Skip to content
ItsSecurity_TestCases.ttcn3 1.34 MiB
Newer Older
/**
 *  @author   ETSI / STF481
 *  @version  $URL$
garciay's avatar
garciay committed
 *            $Id$
 *  @desc     Testcases  file for Security Protocol
 *  @see      Draft ETSI TS 103 097 V1.1.15
 */
module ItsSecurity_TestCases {
    
    // Libcommon
    import from LibCommon_Time all;
    import from LibCommon_VerdictControl all;
    import from LibCommon_Sync all;
garciay's avatar
garciay committed
    import from LibCommon_BasicTypesAndValues all;
garciay's avatar
garciay committed
    // LibIts
    import from DENM_PDU_Descriptions language "ASN.1:1997" all;
    import from ITS_Container language "ASN.1:1997" all;
    
    // LibItsCommon
    import from LibItsCommon_Functions all;
    
    // LibItsGeoNetworking
    import from LibItsGeoNetworking_TestSystem all;
    import from LibItsGeoNetworking_Functions all;
    import from LibItsGeoNetworking_Templates all;
    import from LibItsGeoNetworking_TypesAndValues all;
    import from LibItsGeoNetworking_Pics all;
    import from LibItsGeoNetworking_Pixits all;

    // LibItsBtp
    import from LibItsBtp_TypesAndValues all;
    import from LibItsBtp_Templates all;

    // LibItsCam
    import from LibItsCam_Templates all;
garciay's avatar
garciay committed
    import from LibItsCam_Functions all;
    import from LibItsCam_Templates all;
    import from LibItsCam_Functions all;
    import from LibItsCam_TestSystem all;
    
    // LibItsDenm
    import from LibItsDenm_TypesAndValues all;
garciay's avatar
garciay committed
    import from LibItsDenm_Templates all;
    import from LibItsDenm_TestSystem all;
    
garciay's avatar
garciay committed
    // LibItsSecurity
    import from LibItsSecurity_TypesAndValues all;
    import from LibItsSecurity_Templates all;
    import from LibItsSecurity_Functions all;
    import from LibItsSecurity_Pixits all;
    import from LibItsSecurity_Pics all;
    
    // AtsSecurity
    import from AtsSecurity_TestSystem all;
    import from AtsSecurity_Functions all;
    import from AtsSecurity_Templates all;
    
garciay's avatar
garciay committed
    /**
     * @desc Sending behaviour test cases
     * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2 Sending behaviour
     */
    group sendingBehavior {

        /**
         * @desc    Check that ITS-S sends a SecuredMessage containing protocol version set to 2
         * <pre>
garciay's avatar
garciay committed
         * Pics Selection: PICS_GN_SECURITY
         * Config Id: CF01
         * Initial conditions:
         *  with {
         *      the IUT being in the 'authorized' state
         *  }
         * Expected behaviour:
         * ensure that {
         *     when { 
garciay's avatar
garciay committed
         *         the IUT is requested to send a SecuredMessage
garciay's avatar
garciay committed
         *         the IUT sends a SecuredMessage
         *             containing protocol_version 
         *                 indicating value '2'
garciay's avatar
garciay committed
         * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_MSG_01_01_BV
garciay's avatar
garciay committed
         * @reference   ETSI TS 103 097 [1], clause 5.1
        testcase TC_SEC_ITSS_SND_MSG_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
            // Local variables
            var LongPosVector v_longPosVectorIut;
                
            // Test control
garciay's avatar
garciay committed
            if (not(PICS_GN_SECURITY)) {
                log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
            // Test component configuration
            f_cf01Up();
            v_longPosVectorIut := f_getPosition(c_compIut);
                
            // Test adapter configuration
            // Preamble
            f_prNeighbour();
            f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
            
            // Test Body
            tc_ac.start;
            alt {
                [] geoNetworkingPort.receive(mw_geoNwInd(mw_geoNwSecPdu(mdw_securedMessage_dummy))) {
                    tc_ac.stop;
                    log("*** " & testcasename() & ": PASS: Security protocol version set to 2 ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                [] tc_ac.timeout {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                }
            } // End of 'alt' statement
            
            // Postamble
            f_acTriggerEvent(m_stopPassBeaconing);
            f_poNeighbour();
            f_cf01Down();
            
        } // End of testcase TC_SEC_ITSS_SND_MSG_01_01_BV
garciay's avatar
garciay committed
         * @desc    Check that when IUT sends the message signed with the digest, then this digest points to the AT certificate 
         * Pics Selection: PICS_GN_SECURITY
         * Config Id: CF01
         * Initial conditions:
garciay's avatar
garciay committed
         *    with {
         *        the IUT being in the 'authorized' state
         *        and the IUT is configured to send more than one CAM per second
         *        and the IUT having sent last CAM
         *            containing header_fields['signer_info'].signer.type
         *                indicating 'certificate'
garciay's avatar
garciay committed
         * Expected behaviour:
         *   ensure that {
         *       when {
         *           the IUT is requested to send next CAM
         *       } then {
         *           the IUT sends a SecuredMessage
         *               containing header_fields ['signer_info']
         *                  containing signer
         *                      containing type
         *                          indicating 'certificate_digest_with_sha256'
         *                      and containing digest
         *                          referencing the certificate
         *                              containing subject_info.subject_type
         *                                  indicating 'authorization_ticket'
         *     }
         *   } 
garciay's avatar
garciay committed
         * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_MSG_04_01_BV
         * @reference   ETSI TS 103 097 [1], clause 6.3
        testcase TC_SEC_ITSS_SND_MSG_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
            // Local variables
            var SecuredMessage v_recv;
            var Certificate v_cert;
            var LongPosVector v_longPosVectorIut;
            var ItsCam v_component;
            if (not(PICS_GN_SECURITY)) {
                log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                stop;
            }
            
            // Test component configuration
            f_cf01Up();
            v_longPosVectorIut := f_getPosition(c_compIut);
                
            // Test adapter configuration
                
            // Preamble
            f_prNeighbour();
            v_component := f_setCamFrequencyGreatherThan1Hz();
            // execution will be stopped if cert is not received during tc_ac 
            log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
            tc_ac.start;
            f_waitForCertificate(v_cert);
            tc_ac.stop;
            if (v_cert.subject_info.subject_type != e_authorization_ticket) {
                log("*** " & testcasename() & ": FAIL: received certificate is not an AT certificate  ***");
                f_selfOrClientSyncAndVerdictTestBody(c_prDone, e_error);
            }
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
            
            // Test Body
            tc_ac.start;
            alt {
                [] a_securedMessageWithDigest (v_recv) {
                    var SignerInfo v_si;
                    tc_ac.stop;
                    if (f_getMsgSignerInfo(v_recv, v_si) == true) {
                        if (v_si.signerInfo.digest == f_calculateDigestFromCertificate(v_cert)) {
                            log("*** " & testcasename() & ": PASS: Digest corresponds to the AT certificate ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                        } else {
                            log("*** " & testcasename() & ": FAIL: Digest corresponds to unknown certificate ***");
                            log("f_calculateDigestFromCertificate(v_cert)=", f_calculateDigestFromCertificate(v_cert));
                            log("v_si.signerInfo.digest=", v_si.signerInfo.digest);
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } else {
                        log("*** " & testcasename() & ": FAIL: Received message is not signed well ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                }
                [] tc_ac.timeout {
                    log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                } 
            } // End of 'alt' statement
            
            // Postamble
            f_terminateCam(v_component);
            f_poNeighbour();
            f_cf01Down();
            
        } // End of testcase TC_SEC_ITSS_SND_MSG_04_01_BV
        
        /**
         * @desc    Check that IUT uses the AT certificate to sign messages
         * <pre>
         * Pics Selection: PICS_GN_SECURITY
         * Config Id: CF01
         * Initial conditions:
garciay's avatar
garciay committed
         *   with {
         *       the IUT being in the 'authorized' state
         *       the IUT being requested to include certificate in the next CAM
         *   }
         *   ensure that {
         *     when {
         *         the IUT is requested to send a next CAM
         *     } then {
         *         the IUT sends a SecuredMessage
garciay's avatar
garciay committed
         *             containing header_fields ['signer_info']
         *                 containing signer
         *                     containing type
         *                         indicating 'certificate'
         *                     containing certificate
         *                         containing subject_info.subject_type
         *                             indicating 'authorization_ticket'
garciay's avatar
garciay committed
         *       }
         *   }
garciay's avatar
garciay committed
         * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_MSG_04_02_BV
         * @reference   ETSI TS 103 097 [1], clause 6.3
        testcase TC_SEC_ITSS_SND_MSG_04_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
            // Local variables
            var SecuredMessage v_recv;
            var Certificate v_cert;
            var LongPosVector v_longPosVectorIut;
            
            // Test control
            if (not(PICS_GN_SECURITY)) {
                log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                stop;
            }
            
            // Test component configuration
            f_cf01Up();
            v_longPosVectorIut := f_getPosition(c_compIut);
                
            // Test adapter configuration
            
            // Preamble
            f_prNeighbour();
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
            
            // Test Body
            tc_ac.start;
            alt {
                [] a_securedMessageWithCertificate(v_recv) {
                    var SignerInfo v_si;
                    if (f_getMsgSignerInfo(v_recv, v_si)) {  
                        v_cert :=  v_si.signerInfo.certificate;
                        if (v_cert.subject_info.subject_type != e_authorization_ticket ) {
                            log("*** " & testcasename() & ": FAIL: received certificate is not an AT certificate  ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        log("*** " & testcasename() & ": PASS: message signed with AT certificate");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    } else {
                        log("*** " & testcasename() & ": FAIL: received message is not signed well  ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                }
                [] tc_ac.timeout {
                    log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                } 
            } // End of 'alt' statement
            
            // Postamble
            f_poNeighbour();
            f_cf01Down();
        } // End of testcase TC_SEC_ITSS_SND_MSG_04_02_BV
        
