Skip to content
ItsSecurity_TestCases.ttcn3 462 KiB
Newer Older
9001 9002 9003 9004 9005 9006 9007 9008 9009 9010 9011 9012 9013 9014 9015 9016 9017 9018 9019 9020 9021 9022 9023 9024 9025 9026 9027 9028 9029 9030 9031 9032 9033 9034 9035 9036 9037 9038 9039 9040 9041 9042 9043 9044 9045 9046 9047 9048 9049 9050 9051 9052 9053 9054 9055 9056 9057 9058 9059 9060 9061 9062 9063 9064 9065 9066 9067 9068 9069 9070 9071 9072 9073 9074 9075 9076 9077 9078 9079 9080 9081 9082 9083 9084 9085 9086 9087 9088 9089 9090 9091 9092 9093 9094 9095 9096 9097 9098 9099 9100 9101 9102 9103 9104 9105 9106 9107 9108 9109 9110 9111 9112 9113 9114 9115 9116 9117 9118 9119 9120 9121 9122 9123 9124 9125 9126 9127 9128 9129 9130 9131 9132 9133 9134 9135 9136 9137 9138 9139 9140 9141 9142 9143 9144 9145 9146 9147 9148 9149 9150 9151 9152 9153 9154 9155 9156 9157 9158 9159 9160 9161 9162 9163 9164 9165 9166 9167 9168 9169 9170 9171 9172 9173 9174 9175 9176 9177 9178 9179 9180 9181 9182 9183 9184 9185 9186 9187 9188 9189 9190 9191 9192 9193 9194 9195 9196 9197 9198 9199 9200 9201 9202 9203 9204 9205 9206 9207 9208 9209 9210 9211 9212 9213 9214 9215 9216 9217 9218 9219 9220 9221 9222 9223 9224 9225 9226 9227 9228 9229 9230 9231 9232 9233 9234 9235 9236 9237 9238 9239 9240 9241 9242 9243 9244 9245 9246 9247 9248 9249 9250 9251 9252 9253 9254 9255 9256 9257 9258 9259 9260 9261 9262 9263 9264 9265 9266 9267 9268 9269 9270 9271 9272 9273 9274 9275 9276 9277 9278 9279 9280 9281 9282 9283 9284 9285 9286 9287 9288 9289 9290 9291 9292 9293 9294 9295 9296 9297 9298 9299 9300 9301 9302 9303 9304 9305 9306 9307 9308 9309 9310 9311 9312 9313 9314 9315 9316 9317 9318 9319 9320 9321 9322 9323 9324 9325 9326 9327 9328 9329 9330 9331 9332 9333 9334 9335 9336 9337 9338 9339 9340 9341 9342 9343 9344 9345 9346 9347 9348 9349 9350 9351 9352 9353 9354 9355 9356 9357 9358 9359 9360 9361 9362 9363 9364 9365 9366 9367 9368 9369 9370 9371 9372 9373 9374 9375 9376 9377 9378 9379 9380 9381 9382 9383 9384 9385 9386 9387 9388 9389 9390 9391 9392 9393 9394 9395 9396 9397 9398 9399 9400 9401 9402 9403 9404 9405 9406 9407 9408 9409 9410 9411 9412 9413 9414 9415 9416 9417 9418 9419 9420 9421 9422 9423 9424 9425 9426 9427 9428 9429 9430 9431 9432 9433 9434 9435 9436 9437 9438 9439 9440 9441 9442 9443 9444 9445 9446 9447 9448 9449 9450 9451 9452 9453 9454 9455 9456 9457 9458 9459 9460 9461 9462 9463 9464 9465 9466 9467 9468 9469 9470 9471 9472 9473 9474 9475 9476 9477 9478 9479 9480 9481 9482 9483 9484 9485 9486 9487 9488 9489 9490 9491 9492 9493 9494 9495 9496 9497 9498 9499 9500 9501 9502 9503 9504 9505 9506 9507 9508 9509 9510 9511 9512 9513 9514 9515 9516 9517 9518 9519 9520 9521 9522 9523 9524 9525 9526 9527 9528 9529 9530 9531 9532 9533 9534 9535 9536 9537 9538 9539 9540 9541 9542 9543 9544 9545 9546 9547 9548 9549 9550 9551 9552 9553 9554 9555 9556 9557 9558 9559 9560 9561 9562 9563 9564 9565 9566 9567 9568 9569 9570 9571 9572 9573 9574 9575 9576 9577 9578 9579 9580 9581 9582 9583 9584 9585 9586 9587 9588 9589 9590 9591 9592 9593 9594 9595 9596 9597 9598 9599 9600 9601 9602 9603 9604 9605 9606 9607 9608 9609 9610 9611 9612 9613 9614 9615 9616 9617 9618 9619 9620 9621 9622 9623 9624 9625 9626 9627 9628 9629 9630 9631 9632 9633 9634 9635 9636 9637 9638 9639 9640 9641 9642 9643 9644 9645 9646 9647 9648 9649 9650 9651 9652 9653 9654 9655 9656 9657 9658 9659 9660 9661 9662 9663 9664 9665 9666 9667 9668 9669 9670 9671 9672 9673 9674 9675 9676 9677 9678 9679 9680 9681 9682 9683 9684 9685 9686 9687 9688 9689 9690 9691 9692 9693 9694 9695 9696 9697 9698 9699 9700 9701 9702 9703 9704 9705 9706 9707 9708 9709 9710 9711 9712 9713 9714 9715 9716 9717 9718 9719
                v_aa_cert := v_chain[lengthof(v_chain) - 2];
                if (not match(v_aa_cert, mw_aa_certificate(mw_signerInfo_digest))) {
                    log("*** " & testcasename() & ": FAIL: AA certificate not signed by digest ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                log("*** " & testcasename() & ": PASS: AA certificate is signed by digest ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AA_04_01
            
