_recvCamProfile {
/**
* @desc Check that IUT accepts a well-formed Secured CAM containing certificate in signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer {
* containing type
* indicating 'certificate'
* and containing certificate (CERT_AT_A) {
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* }
* }
* and containing header_fields [1] {
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* }
* and containing header_fields[2] {
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* }
* and not containing any other header fields
* and containing payload_field {
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing CAM payload
* }
* and containing trailer_fields {
* containing single instance of type TrailerField {
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* }
* }
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.1 TP_SEC_ITSS_RCV_CAM_01_01_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_RCV_CAM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, omit, e_certificate);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
// empty on purpose
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_01_01_BV
/**
* @desc Check that IUT accepts a well-formed Secured CAM containing certificate digest of the known certificate in signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* the IUT already sent a Secured message containing certificate (CERT_AT_A)
* containing subject_info.subject_type
* indicating 'authorization_ticket' (2)
* and containing subject_attributes['verification key'] (KEY)
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer {
* containing type
* indicating 'certificate_digest_with_sha256'
* and containing digest
* referencing to certificate (CERT_AT_A)
* }
* and containing header_fields [1] {
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* }
* and containing header_fields[2] {
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* }
* and not containing any other header fields
* and containing payload_field {
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing CAM payload
* }
* and containing trailer_fields {
* containing single instance of type TrailerField {
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* }
* }
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.1 TP_SEC_ITSS_RCV_CAM_01_02_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_RCV_CAM_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, omit, e_certificate_digest_with_sha256);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
// empty on purpose
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_01_02_BV
/**
* @desc Check that IUT accepts a well-formed Secured CAM containing certificate chain in signer_info
* <pre>
* Pics Selection: PICS_GN_SECURITY
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage
* containing protocol_version
* indicating value '2'
* and containing header_fields[0]
* containing type
* indicating 'signer_info'
* and containing signer {
* containing type
* indicating 'certificate_chain'
* and containing certificates
* containing certificate (CERT_AA_A) at index 0 {
* containing subject_info.subject_type
* indicating 'authorization_authority'
* and containing subject_attributes['verification key'] (KEY_AA)
* }
* and containing certificate (CERT_AT_A) at index 1 {
* containing subject_info.subject_type
* indicating 'authorization_ticket'
* and containing signer_info {
* containing type
* indicating 'certificate_digest_with_sha256'
* containing digest
* referencing to the CERT_AA_A
* }
* and containing signature
* verifiable using KEY_AA
* and containing subject_attributes['verification key'] (KEY)
* }
* }
* and containing header_fields [1] {
* containing type
* indicating 'generation_time'
* containing generation_time
* indicating CURRENT_TIME
* }
* and containing header_fields[2] {
* containing type
* indicating 'its_aid'
* containing its_aid
* indicating 'AID_CAM'
* }
* and not containing any other header fields
* and containing payload_field {
* containing type
* indicating 'signed'
* containing data
* indicating length > 0
* containing CAM payload
* }
* and containing trailer_fields {
* containing single instance of type TrailerField {
* containing type
* indicating 'signature'
* containing signature
* verifiable using KEY
* }
* }
* } then {
* the IUT accepts the message
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.1 TP_SEC_ITSS_RCV_CAM_01_03_BV
* @reference ETSI TS 103 097 [1], clause 7.1
testcase TC_SEC_ITSS_RCV_CAM_01_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam(cc_taCert_A);
f_sleep(PX_TNOAC);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
// empty on purpose
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
else {
log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_01_03_BV
/**
* @desc Check that IUT discards a Secured CAM containing protocol version set to a value less then 2
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (CAM)
* containing protocol_version
* indicating 1
* containing header_fields['its_aid']
* indicating 'AID_CAM'
* } then {
* the IUT discards a SecuredMessage
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.2.1 TP_SEC_ITSS_RCV_CAM_02_01_BO
* @reference ETSI TS 103 097 [1], clause 5.2
testcase TC_SEC_ITSS_RCV_CAM_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var integer i;
var GeoNetworkingPdu v_securedGnPdu;
var GnRawPayload v_sentRawPayload;
// Test adapter configuration
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
v_securedGnPdu := f_sendSecuredCam_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION);
v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
// empty on purpose
}
if (i < lengthof(vc_utInds)) {
log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
else {
log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_RCV_CAM_02_01_BO
/**
* @desc Check that IUT discards a Secured CAM containing protocol version set to a value greater then 2
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT being in the 'authorized' state
* }
* ensure that {
* when {
* the IUT is receiving a SecuredMessage (CAM)
* containing protocol_version
* indicating 3
* containing header_fields['its_aid']
* indicating 'AID_CAM'
* } then {
* the IUT discards a SecuredMessage