        /**
         * @desc    Check that the SecuredMessage signature containes the ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only
         * <pre>
         * Pics Selection: PICS_GN_SECURITY
         * Config Id: CF01
         * Initial conditions:
garciay's avatar
garciay committed
         *   with {
         *       the IUT being in the 'authorized' state
         *   }
         *   ensure that {
         *     when {
         *         the IUT is requested to send a next CAM
         *     } then {
garciay's avatar
garciay committed
         *         the IUT sends a SecuredMessage 
         *             containing header_fields ['its_aid']
         *                 containing its_aid
         *                     indicating 'AID_CAM'
         *             and containing trailer_fields['signature']
         *                 containing signature.ecdsa_signature
         *                     containing R.type
         *                         indicating compressed_lsb_y_0
         *                         or indicating compressed_lsb_y_1 
         *                         or indicating x_coordinate_only
garciay's avatar
garciay committed
         *  }
garciay's avatar
garciay committed
         * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_MSG_05_01_BV
         * @reference   ETSI TS 103 097 [1], clause 4.2.9
        testcase TC_SEC_ITSS_SND_MSG_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
            // Local variables
            var LongPosVector v_longPosVectorIut;
            
            // Test control
            if (not(PICS_GN_SECURITY)) {
                log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                stop;
            }
            
            // Test component configuration
            f_cf01Up();
            v_longPosVectorIut := f_getPosition(c_compIut);
                
            // Test adapter configuration
            
            // Preamble
            f_prNeighbour();
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
            
            // Test Body
            tc_ac.start;
            alt {
                [] geoNetworkingPort.receive(
                    mw_geoNwInd(
                        mw_geoNwSecPdu(
                            mdw_securedMessage_CAMs(
                                ?,
                                ?,
                                {
                                    mw_trailer_field_signature(
                                        mw_signature(
                                            mw_ecdsaSignature(
                                                mw_eccPointecdsa_nistp256_with_sha256_y0_coordinate_only,
                                                ?
                                            )
                                        )
                                    )
                                }
                            ),
                            ?
                ))) {
                    tc_ac.stop;
                    log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to compressed_lsb_y_0 received ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                [] geoNetworkingPort.receive(
                    mw_geoNwInd(
                        mw_geoNwSecPdu(
                            mdw_securedMessage_CAMs(
                                ?,
                                ?,
                                {
                                    mw_trailer_field_signature(
                                        mw_signature(
                                            mw_ecdsaSignature(
                                                mw_eccPointecdsa_nistp256_with_sha256_y1_coordinate_only,
                                                ?
                                            )
                                        )
                                    )
                                }
                            ),
                            ?
                ))) {
                    tc_ac.stop;
                    log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to compressed_lsb_y_1 received ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                [] geoNetworkingPort.receive(
                    mw_geoNwInd(
                        mw_geoNwSecPdu(
                            mdw_securedMessage_CAMs(
                                ?,
                                ?,
                                {
                                    mw_trailer_field_signature(
                                        mw_signature(
                                            mw_ecdsaSignature(
                                                mw_eccPointecdsa_nistp256_with_sha256_x_coordinate_only
                                            )
                                        )
                                    )
                                }
                            ),
                            ?
                ))) {
                    tc_ac.stop;
                    log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to x_coordinate_only received ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                [] geoNetworkingPort.receive(
                    mw_geoNwInd(
                        mw_geoNwSecPdu(
                            mdw_securedMessage_CAMs
                ))) {
                    tc_ac.stop;
                    log("*** " & testcasename() & ": Failed: Expected CAM message received ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                [] tc_ac.timeout {
                    log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                } 
            } // End of 'alt' statement
            
            // Postamble
            f_poNeighbour();
            f_cf01Down();
        } // End of testcase TC_SEC_ITSS_SND_MSG_05_01_BV
garciay's avatar
garciay committed
        /**
         * @desc Sending behaviour test cases for CAM profile
         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.4 CAM profile
         */
        group sendCAMProfile {
            
            /**
             * @desc    Check that the sent Secured CAM contains a HeaderField its_aid that is set to 'AID_CAM' 
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *     the IUT being in the 'authorized' state
             * }
             * ensure that {
             *     when {
             *         the IUT is requested to send a CAM
             *     } then {
             *         the IUT sends a SecuredMessage
             *             and containing header_fields['its_aid']
             *                 indicating 'AID_CAM'
             *     }
             * }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TC_SEC_ITSS_SND_CAM_01_01_BV
             * @reference    ETSI TS 103 097 [1], clause 5.4 and 7.1
garciay's avatar
garciay committed
             */
            testcase TC_SEC_ITSS_SND_CAM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var HeaderFields v_headersFields;
                var integer v_previousHeaderType;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        ?, 
                                        ?, 
                                        mw_header_field_its_aid_CAM
                                    )
                                ), 
                                ?
                    ))) -> value v_geoNwInd {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: 'its_aid' is set to 'AID_CAM'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    } 
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_01_01_BV
            
            /**
             * @desc    Check that the secured CAM contains exactly one element of these header fields: signer_info, generation_time, its_aid.
                        Check that the header fields are in the ascending order according to the numbering of the enumeration except of the signer_info, which is encoded first.
                        Check that generation_time_standard_deviation, expiration, encryption_parameters, recipient_info are not used
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *     the IUT being in the 'authorized' state
             * }
             * ensure that {
             *     when {
             *         the IUT is requested to send a CAM
             *     } then {
             *         the IUT sends a SecuredMessage  {
             *             containing header_fields[0]
             *                 containing type 
             *                     indicating 'signer_info'
             *             and containing header_fields [n].type
             *                 indicating value < header_fields [n+1].type
             *             and containing header_fields ['generation_time']
             *             and containing header_fields['its_aid']
             *                 indicating 'AID_CAM'
             *             and not containing header_fields['generation_time_standard_deviation']
             *             and not containing header_fields['expiration']
             *             and not containing header_fields['encryption_parameters']
             *             and not containing header_fields['recipient_info']
             *         }
             *     }
             * }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_02_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var HeaderFields v_headersFields;
                var integer v_previousHeaderType;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(
                                            e_signer_info
                                        ), 
                                        mw_header_field(e_generation_time), 
                                        mw_header_field_its_aid_CAM
                                    )
                                ), 
                                mw_geoNwPduWithPayload(
                                    ?,
                                    ?,
                                    mw_secCamPayload).packet
                    ))) -> value v_geoNwInd {
                        tc_ac.stop;
                        
                        // Process header fields manually
                        v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
                        
                        // Check that signerInfo is first header
                        if ((lengthof(v_headersFields) < 1) or not match(v_headersFields[0].type_, e_signer_info)) {
                            log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                       
                        for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
                            // Check forbidden header
                            if (match(v_headersFields[v_counter].type_, e_generation_time_standard_deviation)) {
                                log("*** " & testcasename() & ": FAIL: Forbidden header present");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            } 
                            if (match(v_headersFields[v_counter].type_, e_signer_info)) {
                                log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            } 
                            
                            if (v_counter > 1 ) {
                                // Check that headers are ordered
                                if (match(v_headersFields[v_counter].type_, integer:(0..v_previousHeaderType))) {
                                    // Check that header is duplicated
                                    if (match(v_headersFields[v_counter].type_, v_previousHeaderType)) {
                                        log("*** " & testcasename() & ": FAIL: multiple instances of same header");
                                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                    }else{
                                        log("*** " & testcasename() & ": FAIL: headers not in correct order");
                                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                    }
                            v_previousHeaderType := enum2int(v_headersFields[v_counter].type_);
                        } // End of 'for' statement
                        
                        log("*** " & testcasename() & ": PASS: correct secured packet received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    } 
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_02_01_BV
garciay's avatar
garciay committed
             * @desc    Check that the secured CAM contains the signer_info field of certificate when over the time of one 
             *          second no other SecuredMessage contained a signer_info of type certificate.
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             *     and the IUT is configured to send more then one CAM per second
             *     and the IUT having sent a CAM
             *         containing header_fields['signer_info'].signer.type
             *             indicating 'certificate'
             *         contains header_fields['generation_time']
             *             indicating TIME_LAST
             *     }
             * ensure that {
             *     when {
garciay's avatar
garciay committed
             *         the IUT is sending CAM
garciay's avatar
garciay committed
             *             containing header_fields['signer_info']
             *                 containing signer
             *                     containing type
             *                         indicating 'certificate'
             *     } then {
             *         this message
             *             contains header_fields['generation_time']
             *                 indicating TIME (TIME >= TIME_LAST + 1sec)
             *     }
             * }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_05_01_BV
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const integer c_cntTimeLimit := 10;
                const float c_certificateGenerationTime := 1.0;
                
                timer t_minTransInterval := c_certificateGenerationTime * 0.8;
                var integer v_cntTime := 0;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                     [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                     )))) { 
                        tc_ac.stop;
                        t_minTransInterval.start;
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    )))) {
                        if(t_minTransInterval.running){
                            t_minTransInterval.stop;
                            log("*** " & testcasename() & ": FAIL: CAM with certificate has been received inside 1 sec after previous one ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        v_cntTime := v_cntTime + 1;
                        if (v_cntTime == c_cntTimeLimit) { // Exit message loop
                            log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            // end of alt
                        }
                        else {
                            log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); 
                            t_minTransInterval.start;
                            repeat;
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_digest
                        log("*** " & testcasename() & ": INFO: CAM retransmission with digest ***"); 
                        repeat;
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
                        log("*** " & testcasename() & ": FAIL: Neither Certificate not Digest in received CAM ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] t_minTransInterval.timeout {
                        log("*** " & testcasename() & ": INFO: One of next CAMS must have a certificate ***");
                        repeat;
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_05_01_BV
garciay's avatar
garciay committed
             * @desc    Check that the secured CAM contains the signer_info field of certificate when the timeout of 1 second 
             *          has been expired after the previous CAM containing the certificate.
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having sent a CAM
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
garciay's avatar
garciay committed
             *          at TIME_LAST 
             *  }
             *  ensure that {
             *      when {
garciay's avatar
garciay committed
             *          the IUT is sending a CAM
             *              containing header_fields['generation_time']
             *                  indicating TIME >= TIME_LAST + 1sec
garciay's avatar
garciay committed
             *          this message is
garciay's avatar
garciay committed
             *              containing header_fields ['signer_info']
             *                  containing signer
             *                      containing type
             *                          indicating 'certificate'
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_05_02_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 4.2.9
            testcase TC_SEC_ITSS_SND_CAM_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                const integer c_cntTimeLimit := 10;
                const float c_certificateGenerationTime := 1.0;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 1.15;
                var integer v_cntTime := 0;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                     [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                     )))) { 
                        t_maxTransInterval.start;
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    )))) {
                        t_maxTransInterval.stop;
                        v_cntTime := v_cntTime + 1;
                        if (v_cntTime == c_cntTimeLimit) { // Exit message loop
                            log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            // end of alt
                            t_maxTransInterval.start;
                            log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); 
                            repeat;
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_digest
                    )))) {
                        log("*** " & testcasename() & ": INFO: CAM retransmission with digest ***"); 
                        repeat;
                    [] t_maxTransInterval.timeout {
                        log("*** " & testcasename() & ": FAIL: CAM with certificate was not received in 1 sec after previous one ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_05_02_BV
garciay's avatar
garciay committed
             * @desc    Check that ITS-S sends a Secured CAM containing the signer_info of type certificate 
             *          when the ITS-S received a CAM from an unknown ITS-S 
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent CAM at TIME_1
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
garciay's avatar
garciay committed
             *      and the IUT having received a SecuredMessage at TIME_2 (TIME_1 < TIME_2 < TIME_1+ 1sec)
             *          containing header_fields['signer_info']
             *              containing signer
             *                  containing type
             *                      indicating 'certificate_digest_with_sha256'
             *                  containing digest
             *                      indicating HashedId3 value
             *                          referenced to unknown certificate
             *  }
             *  ensure that {
             *      when {
garciay's avatar
garciay committed
             *          the IUT is requested to send CAM at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
             *              containing header_fields[0]
             *                  containing type 
             *                      indicating 'signer_info'
garciay's avatar
garciay committed
             *                  and containing signer
             *                      containing type
             *                          indicating 'certificate'
garciay's avatar
garciay committed
             *                      and containing certificate
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_06_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clauses 5.4 and 7.1
            testcase TC_SEC_ITSS_SND_CAM_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                timer t_maxTransInterval := 0.3;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                     [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                     )))) { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                        
                        // Send secured message from unknown ITS-S
                        geoNetworkingPort.clear;
                        f_sendSecuredCam(cc_taCert_F, omit, e_certificate_digest_with_sha256);
                        