            /**
             * @desc Check that all neccesary subject attributes are present and arranged in accesing order     
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_attributes [0..N] {
             *             indicating subject_attributes[n].type < subject_attributes[n+ 1].type
             *             containing subject_attributes['verification_key']
             *             containing subject_attributes['assurance_level']
             *             containing subject_attributes['its_aid_list']
             *           }
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 6.1, 7.4, 7.4.3
             */
            testcase TC_SEC_SND_CERT_AA_05_01() runs on ItsGeoNetworking system ItsSecSystem {
                var CertificateChain         v_chain;
                var SubjectAttributes        v_attrs;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (lengthof(v_chain) < 2) {
                    log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                }
                if (not match(v_chain[lengthof(v_chain) - 2], 
                             mw_aa_certificate(?,
                                    superset(mw_subject_attribute_verification_key,
                                             mw_subject_attribute_assurance_level,
                                             mw_subject_attribute_its_aid_list)))
                 ) {
                    log("*** " & testcasename() & ": FAIL: Required subject attribute of AA certificate is not found ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                v_attrs := v_chain[lengthof(v_chain) - 2].subject_attributes;
                for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) {
                    if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) {
                        log("*** " & testcasename() & ": FAIL: AA certificate subject attributes are not arranged in accening order ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                }
                
                log("*** " & testcasename() & ": PASS: All required AA certificate subject attributes are presents ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AA_05_01
            
            /**
             * @desc Check that time_start_and_end is included in the AA certificate validation restrictions
             *       Check that end_validity is later then start_validity      
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing validity_restrictions [0..N] {
             *             not containing validity_restrictions['time_end']
             *             and not containing validity_restrictions['time_start_and_duration']
             *             and containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_AA_VALIDITY
             *               containing end_validity
             *                 indicating END_AA_VALIDITY >=START_AA_VALIDITY
             *           }
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 6.7, 7.4, 7.4.3
             */
            testcase TC_SEC_SND_CERT_AA_06_01() runs on ItsGeoNetworking system ItsSecSystem {
                var CertificateChain         v_chain;
                var Certificate              v_aa_cert;
                var ValidityRestriction      v_vr;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (lengthof(v_chain) < 2) {
                    log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                }
                v_aa_cert := v_chain[lengthof(v_chain) - 2];
                if (match (v_aa_cert.validity_restrictions, (superset(mw_validity_restriction_time_end,
                                                                      mw_validity_restriction_time_start_and_duration)))
                ) {
                    log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
                    log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AA_06_01
            
            /**
             * @desc Check that all AIDs containing in the in the its_aid_list in AA certificate are unique
             *       Check that AID list contains not more then 31 items       
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_attributes['its_aid_list']
             *             containing its_aid_list[0..N]
             *               containing no more then 31 unique item
             *           }
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 6.9, 7.4.3
             */
            testcase TC_SEC_SND_CERT_AA_08_01() runs on ItsGeoNetworking system ItsSecSystem {
                var CertificateChain         v_chain;
                var Certificate              v_aa_cert;
                var SubjectAttribute         v_sa;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (lengthof(v_chain) < 2) {
                    log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                }
                v_aa_cert := v_chain[lengthof(v_chain) - 2];
                if (f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) {
                    