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                }
                
                // Test Body
                t_maxTransInterval.start;
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    )))) {
                        tc_ac.stop; 
                        t_maxTransInterval.stop;
                        log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
                        repeat;
                    }
                    [] t_maxTransInterval.timeout {
                        log("*** " & testcasename() & ": FAIL: CAM was transmited w/o unrecognized request header ***"); 
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_06_01_BV
            
            /**
             * @desc    Check that IUT restart the certificate sending timer when the certificate has been sent
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more then one CAM per second
             *      and the IUT having already sent CAM at TIME_1
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
garciay's avatar
garciay committed
             *      and the IUT having received a CAM at TIME_2 (TIME_1 +0.3sec)
             *          containing header_fields['request_unrecognized_certificate']
             *              containing digests
             *                  containing HashedId3 value
             *                      referencing to the the IUT certificate
             *      and the IUT having sent CAM at TIME_3 (TIME_3 > TIME_2)
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *  }
             *  ensure that {
             *      when {
             *          the IUT is sending the next CAM at TIME_4
             *              containing header_fields['signer_info'].signer.type
             *                  indicating 'certificate'
             *      } then {
             *          the difference between TIME_4 and TIME_3 is about of 1sec
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_07_01_TI
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_07_01_TI() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 1.0;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
                var ItsCam v_component;
                var boolean v_firstCertReceived := false;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                v_component := f_setCamFrequencyGreatherThan1Hz();
                    [v_firstCertReceived == false] geoNetworkingPort.receive(
                                                    mw_geoNwInd(
                                                        mw_geoNwSecPdu(
                                                            mdw_securedMessage_CAMs(
                                                                mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd {
                        log("*** " & testcasename() & ": INFO: Initial conditions: The first CAM with certificate is received ***");
                        v_firstCertReceived := true;
                        f_sleep(0.3);
                        // Send secured message with request for unrecognized certificate
                        f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerInfo);
                        f_sendSecuredCam(
                            {
                                m_header_field_unrecognised_certificate(
                                    f_HashedId3FromHashedId8(
                                       f_calculateDigestFromCertificate(
                                           v_signerInfo.signerInfo.certificate
                                       )
                            },
                            e_certificate_digest_with_sha256
                        );
                        repeat;
                    }
                    [v_firstCertReceived == true] geoNetworkingPort.receive(
                                                    mw_geoNwInd(
                                                        mw_geoNwSecPdu(
                                                            mdw_securedMessage_CAMs(
                                                                mw_header_field_signer_info_certificate
                    )))) {
                        tc_ac.stop;
                        // start a timeout of one second to check
                        // that the next cert will be received after this timeout
                        t_maxTransInterval.start;
                        log("*** " & testcasename() & ": INFO: Initial conditions: The requested CAM with certificate is received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    )))) {
                        tc_ac.stop;
                        t_maxTransInterval.stop;
                        log("*** " & testcasename() & ": FAIL: CAM certificate inclusion time wasn't restarted ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); 
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: The CAM certificate inclusion timer has been restarted ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_07_01_TI
garciay's avatar
garciay committed
             * @desc    Check that the IUT sends the Secured CAM containing the signer_info of type certificate 
             *          when it received a CAM containing a request of unrecognized certificate that matches 
             *          with the currently used AT certificate ID of the IUT 
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent CAM at TIME_1
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate' 
garciay's avatar
garciay committed
             *      and the IUT having received a SecuredMessage at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
             *          containing header_fields['request_unrecognized_certificate']
             *              containing digests {
             *                  containing HashedId3 value
             *                      referencing to the AT certificate
             *                  and not containing HashedId3 value
             *                      referencing to the AA certificate
             *              }
             *  }
             *  ensure that {
             *      when {
garciay's avatar
garciay committed
             *          the IUT is requested to send a CAM at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
             *              containing header_fields['signer_info']
             *                  containing signer
             *                      containing type
             *                          indicating 'certificate'
             *                      containing certificate
             *                          referenced by the requested digest 
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_08_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 1.0;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                var SignerInfo v_si;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd {
                        t_maxTransInterval.start;
                        
                        f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
                        
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                        
                        // Send secured message with request for unrecognized certificate
                        f_sendSecuredCam(
                                m_header_field_unrecognised_certificate(                // containing digests
                                    f_HashedId3FromHashedId8(                           // containing HashedId3 value
                                        f_calculateDigestFromCertificate(
                                            v_si.signerInfo.certificate                 //     referencing to the AT certificate
                                        )
                                    )    
                                                                                        // and not containing HashedId3 value referencing to the AA certificate
                                )
                        
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate(
                                        v_si.signerInfo.certificate
                                    )
                        t_maxTransInterval.stop;
                        log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); 
                        repeat;
                    }
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": FAIL: Requested certificate was not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_08_01_BV
garciay's avatar
garciay committed
             * @desc    Check that the sent secured CAM contains the signer_info of type certificate_chain 
             *          when the ITS-S has received a CAM containing a request of unrecognized certificate that matches 
             *          with the AA certificate ID that issued its currently used AT certificate ID of the IUT
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent a CAM
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *          at TIME_1
             *      and the IUT having received a SecuredMessage
             *          containing header_fields['request_unrecognized_certificate'] {
             *              containing digests {
             *                  containing HashedId3 value
             *                      referencing to the AA certificate
             *              }
             *          }
             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1+ 1sec)
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+ 1sec)
             *      } then {
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
             *              containing header_fields['signer_info']
             *                  containing signer
             *                      containing type
             *                          indicating 'certificate_chain'
             *                      containing certificates[last]
             *                          indicating the AT certificate
             *                      containing certificates[last-1]
             *                          indicating the AA certificate
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_09_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const float c_certificateGenerationTime := 1.0;
                
                timer t_maxTransInterval := c_certificateGenerationTime * 0.9;
                var GeoNetworkingInd v_geoNwInd;
                var ItsCam v_component;
                var SignerInfo v_si;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                geoNetworkingPort.clear;
                v_component := f_setCamFrequencyGreatherThan1Hz();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    ))))  -> value v_geoNwInd { 
                        t_maxTransInterval.start;
                        f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si);
                        f_getCertificateSignerInfo(v_si.signerInfo.certificate, v_si);
                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                                                
                        // Send secured message with request for unrecognized certificate
                        f_sendSecuredCam(
                            {
                                m_header_field_unrecognised_certificate(                    // containing digests
                                    f_HashedId3FromHashedId8(                               //     containing HashedId3 value
                                        v_si.signerInfo.digest                              //         referencing to the AA certificate
                                    )
                                )
                            });
                        
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of 'alt' statement
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate_chain
                    )))) -> value v_geoNwInd {
                        var SignerInfo v_signerInfo;
                        var CertificateChain v_certificates;
                        var integer v_certificateChainLength;
                        
                        t_maxTransInterval.stop;
                        // Extract certificate chain
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        v_certificates := v_signerInfo.signerInfo.certificates;
                        v_certificateChainLength := lengthof(v_certificates);
                        if (v_certificateChainLength >= 2) { // Check length
                            if ( // Check Content
                                not(
                                    (v_certificates[0].subject_info.subject_type == e_authorization_authority) and 
                                        // Check the certificate chain contains certificates[last] indicating the AT certificate
                                    (v_certificates[1].subject_info.subject_type == e_authorization_ticket)
                                        // Check the certificate chain contains certificates[last-1] indicating the AA certificate
                            )) {
                                log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); 
                                log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successful ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            } 
                            log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content length ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); 
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***"); 
                        repeat;
                    }
                    [] t_maxTransInterval.timeout {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                } // End of 'alt' statement
                
                // Postamble
                f_terminateCam(v_component);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_09_01_BV
garciay's avatar
garciay committed
            /**
             * @desc    Check that the sent secured CAM contains exactly one HeaderField generation_time which is inside 
             *          the validity time of the certificate referenced by the signer_info
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      the IUT being requested to include certificate in the next CAM 
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send CAM
             *      } then {
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage 
garciay's avatar
garciay committed
             *              containing security_profile
             *                  indicating '1'
garciay's avatar
garciay committed
             *              containing header_fields ['generation_time'] 
garciay's avatar
garciay committed
             *                  containing generation_time
             *                      indicating TIME_1 (CUR_TIME - 5min <= TIME_1 <= CUR_TIME + 5min)
garciay's avatar
garciay committed
             *              containing header_fields ['signer_info'] 
             *                  containing signer 
garciay's avatar
garciay committed
             *                      containing type
             *                          indicating 'certificate'
garciay's avatar
garciay committed
             *                      containing certificate 
garciay's avatar
garciay committed
             *                          not containing validity_restrictions['time_start_and_end']
garciay's avatar
garciay committed
             *                          or containing validity_restrictions['time_start_and_end'] 
garciay's avatar
garciay committed
             *                              containing start_validity
             *                                  indicating value <= TIME_1
             *                              containing end_validity
             *                                  indicating value > TIME_1
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_10_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clauses 5.4 and 7.1
             */
            testcase TC_SEC_ITSS_SND_CAM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                const integer c_timeThreshold := 1000 * 60; /** Time threshold in milliseconds */
                
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
                var Certificate v_certificate;
                var HeaderField v_headerField;
                var Time64 v_generationTime;
                var ValidityRestriction v_validity;
                var integer v_currentTime, v_lowerBound, v_upperBound;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_generation_time, 
                                        mw_header_field_signer_info_certificate,
                                        mw_header_field_its_aid_CAM
                    ))))) -> value v_geoNwInd {
                        tc_ac.stop; 
                        log("*** " & testcasename() & ": INFO: CAM transmission with certificate ***");
                        
                        v_currentTime := f_getCurrentTime();
                        log("v_currentTime (us)=", v_currentTime * 1000);
                        v_lowerBound := (v_currentTime - c_timeThreshold) * 1000;
                        v_upperBound := (v_currentTime + c_timeThreshold) * 1000;
                        
                        // Extract generation_time
                        f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField);
                        v_generationTime := v_headerField.headerField.generation_time;
                        
                        // Extract certificate
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        v_certificate := v_signerInfo.signerInfo.certificate;
                         
                        // Check current time 
                        if (match(v_generationTime, (v_lowerBound .. v_upperBound))) {
                            log("*** " & testcasename() & ": PASS: Generation time matches current time ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
                        } else {
                            log("*** " & testcasename() & ": FAIL: Generation time does not match current time " & int2str(v_currentTime) & " . ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }   
                        
                        // Check generation_time validity
                        if (
                            not(f_getCertificateValidityRestriction(v_certificate, e_time_start_and_end, v_validity)) or 
                            (v_generationTime >= (v_validity.validity.time_start_and_end.start_validity * 1000000) and 
                            (v_generationTime < (v_validity.validity.time_start_and_end.end_validity * 1000000)))
                        ) {
                            log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); 
                        } else {
                            log ("start_validity (in us)=", v_validity.validity.time_start_and_end.start_validity * 1000000);
                            log ("end_validity (in us)  =", v_validity.validity.time_start_and_end.end_validity * 1000000);
                            log("*** " & testcasename() & ": FAIL: Generation time not within certificate validity ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                    ))) {
                        log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate  ***"); 
                        repeat;
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_10_01_BV
            
garciay's avatar
garciay committed
             * @desc    Check that the IUT sends certificate request when it receives a message from unknown station
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             *      and the IUT has receiving a SecuredMessage
             *          containing header_fields['signer_info'].signer
             *              containing type
             *                  indicating 'certificate_digest_with_sha256'
             *              containing digest
             *                  indicating HashedId3 value DIGEST_A
             *                      referenced to unknown certificate
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send CAM
             *      } then {
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
             *              containing header_fields['request_unrecognized_certificate']
             *                  containing digests
             *                      containing HashedId3 value
             *                          indicating DIGEST_A
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_12_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_12_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var HashedId8 v_expectedHashedId8;
                var HashedId3 v_expectedHashedId3;
                var GeoNetworkingPdu v_securedGnPduToBeSent;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Send secured message from unknown ITS-S
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                
                f_getCertificateDigest(
                    cc_taCert_F,
                    v_expectedHashedId8
                );
                v_expectedHashedId3 := f_HashedId3FromHashedId8(v_expectedHashedId8);
                
                // preamble: waiting for CAM with certificate and send a CAM with unknown digest right after that
                v_securedGnPduToBeSent := f_prepareSecuredCam(cc_taCert_F);
                   
                geoNetworkingPort.clear;
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive
                    {
                        f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPduToBeSent));
                        tc_ac.stop;

                        log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    }                        
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***");
                        f_selfOrClientSyncAndVerdictPreamble("error", e_timeout);
                    }
                } // End of preamble 'alt' statement

                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_request_unrecognized_certificate(
                                        { v_expectedHashedId3 }
                    ))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: CAM received with request for unrecognized certificate");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs
                        log("*** " & testcasename() & ": FAIL: CAM received without request for unrecognized certificate ***"); 
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_12_01_BV
garciay's avatar
garciay committed
             * @desc    Check that the Secured CAM contains non-empty payload of type signed
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
             *      } then {
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
             *              containing payload_field
garciay's avatar
garciay committed
             *                  containing exactly one element of type Payload
             *                      containing type
             *                          indicating 'signed'
             *                      containing not-empty data
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_14_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_14_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    ?, 
                                    mw_payload(
                                        e_signed
                    ))))) {
                        tc_ac.stop;
                        
                        log("*** " & testcasename() & ": PASS: CAM received with exactly 1 signed payload");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_14_01_BV
            
            /**
             * @desc    Check that the secured CAM contains only one TrailerField of type signature.
garciay's avatar
garciay committed
             *          Check that the signature contained in the SecuredMessage is calculated over the right fields by 
             *          cryptographically verifying the signature.
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
             *      } then {
garciay's avatar
garciay committed
             *          the IUT sends a SecuredMessage
            *              containing header_fields ['signer_info']
             *                  containing signer
             *                      containing type
             *                          indicating 'certificate_digest_with_sha256'
             *                      containing digest
             *                          referenced to the certificate
             *                              containing subject_info.subject_type
             *                                  indicating 'authorization_ticket' (2)
             *                              and containing subject_attributes['verification key'] (KEY)
garciay's avatar
garciay committed
             *                  or containing signer
             *                      containing type
             *                          indicating 'certificate'
             *                      containing certificate
             *                          containing subject_info.subject_type
             *                              indicating 'authorization_ticket' (2)
             *                          and containing subject_attributes['verification key'] (KEY)
garciay's avatar
garciay committed
             *              containing trailer_fields
             *                  containing single instance of type TrailerField
             *                      containing type
             *                          indicating 'signature'
             *                      containing signature
             *                          verifiable using KEY
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CAM_16_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
            testcase TC_SEC_ITSS_SND_CAM_16_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                //  Local variables
                const integer c_nbVerification := 3;
                var integer v_nbVerification := 0;
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
                var Certificate v_certificate;
                var boolean v_certificateReceived := false;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: CAM message with certificate received ***");
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        v_certificate := v_signerInfo.signerInfo.certificate;
                        v_certificateReceived := true;
                        
                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
                            log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        
                        v_nbVerification := v_nbVerification + 1;
                        if (v_nbVerification < c_nbVerification) {
                            tc_ac.start;
                            repeat;
                        }
                    }
                    [v_certificateReceived == true] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_CAMs(
                                    mw_header_field_signer_info_digest
                    )))) -> value v_geoNwInd {
                        tc_ac.stop;
                        
                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) {
                            log("*** " & testcasename() & ": FAIL: CAM received with invalide signature");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        
                        v_nbVerification := v_nbVerification + 1;
                        if (v_nbVerification < c_nbVerification) {
                            tc_ac.start;
                            repeat;
                        }
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected CAM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                log("*** " & testcasename() & ": PASS: All CAMs received with correct signature");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CAM_16_01_BV
garciay's avatar
garciay committed
        } // End of group sendCAMProfile
garciay's avatar
garciay committed
        /**
         * @desc Sending behaviour test cases for DENM profile
         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.5 DENM profile
         */
        group sendDENMProfile {
garciay's avatar
garciay committed
             * @desc   Check that the sent Secured DENM contains a HeaderField its_aid that is set to 'AID_DENM' 
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *         containing header_fields ['its_aid']
             *             containing its_aid
             *                 indicating 'AID_DENM'
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_01_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clauses 5.4 and 7.2
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_DENM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var HeaderFields v_headersFields;
                var ItsDenm v_denmComponent;
                var integer v_previousHeaderType;
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                v_denmComponent := f_triggerDenmEvent();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
garciay's avatar
garciay committed
                                        ?, 
                                        ?, 
                                        ?, 
                                        mw_header_field_its_aid_DENM
                                    )
                                ), 
garciay's avatar
garciay committed
                                ?
                    ))) -> value v_geoNwInd {
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": PASS: 'its_aid' is set to 'AID_DENM'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    
                    // DENM without mandatory fields 
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_its_aid_DENM
                                    )
                    )))) {
                        log("*** " & testcasename() & ": FAIL: Secured DENM doesnt contain required headers");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    } 
                } // End of 'alt' statement
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_DENM_01_01_BV
garciay's avatar
garciay committed
             * @desc   Check that the secured DENM contains exactly one element of these header fields: signer_info, generation_time, 
             *         generation_location, message_type.
             *         Check that the header fields are in the ascending order according to the numbering of the enumeration except 
             *         of the signer_info, which is encoded first.
             *         Check that generation_time_with_confidence (generation_time_standard_deviation) is not used
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
garciay's avatar
garciay committed
             *     the IUT is requested to send DENM
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *       containing header_fields[0]
             *         containing type 
             *           indicating 'signer_info'
             *       containing header_fields [n].type
             *         indicating value less then header_fields [n+ 1].type
             *       containing header_fields ['generation_time']
             *       containing header_fields ['generation_location']
             *       not containing header_fields ['generation_time_with_confidence']
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_02_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.2
             */
            testcase TC_SEC_ITSS_SND_DENM_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var HeaderFields v_headersFields;
                var ItsDenm v_denmComponent;
                var integer v_previousHeaderType;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                v_denmComponent := f_triggerDenmEvent();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field( e_signer_info ), 
                                        mw_header_field( e_generation_time ), 
                                        mw_header_field( e_generation_location ), 
                                        mw_header_field_its_aid_DENM
                                    )
                                ), 
                                mw_geoNwAnyPacket_withPayload(
                                    ?
                    )))) -> value v_geoNwInd {
                        tc_ac.stop;
                        
                        // Process header fields manually
                        v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
                        
                        // Check that signerInfo is first header
                        if (lengthof(v_headersFields) < 1 or not match(v_headersFields[0].type_, e_signer_info)) {
                            log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);    
                        }
                       