                    if (lengthof(v_sa.attribute.its_aid_list) > 31) {
                        log("*** " & testcasename() & ": FAIL: ITS-AID list contains " & int2str(lengthof(v_sa.attribute.its_aid_list)) & " items (>31) ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    for (var integer v_counter :=0; v_counter < lengthof(v_sa.attribute.its_aid_list); v_counter := v_counter + 1) {
                        for (var integer j :=0; j < lengthof(v_sa.attribute.its_aid_list); j := j + 1) {
                            if (v_counter != j and v_sa.attribute.its_aid_list[v_counter] == v_sa.attribute.its_aid_list[j]) {
                                log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_sa.attribute.its_aid_list[j]) & " is duplicated in AA certificate ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                    } // End of 'for' statement
                } else {
                    log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AA_08_01
            
        } // End of group g_AA_Certificates 
        group g_AT_Certificates {
            
            /**
             * @desc Check that the subject_type of the AT certificate is set to 'authorization_ticket'   
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating 'certificate'
             *         containing certificate {
             *           containing subject_info.subject_type
             *             indicating 'authorization_ticket' (1)
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 7.4.1
             */
            testcase TC_SEC_SND_CERT_AT_01_01() runs on ItsGeoNetworking system ItsSecSystem {
                var Certificate         v_at_cert;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
                tc_ac.start;
                if (not f_waitForCertificate(v_at_cert)) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (not match(v_at_cert, mw_at_certificate)) {
                    log("*** " & testcasename() & ": FAIL: Message wasn't signed by AT certificate ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                log("*** " & testcasename() & ": PASS: AT certificate has the 'authorization_ticket' subject_type  ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AT_01_01
            
            /**
             * @desc Check that signer info of the AA certificate is a digest    
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating 'certificate'
             *         containing certificate
             *           containing signer_info {
             *             containing type
             *               indicating 'certificate_digest_with_sha256'
             *             containing digest
             *           }
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 6.1, 7.4, 7.4.1
             */
            testcase TC_SEC_SND_CERT_AT_02_01() runs on ItsGeoNetworking system ItsSecSystem {
                var Certificate         v_at_cert;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
                tc_ac.start;
                if (not f_waitForCertificate(v_at_cert)) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (
                    not match(v_at_cert, mw_certificate(mw_signerInfo_digest))
                ) {
                    log("*** " & testcasename() & ": FAIL: AT certificate doesn't contain a digest of issuing cert ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                log("*** " & testcasename() & ": PASS: The signer info of AT certificate is a digest ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AT_02_01
            
            /**
             * @desc Check that the subject_name variable-length vector is empty for AT certificates     
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating 'certificate'
             *         containing certificates {
             *           containing subject_info.subject_name
             *             indicating length = 0
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 7.4.1
             */
            testcase TC_SEC_SND_CERT_AT_03_01() runs on ItsGeoNetworking system ItsSecSystem {
                var Certificate         v_at_cert;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
                tc_ac.start;
                if (not f_waitForCertificate(v_at_cert)) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (0 != lengthof(v_at_cert.subject_info.subject_name)) {
                    log("*** " & testcasename() & ": FAIL: Subject name of the AT certificate is not empty ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                log("*** " & testcasename() & ": PASS: Subject name of the AT certificate is empty ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AT_03_01
            
            /**
             * @desc Check that all neccesary subject attributes of AT certificate are present and arranged in accesing order     
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating 'certificate'
             *         containing certificate {
             *           containing subject_attributes [0..N] {
             *             indicating subject_attributes[n].type < subject_attributes[n+ 1].type
             *             containing subject_attributes['verification_key']
             *             containing subject_attributes['assurance_level']
             *             containing subject_attributes['its_aid_ssp_list']
             *           }
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 6.1, 7.4, 7.4.1
             */
            testcase TC_SEC_SND_CERT_AT_04_01() runs on ItsGeoNetworking system ItsSecSystem {
                var Certificate         v_at_cert;
                var SubjectAttributes   v_attrs;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
                tc_ac.start;
                if (not f_waitForCertificate(v_at_cert)) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (not match(
                    v_at_cert, 
                        mw_at_certificate(
                            ?,
                            superset(
                                mw_subject_attribute_verification_key,
                                mw_subject_attribute_assurance_level,
                                mw_subject_attribute_its_aid_ssp_list
                 )))) {
                    log("*** " & testcasename() & ": FAIL: Required subject attribute of AT certificate is not found ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                v_attrs := v_at_cert.subject_attributes;
                for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) {
                    if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) {
                        log("*** " & testcasename() & ": FAIL: AT certificate subject attributes are not arranged in ascending order ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                } // End of 'for' statement
                
                log("*** " & testcasename() & ": PASS: All required AT certificate subject attributes are presents and arranged in ascending order ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AT_04_01
            