                        v_previousHeaderType := enum2int(v_headersFields[0].type_);
                        for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
                            // Check forbidden header
                            if (match(v_headersFields[v_counter].type_, e_generation_time_standard_deviation)) {
                                log("*** " & testcasename() & ": FAIL: Forbidden header present");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (match(v_headersFields[v_counter].type_, e_signer_info)) {
                                log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (v_counter > 1 ) {
                                // Check that no header is duplicated
                                if (match(v_headersFields[v_counter].type_, v_previousHeaderType)) {
                                    log("*** " & testcasename() & ": FAIL: multiple instances of the same header");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                                
                                // Check that headers are ordered
                                if (match(v_headersFields[v_counter].type_, integer:(0..v_previousHeaderType))) { 
                                    log("*** " & testcasename() & ": FAIL: headers are not in the correct order");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                            }
                            v_previousHeaderType := enum2int(v_headersFields[v_counter].type_);
                        } // End of 'for' statement
                        
                        log("*** " & testcasename() & ": PASS: correct secured packet received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    
                    // DENM without mandatory fields 
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_its_aid_DENM
                                    )
                    )))) {
                        log("*** " & testcasename() & ": FAIL: Secured DENM doesnt contain required headers");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    } 
                } // End of 'alt' statement
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_02_01_BV
            
            /**
             * @desc   Check that secured DENM contains the certificate as a signer_info 
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
garciay's avatar
garciay committed
             *       the IUT is requested to send a DENM
garciay's avatar
garciay committed
             *   } then {
garciay's avatar
garciay committed
             *       the IUT sends a SecuredMessage
             *           containing header_fields['signer_info']
             *               containing signer
             *                   containing type
             *                       indicating 'certificate'
             *                   and containing certificate
garciay's avatar
garciay committed
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_03_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.2
            testcase TC_SEC_ITSS_SND_DENM_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var HeaderFields v_headersFields;
                var HeaderFieldType v_previousHeaderType;
                var integer v_counter;
                var ItsDenm v_denmComponent;
                                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                v_denmComponent := f_triggerDenmEvent();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
                                    mw_header_field_signer_info_certificate
                                ), 
                                mw_geoNwAnyPacket_withPayload(
                                    ?
                    )))) {
                        if (v_counter < 3) {
                            f_cancelDenmEvent(v_denmComponent);
                            v_counter := v_counter + 1;
                            v_denmComponent := f_triggerDenmEvent();
                            repeat;
                        } else {
                            tc_ac.stop;
                            log("*** " & testcasename() & ": PASS: DENM signed with certificate");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
                    )))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: DENM signed with not a certificate");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_03_01_BV
garciay's avatar
garciay committed
             * @desc   Check that Secured DENM generation time is inside the validity period of the signing certificate
             *         Check that generation time value is realistic 
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *       containing exactly one header_fields['generation_time'] 
             *           containing generation_time
             *               indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
             *       containing header_fields['signer_info']
             *           containing signer {
             *               containing type
             *                   indicating 'certificate'
             *               containing certificate
             *                   containing validity_restrictions['time_end']
             *                       containing end_validity
             *                           indicating value > TIME_1
             *               or containing validity_restrictions['time_start_and_end']
             *                   containing start_validity
             *                       indicating value <= GEN_TIME
             *                   and containing end_validity
             *                       indicating value > GEN_TIME
             *               or containing validity_restrictions['time_start_and_duration']
             *                   containing start_validity (CERT_START_VALIDITY)
             *                       indicating value <= GEN_TIME
             *                   and containing duration
             *                       indicating value > GEN_TIME - CERT_START_VALIDITY
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_04_01_BV
             * @reference   ETSI TS 103 097 [1], clauses 5.4 and 7.2
            testcase TC_SEC_ITSS_SND_DENM_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                const integer        c_timeLimit := 10 * 60 * 1000000; // us
                var GeoNetworkingInd v_geoNwInd;
                var HeaderField      v_headerField;
                var Time64           v_generationTime;
                var Time64           v_curTime;
garciay's avatar
garciay committed
                var Time64           v_startTime, v_endTime, v_duration;
                var Certificate      v_cert;
                var ItsDenm          v_denmComponent;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_denmComponent := f_triggerDenmEvent();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(
                                            e_generation_time
                                        ),
                                        mw_header_field_signer_info_certificate,
                                        mw_header_field_its_aid_DENM
                                    )
                                ), 
                                mw_geoNwAnyPacket_withPayload(
                                    ?
                    )))) -> value v_geoNwInd {
                        tc_ac.stop;
                        v_curTime := f_getCurrentTime();
                        v_curTime := v_curTime * 1000; // Time64 is in microseconds 
garciay's avatar
garciay committed
                        log("v_curTime (us)=", v_curTime);
                        if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField)) {
                            v_generationTime := v_headerField.headerField.generation_time; 
garciay's avatar
garciay committed
                            log("v_generationTime (us) = ", v_generationTime);
                            if (not match(v_generationTime, Time64:(v_curTime-c_timeLimit, v_curTime+c_timeLimit))) {
                                log("*** " & testcasename() & ": FAIL: DENM generation time is not in 10 min range");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            // Check that generation time is inside the certificate validation period
garciay's avatar
garciay committed
                            if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_signer_info, v_headerField)) {
                                v_cert := v_headerField.headerField.signer.signerInfo.certificate;
                                
                                for (var integer v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
                                    if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
                                        v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
                                        if (not match(v_generationTime, Time64:(0 .. v_endTime))){
                                            log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
garciay's avatar
garciay committed
                                    } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
                                        v_endTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000;
                                        v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
                                        if (not match(v_generationTime, Time64:(v_startTime .. v_endTime))){
                                            log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
garciay's avatar
garciay committed
                                    } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
                                        v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
garciay's avatar
garciay committed
                                        v_duration  := f_duration2time(v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
garciay's avatar
garciay committed
                                        if (not match(v_generationTime, Time64:(v_startTime .. v_duration))){
                                            log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    } else {
                                        log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
                                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                    }
                                } // End of 'for' statement
                                log("*** " & testcasename() & ": PASS: DENM generation time is inside the validity of the certificate");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            }
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
                    )))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: Invalid DENM received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_04_01_BV
garciay's avatar
garciay committed
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         when AT certificate does not contain any region restrictions 
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION 
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_IUT_A)
             *     not containing validity_restrictions['region']
             * }
             * ensure that {
             *   when {
garciay's avatar
garciay committed
             *       the IUT is requested to send DENM
garciay's avatar
garciay committed
             *       the IUT sends a SecuredMessage
             *           containing exactly one header_fields ['generation_location']
             *               containing generation_location
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_05_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.2
            testcase TC_SEC_ITSS_SND_DENM_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var ItsDenm     v_denmComponent;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
                // Test component configuration
                // CERT_IUT_A is the default one
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_denmComponent := f_triggerDenmEvent();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
                                    mw_header_field_signer_info_certificate(
                                        mw_certificate(
                                            ?,
                                            ?,
                                            ?,
                                            superset(
                                                mw_validity_restriction_any_valid_region
                    ))))))) {
                        log("*** " & testcasename() & ": INFO: Skip DENM containing region restrictions ***");
                        repeat;
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(
                                            e_generation_location
                                        ),
                                        mw_header_field_signer_info_certificate,
                                        mw_header_field_its_aid_DENM
                    ))))) {
                        // The certificate doesn't contain region restrictions because such messages was catched before 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                        
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
                                    mw_header_field_signer_info_certificate
                    )))) {
                        // the message does not contain generation location 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
                    )))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement 
                
                // Postamble
                // Cancel DENM events
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_01_BV
            function f_TC_SEC_ITSS_SND_DENM_05_BV(
garciay's avatar
garciay committed
                                                  in template GeographicRegion p_region := ?
            ) runs on ItsGeoNetworking {
                
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var ItsDenm v_denmComponent;
                
                // Trigger DENM 
                v_denmComponent := f_triggerDenmEvent();
                tc_ac.start;
                alt {
                    // DENM contains generation location and certificate with region restrictions  
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(
                                            e_generation_location
                                        ),
                                        mw_header_field_signer_info_certificate(
                                            mw_certificate(
                                                ?,
                                                ?,
                                                ?, 
                                                superset(
                                                    mw_validity_restriction_region(
                                                    )
                                                )
                                            )
                                        ),
                                        mw_header_field_its_aid_DENM
                    ))))) -> value v_geoNwInd {
                        var ValidityRestriction v_vr;
                        var HeaderField         v_hf;
                        tc_ac.stop;
                        // check that generation location is inside the circular region of the certificate
                        if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf)
                           and f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr)
                        ) {
                            if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) {
                                log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            }else{
                                log("*** " & testcasename() & ": FAIL: DENM contains generation location outside the certificate validity region ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        } else {
                            log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                    // DENM signing certificate doesn't contains region restriction
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_its_aid_DENM,
                                        mw_header_field(e_generation_location),
                                        mw_header_field_signer_info_certificate(
                                        mw_certificate(
                                            ?,
                                            ?,
                                            ?, 
                                            { } // DENM signing certificate doesn't 'contains region restriction
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
garciay's avatar
garciay committed
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
                    )))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                f_cancelDenmEvent(v_denmComponent);
            } // End of function f_TC_SEC_ITSS_SND_DENM_05_BV
            
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the circular region containing in the validity restriction of the 
             *         certificate pointed by the signer_info field     
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_IUT_B) {
             *     containing validity_restrictions ['region'] {
             *       containing region{
             *         containing region_type
             *           indicating 'circle'
             *         containing circular_region
             *           indicating REGION
             *       }
             *     }
             *   }
             * }
             * ensure that {
             *   when {
garciay's avatar
garciay committed
             *       the IUT is requested to send a DENM
garciay's avatar
garciay committed
             *       the IUT sends a SecuredMessage
             *           containing exactly one header_fields ['generation_location']
             *               containing generation_location
             *                   indicating value inside the REGION
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_05_02_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.2
            testcase TC_SEC_ITSS_SND_DENM_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_CIRCULAR_REGION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_B;
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_circle);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_02_BV
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the rectangular region containing in the validity restriction 
garciay's avatar
garciay committed
             *         of the certificate pointed by the signer_info field
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
             *     the IUT has been authorized with the AT certificate (CERT_IUT_C)
             *         containing validity_restrictions ['region']
             *             containing region
             *                 containing region_type
             *                    indicating 'rectangle'
             *                 containing rectangular_region
             *                    indicating REGION
             * }
             * ensure that {
             *   when {
garciay's avatar
garciay committed
             *       the IUT is requested to send a DENM
garciay's avatar
garciay committed
             *       the IUT sends a SecuredMessage
             *           containing exactly one header_field ['generation_location']
             *               containing generation_location
             *                   indicating value inside the REGION
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_05_03_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.2
            testcase TC_SEC_ITSS_SND_DENM_05_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_C;
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_rectangular);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_03_BV
            
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the polygonal region containing in the validity restriction 
             *         of the certificate pointed by the signer_info field     
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
             *     the IUT has been authorized with the AT certificate (CERT_IUT_D)
             *         containing validity_restrictions ['region']
             *             containing region
             *                 containing region_type
             *                     indicating 'polygon'
             *                 containing polygonal_region
             *                     containing instance of RectangularRegion
             *                         indicating REGION
             * }
             * ensure that {
             *   when {
garciay's avatar
garciay committed
             *         the IUT is requested to send a DENM
garciay's avatar
garciay committed
             *         the IUT sends a SecuredMessage
             *             containing exactly one header_field ['generation_location']
             *                 containing generation_location
             *                     indicating value inside the REGION
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_05_04_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.2
            testcase TC_SEC_ITSS_SND_DENM_05_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_D;
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_polygonal);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_04_BV
            
            /**
             * @desc   Check that the secured DENM contains exactly one HeaderField generation_location 
             *         which is inside the identified region containing in the validity restriction 
             *         of the certificate pointed by the signer_info field      
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION and PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
             *     the IUT has been authorized with the AT certificate (CERT_IUT_E)
             *         containing validity_restrictions ['region']
             *             containing region
             *                 containing region_type
             *                     indicating 'id_region'
             *                 containing identified_region
             *                     indicating REGION
             * }
             * ensure that {
             *   when {
garciay's avatar
garciay committed
             *       the IUT is requested to send a DENM
garciay's avatar
garciay committed
             *       the IUT sends a SecuredMessage 
             *           containing exactly one header_fields ['generation_location']
             *               containing generation_location
             *                   indicating value inside the REGION
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_05_05_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.2
            testcase TC_SEC_ITSS_SND_DENM_05_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Test control
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_E;
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_identified);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_05_05_BV
garciay's avatar
garciay committed
             * @desc   Check that the Secured DENM contains exactly one non-empty payload of type signed
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             * }
             * Expected results:
             * ensure that {
             *     when {
             *         the IUT is requested to send a DENM
             *     } then {
garciay's avatar
garciay committed
             *         the IUT sends a SecuredMessage
             *             containing payload_field
             *                 containing exactly one element of type Payload
             *                     containing type
             *                         indicating 'signed'
garciay's avatar
garciay committed
             *                      and containing not-empty data
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_08_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.2
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_DENM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var ItsDenm v_denmComponent;
                
garciay's avatar
garciay committed
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_denmComponent := f_triggerDenmEvent();
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
                                mdw_securedMessage_DENMs(
                                    ?,
                                    mw_payload(e_signed)
                    )))) {
                        log("*** " & testcasename() & ": PASS: DENM payload is 'signed'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
                                mdw_securedMessage_DENMs(
                                    ?,
                                    mw_payload()
                    )))) {
                         log("*** " & testcasename() & ": FAIL: DENM payload is not 'signed'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
                                mdw_securedMessage_DENMs
garciay's avatar
garciay committed
                         log("*** " & testcasename() & ": FAIL: DENM payload is not exist");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
garciay's avatar
garciay committed
                } // End of 'alt' statement
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_DENM_08_01_BV
garciay's avatar
garciay committed
             * @desc   Check that the secured DENM contains only one TrailerField of type signature.
             *         Check that the signature contained in the SecuredMessage is calculated 
             *         over the right fields by cryptographically verifying the signature.     
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
garciay's avatar
garciay committed
             *   the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_field ['signer_info']
             *             containing signer
             *                 containing type
             *                   indicating 'certificate'
             *             containing certificate
             *                 containing subject_info.subject_type
             *                     indicating 'authorization_ticket' (2)
             *                 and containing subject_attributes['verification key'] (KEY)
             *                     containing trailer_fields
             *                         containing single instance of type TrailerField
             *                             containing type
             *                                 indicating 'signature'
             *                             and containing signature
             *                                 verifiable using KEY
             *   }
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_10_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 7.2
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_DENM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                //  Local variables
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
                var Certificate v_certificate;
                var ItsDenm v_denmComponent;
                
garciay's avatar
garciay committed
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
                f_cf01Up();
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                v_denmComponent := f_triggerDenmEvent();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs(
garciay's avatar
garciay committed
                                    mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: DENM message with certificate received ***");
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        
                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) {
                            log("*** " & testcasename() & ": FAIL: DENM received with invalide signature");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
garciay's avatar
garciay committed
                    
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_DENMs
                    ))) {
garciay's avatar
garciay committed
                         log("*** " & testcasename() & ": FAIL: DENM doesn't contain signature");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
garciay's avatar
garciay committed
                    
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
garciay's avatar
garciay committed
                log("*** " & testcasename() & ": PASS: DENM received with correct signature");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_cancelDenmEvent(v_denmComponent);
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_DENM_10_01_BV
                
        } // End of group sendDENMProfile
        
        /**
         * @desc Sending behaviour test cases for DENM profile
         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.6 Generic signed message profile
         */
        group sendOtherProfile {
garciay's avatar
garciay committed
             * @desc        Check that the secured message contains of type signed 
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial conditions:
             * with {
garciay's avatar
garciay committed
             *     the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             * Expected results:
garciay's avatar
garciay committed
             *     when {
             *         the IUT is requested to send a Beacon
             *     } then {
             *         the IUT sends a SecuredMessage {
garciay's avatar
garciay committed
             *            containing header_field ['its_aid']
             *                containing its_aid
             *                    indicating 'AID_BEACON'
garciay's avatar
garciay committed
             *         }
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_06_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 5.4
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_GENMSG_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
                                mdw_securedMessage(
                                    superset(
                                        ?, 
                                        ?, 
                                        mw_header_field_its_aid_Other
                                    )
                                ), 
                                ?
garciay's avatar
garciay committed
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: 'its_aid' is neither set to 'AID_CAM' nor 'AID_DENM'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    [] tc_ac.timeout {
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": INCONC: Expected Message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
garciay's avatar
garciay committed
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_01_01_BV
            
            /**
             * @desc   Check that the generic secured message contains exactly one element of these header fields: 
             *             signer_info, generation_time, generation_location.
             *         Check that the header fields are in the ascending order according to the numbering of the enumeration
             *             except of the signer_info, which is encoded first.   
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected Results:
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *         containing header_fields [0].type
             *             indicating 'signer_info'
             *         and containing header_fields [1..n] 
             *             where header_fields [v_counter].type < header_fields [v_counter + 1].type
             *         and containing header_fields ['generation_time']
             *         and containing header_fields ['generation_location']
             *         and containing header_field ['its_aid']
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_02_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                var GeoNetworkingInd v_geoNwInd;
                var HeaderFields v_headersFields;
                var HeaderFieldType v_previousHeaderType;
                var integer v_counter;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(e_generation_time), 
                                        mw_header_field(e_generation_location),
                                        mw_header_field_its_aid_Other
                                    )
                                ), 
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) -> value v_geoNwInd {
                        tc_ac.stop;
                        
                        // Process header fields manually
                        v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields);
                        
                        // Check that signerInfo is first header
                        if (lengthof(v_headersFields) < 1 or not match(v_headersFields[0].type_, e_signer_info)) {
                            log("*** " & testcasename() & ": FAIL: SignerInfo is not first header");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);    
                        }
                        
                        for (v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) {
                            // Check that no header is duplicated
                            if (match(v_headersFields[v_counter].type_, e_signer_info)) {
                                log("*** " & testcasename() & ": FAIL: multiple instances of signer_info");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            if (v_counter > 1) {
                                // Check that headers are ordered
                                if (v_headersFields[v_counter].type_ == v_previousHeaderType) {
                                    log("*** " & testcasename() & ": FAIL: multiple instances of same Header");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                                if (v_headersFields[v_counter].type_  < v_previousHeaderType) {
                                    log("*** " & testcasename() & ": FAIL: headers not in correct order");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                            }
                            v_previousHeaderType := v_headersFields[v_counter].type_;
                        } // End of 'for' statement
                        
                        log("*** " & testcasename() & ": PASS: correct secured packet received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV
            
            /**
             * @desc   Check that generic secured message contains the certificate as a signer_info
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial Conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected Behaviour
             * ensure that {
             *   when {
garciay's avatar
garciay committed
             *       the IUT is requested to send a Beacon
garciay's avatar
garciay committed
             *       the IUT sends a SecuredMessage
             *           containing exactly one header_fields ['signer_info']
             *               containing signer
             *                   containing type
             *                       indicating 'certificate'
             *                   and containing certificate
             *       }
garciay's avatar
garciay committed
             * 
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_03_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                 mdw_securedMessage_Others(
                                    mw_header_field_signer_info_certificate
                                ), 
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: Beacon signed with certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    mw_header_field(
                                        e_signer_info
                                    )
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        log("*** " & testcasename() & ": INFO: Beacon signed with digest ***");
                        repeat;
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV
            
            /**
             * @desc   Check that message generation time is inside the validity period of the signing certificate
garciay's avatar
garciay committed
             *         Check that message generation time value is realistic
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected behaviour:
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *       containing exactly one header_fields['generation_time']
             *           containing generation_time
             *               indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
             *       containing header_fields['signer_info']
             *           containing signer
             *               containing type
             *                   indicating 'certificate'
             *           containing certificate
             *               containing validity_restrictions['time_end']
                                 containing end_validity
                                     indicating value > GEN_TIME
             *               and containing validity_restrictions['time_start_and_end']
             *                   containing start_validity
             *                       indicating value <= TIME_1
             *                   and containing end_validity
             *                       indicating value > TIME_1
             *               or containing validity_restrictions['time_start_and_duration']
             *                   containing start_validity (CERT_START_VALIDITY)
             *                       indicating value <= GEN_TIME
             *                   and containing duration
             *                       indicating value > GEN_TIME - CERT_START_VALIDITY
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_04_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clauses 5.4 and 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector    v_longPosVectorIut;
                var GeoNetworkingInd v_geoNwInd;
                var HeaderField      v_headerField;
                var Time64           v_generationTime;
                var Time64           v_curTime;
garciay's avatar
garciay committed
                var Time64           v_startTime, v_endTime, v_duration;
                var Certificate      v_cert;
                var integer          v_counter;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(
                                            e_generation_time
                                        ),
                                        mw_header_field_signer_info_certificate,
                                        mw_header_field_its_aid_Other
                                    )
                                ), 
                                mw_geoNwBeaconPacket(
                                    ?
                                )
                            )
                    )) -> value v_geoNwInd { 
                        const integer c_deltaTime := 2 * 3600 * 1000000; // Two hours, in microsecoonds
                        