            /**
             * @desc Check that time_start_and_end is included in the AT certificate validation restrictions
             *       Check that time_start_and_end is inside the AA certificate time restrictions       
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_authority' (2)
             *           containing validity_restrictions['time_start_and_end']
             *             containing start_validity
             *               indicating START_AA_VALIDITY
             *             containing end_validity
             *               indicating END_AA_VALIDITY
             *           }
             *         }
             *         containing certificates[last] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_ticket' (1)
             *           not containing validity_restrictions['time_end']
             *           and not containing validity_restrictions['time_start_and_duration']
             *           and containing validity_restrictions['time_start_and_end'] {
             *             containing start_validity
             *               indicating START_AT_VALIDITY (START_AT_VALIDITY >= START_AA_VALIDITY )
             *             and containing end_validity
             *               indicating END_AT_VALIDITY (END_AT_VALIDITY >= START_AT_VALIDITY <= END_AA_VALIDITY)
             *           }
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 6.7, 7.4, 7.4.1
             */
            testcase TC_SEC_SND_CERT_AT_05_01() runs on ItsGeoNetworking system ItsSecSystem {
                var CertificateChain         v_chain;
                var Certificate              v_aa_cert, v_at_cert;
                var ValidityRestriction      v_vr, v_aa_vr;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (lengthof(v_chain) < 2) {
                    log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                }
                v_aa_cert := v_chain[lengthof(v_chain) - 2];
                v_at_cert := v_chain[lengthof(v_chain) - 1];
                if (match (
                    v_at_cert.validity_restrictions, 
                    (
                        superset(
                            mw_validity_restriction_time_end,
                            mw_validity_restriction_time_start_and_duration
                        )
                    )
                )) {
                    log("*** " & testcasename() & ": FAIL: AT certificate must not contain time_end and time_start_and_duration restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                if ( true != f_getCertificateValidityRestriction(v_at_cert, e_time_start_and_end, v_vr)) {
                    log("*** " & testcasename() & ": FAIL: AT certificate must contain time_start_and_end restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
                    log("*** " & testcasename() & ": FAIL: start validity must not be greater then end validity in the validity restrictions of AT certificate ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_aa_vr)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                if (    v_vr.validity.time_start_and_end.start_validity < v_aa_vr.validity.time_start_and_end.start_validity 
                    or v_vr.validity.time_start_and_end.end_validity > v_aa_vr.validity.time_start_and_end.end_validity
                ) {
                    log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***"); 
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                log("*** " & testcasename() & ": PASS: Time validity restriction of the AT certificate is good ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AT_05_01
            
            /**
             * @desc Check that all AIDs containing in the in the its_aid_ssp_list in AT certificate are unique and exists in the its_aid_list in the AA certificate
             *       Check that the length of SSP of each AID is 31 octet maximum        
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_authority' (2)
             *           containing subject_attributes['its_aid_list']
             *             containing its_aid_list[0..N]
             *               indicating ITS_AID_LIST_AA
             *           }
             *         }
             *         containing certificates[last] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_ticket' (1)
             *           containing subject_attributes['its_aid_ssp_list']
             *             containing its_aid_ssp_list[0..N] {
             *               containing its_aid_ssp_list[n]{
             *                 containing its_aid
             *                   indicating unique value containing in the  ITS_AID_LIST_AA
             *                 containing service_specific_permissions
             *                   indicating length <= 31 octet
             *               }
             *             }
             *           }
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 6.9, 7.4.1
             */
            testcase TC_SEC_SND_CERT_AT_07_01() runs on ItsGeoNetworking system ItsSecSystem {
                var CertificateChain         v_chain;
                var Certificate              v_aa_cert, v_at_cert;
                var SubjectAttribute         v_sa;
                var IntXs                    v_aid_list;
                var ItsAidSsps               v_aid_ssp_list;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (lengthof(v_chain) < 2) {
                    log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                }
                v_aa_cert := v_chain[lengthof(v_chain) - 2];
                v_at_cert := v_chain[lengthof(v_chain) - 1];
                if (not f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                v_aid_list := v_sa.attribute.its_aid_list;
                
                if (not f_getCertificateSubjectAttribute(v_at_cert, e_its_aid_ssp_list, v_sa)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                v_aid_ssp_list := v_sa.attribute.its_aid_ssp_list;
                