                        tc_ac.stop;
                        v_curTime := f_getCurrentTime();
                        v_curTime := v_curTime * 1000; // Clause 4.2.16 Time64: is in microseconds
                        
                        if (
                            f_getMsgHeaderField(
                                v_geoNwInd.msgIn.gnPacket.securedMsg,
                                e_generation_time, 
                                v_headerField
                        )) {
                            v_generationTime := v_headerField.headerField.generation_time;  
                            log("v_generationTime=", v_generationTime);
                            log("v_curTime=", v_curTime);
                            log("v_curTime - c_deltaTime=", v_curTime - c_deltaTime);
                            if (v_generationTime < (v_curTime - c_deltaTime)) {
                                log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the past");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            if (v_generationTime > (v_curTime + c_deltaTime)) {
                                log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the future");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            // Check that generation time is inside the certificate validation period
                            if (
                                f_getMsgHeaderField(
                                    v_geoNwInd.msgIn.gnPacket.securedMsg,
                                    e_signer_info, 
                                    v_headerField
                            )) {
                                v_cert := v_headerField.headerField.signer.signerInfo.certificate;
                                
                                for (v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
                                    if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
                                        v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
                                        if (v_generationTime > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    }
garciay's avatar
garciay committed
                                    if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) {
                                        v_endTime   := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000;
                                        if (v_generationTime > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
                                        v_endTime   := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity   * 1000000;
                                        v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
                                        if (v_generationTime < v_startTime or v_generationTime > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
garciay's avatar
garciay committed
                                    } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
                                        v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
garciay's avatar
garciay committed
                                        v_duration  := f_duration2time(v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
garciay's avatar
garciay committed
                                        if (v_generationTime < v_startTime or (v_startTime + v_duration) > v_endTime ) {
                                            log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate");
                                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                        }
                                    } else {
                                        log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
                                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                    }
                                } // End of 'for' statement
                                log("*** " & testcasename() & ": PASS: Beacon generation time is inside the validity of the certificate");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                            } else {
                                log("*** " & testcasename() & ": INCONC: DENM signer info is not available");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV

            /**
             * @desc   Check that the secured GN Beacon contains exactly one HeaderField generation_location
garciay's avatar
garciay committed
             *         when AT certificate does not contain any region restrictions
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_IUT_A)
garciay's avatar
garciay committed
             *       not containing validity_restrictions['region']
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *         containing exactly one header_fields ['generation_location']
             *             containing generation_location
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
                // Test component configuration
                // CERT_IUT_A is the default one
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(mw_geoNwSecPdu(
                            mdw_securedMessage_Others(
                                mw_header_field_signer_info_certificate(
                                    mw_certificate(
                                        ?,
                                        ?,
                                        ?,
                                        superset(
                                            mw_validity_restriction_any_valid_region
                    ))))))) {
                        log("*** " & testcasename() & ": INFO: Skip DENM containing region restrictions ***");
                        repeat;
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field(
                                            e_generation_location
                                        ),
                                        mw_header_field_signer_info_certificate,
                                        complement(
                                            mw_header_field_its_aid_CAM,
                                            mw_header_field_its_aid_DENM
                                        )
                    ))))) {
                        // The certificate doesn't contain region restrictions because such messages was catched before 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    mw_header_field_signer_info_certificate
                    )))) {
                        // The message does not contain generation location 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: DENM contains generation location ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_01_BV
            
            /**
             * @desc   Check that the secured GN Beacon contains exactly one HeaderField generation_location 
             *         which is inside the circular region containing in the validity restriction of the 
             *         certificate pointed by the signer_info field     
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION and PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
             *   the IUT has been authorized with the AT certificate (CERT_IUT_B)
             *       containing validity_restrictions['region']
             *           containing region
             *               containing region_type
             *                   indicating 'circle'
             *               and containing circular_region
             *                   indicating REGION
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a GN Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage 
             *         containing exactly one header_fields['generation_location']
             *             containing generation_location
             *                 indicating value inside the REGION
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_02_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector   v_longPosVectorIut;
                
                // Test control
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_CIRCULAR_REGION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_CIRCULAR_REGION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_B; 
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_circle);
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_02_BV
            /**
             * @desc   Check that the secured GN Beacon contains exactly one HeaderField generation_location 
             *         which is inside the rectangular region containing in the validity restriction 
             *         of the certificate pointed by the signer_info field     
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
             *   the IUT has been authorized with the AT certificate (CERT_IUT_C)
garciay's avatar
garciay committed
             *       containing validity_restrictions ['region']
             *           containing region
             *               containing region_type
             *                   indicating 'rectangle'
             *               containing rectangular_region
             *                   indicating REGION
             * }
             * ensure that {
             *   when {
garciay's avatar
garciay committed
             *       the IUT is requested to send a DENM
garciay's avatar
garciay committed
             *       the IUT sends a SecuredMessage
             *           containing exactly one header_fields ['generation_location']
             *               containing generation_location
             *                   containing instance of RectangularRegion
             *                       indicating value inside the REGION
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_03_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_05_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector   v_longPosVectorIut;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_C; // Load IUT certificate CERT_IUT_C 
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_rectangular);
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_03_BV
            
            /**
             * @desc   Check that the secured GN Message contains exactly one HeaderField generation_location 
             *         which is inside the polygonal region containing in the validity restriction 
             *         of the certificate pointed by the signer_info field     
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
             *   the IUT has been authorized with the AT certificate (CERT_AT_D)
             *       containing validity_restrictions ['region']
             *           containing region
             *               containing region_type
             *                   indicating 'polygon'
             *               containing polygonal_region
             *                   indicating REGION
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *       containing exactly one header_fields ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_04_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_05_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector   v_longPosVectorIut;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_D; // Load IUT certificate CERT_IUT_D 
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_polygonal);
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_04_BV
            
            /**
             * @desc   Check that the secured GN Message contains exactly one HeaderField generation_location 
             *         which is inside the identified region containing in the validity restriction 
garciay's avatar
garciay committed
             *         of the certificate pointed by the signer_info field
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_IDENTIFIED_REGION and PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * with {
garciay's avatar
garciay committed
             *   the IUT has been authorized with the AT certificate (CERT_IUT_E) 
             *       containing validity_restrictions ['region'] 
             *           containing region
             *               containing region_type
             *                   indicating 'id_region'
             *               containing identified_region
             *                   indicating REGION
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *       containing exactly one header_fields ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_05_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_05_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var LongPosVector   v_longPosVectorIut;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_E; // Load IUT certificate CERT_IUT_E 
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_identified);
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_05_BV
            
            /**
             * @desc   Check that the secured GN Message contains exactly one HeaderField generation_location 
garciay's avatar
garciay committed
             *         which is inside the  certificate pointed by the signer_info field
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and not PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signed_info'].certificate
             *         containing validity_restrictions ['region']
             *           containing region.region_type
             *             indicating 'circle'
             *           containing region.circular_region
             *             indicating REGION
garciay's avatar
garciay committed
             *         or containing region.region_type
             *             indicating 'rectangle'
             *           containing region.rectangular_region
             *             containing array of rectangles
             *               indicating REGION
garciay's avatar
garciay committed
             *         or containing region.region_type
             *             indicating 'polygonal'
             *           containing region.polygonal_region
             *             indicating REGION
garciay's avatar
garciay committed
             *         or containing region.region_type
             *             indicating 'id_region'
             *           containing region.circular_region
             *             indicating REGION
garciay's avatar
garciay committed
             *       and containing exactly one header_fields['generation_location']
             *         containing generation_location
             *           indicating location inside the REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_05_06_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_05_06_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
                var LongPosVector   v_longPosVectorIut;
                
                // Test adapter configuration
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or PICS_CERTIFICATE_SELECTION) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and not PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
                
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_B; // Load IUT certificate CERT_IUT_B 
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);    
                
                // Test Body
                f_TC_SEC_ITSS_SND_GENMSG_05_BV(); // any type of regions
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_06_BV
            
            group f_TC_SEC_ITSS_SND_GENMSG_05_xx {
                
                function f_TC_SEC_ITSS_SND_GENMSG_05_BV(
garciay's avatar
garciay committed
                                                        in template (present) GeographicRegion p_region := ?
                ) runs on ItsGeoNetworking {
                    
                    // Local variables
                    var GeoNetworkingInd v_geoNwInd;
                    
                    tc_ac.start;
                    alt {
                        // GN message must contain generation location and the certificate with region restrictions  
                        [] geoNetworkingPort.receive(
                            mw_geoNwInd(
                                mw_geoNwSecPdu(
                                    mdw_securedMessage(
                                        superset(
                                            mw_header_field(e_generation_location),
                                            mw_header_field_signer_info_certificate(
                                                mw_certificate(
                                                    ?,
                                                    ?,
                                                    ?, 
                                                    superset(
                                                        mw_validity_restriction_region(
                                                            p_region
                        ))))))))) -> value v_geoNwInd {
                            var ValidityRestriction v_vr;
                            var HeaderField         v_hf;
                            
                            tc_ac.stop;
                            // Check that generation location 
                            if (
                                f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf) and 
                                f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr)
                            ) {
                                if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) {
                                    log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                                } else {
                                    log("v_vr.validity.region=", v_vr.validity.region);
                                    log("v_hf.headerField.generation_location=", v_hf.headerField.generation_location);
                                    log("*** " & testcasename() & ": FAIL: Invalid location");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                            } else {
                                log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        // GN message doesn't contain generation location 
                        [] geoNetworkingPort.receive(
                            mw_geoNwInd(
                                mw_geoNwSecPdu(
                                    mdw_securedMessage_Others
                        ))) -> value v_geoNwInd {
                            var HeaderField v_hf;
                            