                for (var integer v_counter :=0; v_counter < lengthof(v_aid_ssp_list); v_counter := v_counter + 1) {
                    // Check unique
                    for (var integer j :=0; j < lengthof(v_aid_ssp_list); j := j + 1) {
                        if (v_counter != j and v_aid_ssp_list[v_counter].its_aid == v_aid_ssp_list[j].its_aid) {
                            log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is duplicated in AT certificate ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } // End of 'for' statement
//                    if (not match(v_aid_ssp_list[v_counter], (all from v_aid_list))) {
//                        log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is not exist in AA certificate ***");
//                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//                    }
                    // TODO Not possible due to typing To be removed
//                    if (lengthof(v_aid_ssp_list[v_counter].service_specific_permissions.sspContainer) > 31) {
//                        log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " has too long service_specific_permissions ***");
//                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//                    }
                } // End of 'for' statement
                
                log("*** " & testcasename() & ": PASS: The ITS_AID_SSP list of the AT certificate is good ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AT_07_01
            
            /**
             * @desc Check that AT certificate is signed by AA cert         
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a first CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] (CERT_AA) {
             *           containing subject_info.subject_type
             *             indicating 'authorization_authority' (2)
             *           and containing subject_attributes['verification key'] (KEY)
             *         }
             *         containing certificates[last] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_ticket' (1)
             *           }
             *           and containing signer_info[0]{
             *             containing type
             *               indicating 'certificate_digest_with_sha256'
             *             containing digest
             *               referencing to CERT_AA
             *           }
             *           and containing signature
             *             verifiable using KEY
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 6.9, 7.4.1
             */
            testcase TC_SEC_SND_CERT_AT_08_01() runs on ItsGeoNetworking system ItsSecSystem {
                var CertificateChain         v_chain;
                var Certificate              v_aa_cert, v_at_cert;
                var HashedId8                v_aa_digest;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (lengthof(v_chain) < 2) {
                    log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                }
                v_at_cert := v_chain[lengthof(v_chain) - 1];
                v_aa_cert := v_chain[lengthof(v_chain) - 2];
                v_aa_digest := f_calculateDigestFromCertificate(v_aa_cert); 
                
                if (not match(v_at_cert, mw_at_certificate(mw_signerInfo_digest(v_aa_digest)))) {
                    log("*** " & testcasename() & ": FAIL: AT certificate signer info doesn't reference the  AA certificate from the chain ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                if (not f_verifyCertificateSignatureWithIssuingCertificate(v_at_cert, v_aa_cert)) {
                    log("*** " & testcasename() & ": FAIL: AT certificate signature verification failed ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                log("*** " & testcasename() & ": PASS: AT certificate was signed by the AA certificate from the given chain ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AT_08_01
            
            /**
             * @desc Check that the assurance level of the subordinate certificate is equal to or lower than the assurance level of the issuing certificate
             * <pre>
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] (CERT_AA) {
             *           containing subject_attributes ['assurance_level']
             *             containig assurance_level
             *               indicating indicating assurance level AL_AA
             *         }
             *         containing certificates[last] (CERT_AT) {
             *           containing subject_attributes ['assurance_level']
             *             containig assurance_level
             *               indicating indicating assurance level AL_AT (AL_AT <= AL_AA)
             *         }
             *           }
             *         }
             *       }
             *   }
             * }
             * </pre>
             * @reference ETSI TS 103 097 V1.1.14, clauses 6.9, 7.4.1
             */
            testcase TC_SEC_SND_CERT_AT_09_01() runs on ItsGeoNetworking system ItsSecSystem {
                var CertificateChain         v_chain;
                var Certificate              v_aa_cert, v_at_cert;
                var SubjectAttribute         v_sa;
                var SubjectAssurance         v_aa_assurance_level, v_at_assurance_level;
                
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (lengthof(v_chain) < 2) {
                    log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                }
                v_aa_cert := v_chain[lengthof(v_chain) - 2];
                v_at_cert := v_chain[lengthof(v_chain) - 1];
                if (not f_getCertificateSubjectAttribute(v_aa_cert, e_assurance_level, v_sa)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                v_aa_assurance_level := v_sa.attribute.assurance_level;
                
                if (not f_getCertificateSubjectAttribute(v_at_cert, e_assurance_level, v_sa)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                v_at_assurance_level := v_sa.attribute.assurance_level;
                
                if (bit2int(v_aa_assurance_level.levels) < bit2int(v_at_assurance_level.levels)) {
                    log("*** " & testcasename() & ": FAIL: The assurence levels mismatch ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                } else {
                    log("*** " & testcasename() & ": PASS: The assurence levels match ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_SND_CERT_AT_09_01
            
        } // End of group g_AT_Certificates 
        
    } // End of group g_Certificates
    
} // End of module ItsSecurity_TestCase