                            tc_ac.stop;
                            
                            // Check that generation location is not present
                            f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf);
                            if (not isbound(v_hf)) {
                                log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location header");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        // GN signing certificate doesn't contains region restriction 
                        [] geoNetworkingPort.receive(
                            mw_geoNwInd(
                                mw_geoNwSecPdu(
                                    mdw_securedMessage_Others(
                                        mw_header_field_signer_info_certificate(
                                            mw_certificate(
                                                ?,
                                                ?,
                                                ?, 
                                                { } // GN signing certificate doesn't contains region restriction
                        )))))) {
                            tc_ac.stop;
                            log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        [] tc_ac.timeout {
                            log("*** " & testcasename() & ": INCONC: Expected DENM not received ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                        }
                    } // End of 'alt' statement
                } // End of function f_TC_SEC_ITSS_SND_GENMSG_05_BV 
                
            } // End of group f_TC_SEC_ITSS_SND_GENMSG_05_xx
            
            /**
garciay's avatar
garciay committed
             * @desc        Check that the secured message contains of type signed, signed_external or signed_and_encrypted 
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             * }
             * Expected results:
             * ensure that {
             *     when {
             *         the IUT is requested to send a Beacon
             *     } then {
             *         the IUT sends a SecuredMessage {
garciay's avatar
garciay committed
             *             containing payload_fields
             *                 containing exactly one element of type Payload
             *                     containing type
garciay's avatar
garciay committed
             *                         indicating 'signed' or 'signed_external' or 'signed_and_encrypted'
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_06_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var LongPosVector v_longPosVectorIut;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
garciay's avatar
garciay committed
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
                                    mw_payload(
                                        e_signed
                                    ) 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        log("*** " & testcasename() & ": PASS: Beacon payload is 'signed'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
garciay's avatar
garciay committed
                                    mw_payload(
                                        e_signed_external
                                    ) 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_external'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
                                    mw_payload(
garciay's avatar
garciay committed
                                        e_signed_and_encrypted
                                    ) 
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
                        log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_and_encrypted'");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    ?, 
                                    mw_payload
                                ),
                                mw_geoNwBeaconPacket(
                                    ?
                    )))) { 
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": FAIL: Beacon payload is not signed, signed_external or signed_and_encrypted");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected Message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV
garciay's avatar
garciay committed
             * @desc   Check that the secured GN Message contains only one TrailerField of type signature ;
             *         Check that the signature contained in the SecuredMessage is calculated over the right fields by 
             *         cryptographically verifying the signature 
             * Pics Selection: PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send Beacon
             *   } then {
garciay's avatar
garciay committed
             *     the IUT sends a SecuredMessage
             *         containing header_fields ['signer_info']
             *             containing signer
             *                 containing type
             *                     indicating 'certificate'
             *             and containing certificate
             *                 indicating CERT
             *         and containing trailer_fields['signature']
             *             containing signature
             *                 verifiable using CERT.subject_attributes['verification_key'] 
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_GENMSG_07_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.3
            testcase TC_SEC_ITSS_SND_GENMSG_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                //  Local variables
                var LongPosVector v_longPosVectorIut;
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo v_signerInfo;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
                f_cf01Up();
                v_longPosVectorIut := f_getPosition(c_compIut);
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others(
                                    mw_header_field_signer_info_certificate
                    )))) -> value v_geoNwInd { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": INFO: Beacon message with certificate received ***");
                        f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo);
                        
                        if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) {
                            log("*** " & testcasename() & ": FAIL: Beacon received with invalide signature");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage_Others
                    ))) { 
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: Beacon message without certificate received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected GN Message not received");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                log("*** " & testcasename() & ": PASS: GN Message received with correct signature");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_acTriggerEvent(m_stopPassBeaconing);
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_DENM_07_01_BV
garciay's avatar
garciay committed
        } // End of group sendOtherProfile
garciay's avatar
garciay committed
        /**
         * @desc Sending behaviour test cases for certificates profile
         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7 Profiles for certificates
         */
        group sendCertificatesProfile {
garciay's avatar
garciay committed
             * @desc    Check that AT certificate has version 2
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating certificate
             *             containing certificate
             *                 containing version
             *                     indicating '2'
             *   }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_01_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
garciay's avatar
garciay committed
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                    
                // Test adapter configuration
garciay's avatar
garciay committed
                    
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_certificate(
                    ))))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AT Certificate version set to " & int2char(c_certificate_version) & " ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            ?
                    )))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: AT Certificate version mismatch ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_01_01_BV
garciay's avatar
garciay committed
             * @desc    Check that AA certificate has version 2
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *      the IUT being requested to include certificate chain in the next CAM
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
garciay's avatar
garciay committed
             *                 indicating 'certificate_chain'
garciay's avatar
garciay committed
             *             and containing certificates
             *                 indicating length > 0
             *                 and containing certificates[n] (0..N)
             *                     containing version
             *                         indicating '2'
             *   }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_01_02_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
garciay's avatar
garciay committed
                var SecuredMessage v_recv;
                var Certificate v_cert;
                var SignerInfo v_si;
                var HashedId8 v_digest;
garciay's avatar
garciay committed
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                    
                // Test component configuration
garciay's avatar
garciay committed
                    
                // Test adapter configuration
garciay's avatar
garciay committed
                    
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
garciay's avatar
garciay committed
                // Wait for the message with the certificate to retrieve the AA digest.
                // Ask for the chain, containing AT and AA certificate
                // Check AA Certificate
                log("*** " & testcasename() & ": INFO: Wait for certificate and ask for certificate chain  ***");
                tc_ac.start;
                f_askForCertificateChain(f_generateDefaultCam());
                tc_ac.stop;
garciay's avatar
garciay committed
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
garciay's avatar
garciay committed
                                        mw_header_field_signer_info_certificate_chain
                    ))))) {
garciay's avatar
garciay committed
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AA certificate version set to " & int2char(c_certificate_version) & " ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate_chain
                    ))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: AA certificate version mismatch or no AA cert received***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_01_02_BV
garciay's avatar
garciay committed
             * @desc    Check that the references in the certificate chain are valid
             *          Check that signer_info type of all certificates in the chain are 'certificate_digest_with_sha256', 
             *          'certificate_digest_with_other_algorithm' or 'self'
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
garciay's avatar
garciay committed
             *                 indicating 'certificate_chain'
garciay's avatar
garciay committed
             *             and containing certificates
             *                 indicating length > 0
             *             and containing certificates[0]
             *                 containing signer_info
             *                     containing type
             *                         indicating 'certificate_digest_with_sha256'
             *                         or indicating 'certificate_digest_with_other_algorythm'
             *                     and containing digest
             *                         referenced to the trusted certificate
             *                 or containing signer_info
             *                     containing type
             *                         indicating 'self'
             *             and containing certificates[n] (1..N)
             *                 containing signer_info
             *                     containing type
             *                         indicating 'certificate_digest_with_sha256'
             *                         or indicating 'certificate_digest_with_other_algorythm'
             *                     and containing digest
             *                         referenced to the certificates[n-1]
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_02_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.10, 6.1 and 7.4.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Local declarations
                var CertificateChain v_chain;
                var SignerInfo v_si;
                var HashedId8 v_digest;
garciay's avatar
garciay committed
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                    
                // Test adapter configuration
garciay's avatar
garciay committed
                    
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
garciay's avatar
garciay committed
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
garciay's avatar
garciay committed
                tc_ac.stop;
                
                // Test Body
                for (var integer v_counter := lengthof(v_chain) - 1; v_counter > 1; v_counter := v_counter - 1) { // Loop on []N-1..1]
                    if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) {
                        log("*** " & testcasename() & ": FAIL: Certificate[ " & int2str(v_counter) & "] doesn't contain signer info ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
garciay's avatar
garciay committed
                    if (not match(v_si.type_, e_certificate_digest_with_sha256) and not match(v_si.type_, e_certificate_digest_with_other_algorithm)) {
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    // signer_info.type indicates 'certificate_digest_with_sha256' or 'certificate_digest_with_other_algorythm'
                    
                    v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]);
                    if (not match (v_si.signerInfo.digest, v_digest)) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                } // End of 'for' statement
                // Process certificate[0]
                if (not f_getCertificateSignerInfo(v_chain[0], v_si)) {
                    log("*** " & testcasename() & ": FAIL: Certificate[0] doesn't contain signer info ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
garciay's avatar
garciay committed
                // Process certificate[0]
                if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
                    log("*** " & testcasename() & ": FAIL: Certificate[0] is not signed with digest ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
garciay's avatar
garciay committed
                // signer_info.type indicates 'certificate_digest_with_sha256' only
                log("*** " & testcasename() & ": PASS: Certificate chain is well signed ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_02_01_BV
garciay's avatar
garciay committed
             * @desc Check that the rectangular region validity restriction of the message signing certificate 
             *       contains not more than six valid rectangles; 
             *       Check that the rectangular region validity restriction of the message signing certificate is 
             *       continuous and does not contain any holes 
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate'
             *             containing certificate
             *                 containing validity_restrictions['region']
             *                     containing region_type
             *                         indicating 'rectangle'
             *                     and containing rectangular_region
             *                         indicating length <= 6
             *                         and containing elements of type RectangularRegion
             *                             indicating continuous region without holes
             *                             and containing northwest and southeast
             *                                 indicating northwest is on the north from southeast
             *   }
             * }
             * @remark Certificate: cc_taCert_C
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_04_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clauses 4.2.20 and 4.2.23
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
garciay's avatar
garciay committed
                var Certificate         v_cert;
                var ValidityRestriction v_vr;
                var integer             v_counter;
garciay's avatar
garciay committed
                // Test control
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
garciay's avatar
garciay committed
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_C;
garciay's avatar
garciay committed
                    
                // Test adapter configuration
garciay's avatar
garciay committed
                    
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
garciay's avatar
garciay committed
                // Test body
                tc_ac.start;
                f_waitForCertificate(v_cert);
                tc_ac.stop;
                if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) {
                    if (v_vr.validity.region.region_type == e_rectangle) {
                        var RectangularRegions v_rects := v_vr.validity.region.region.rectangular_region;
                        if (lengthof(v_rects) > 6) {
                            log("*** " & testcasename() & ": FAIL: Rectangular regions count is more then 6 ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        for (v_counter := 0; v_counter<lengthof(v_rects); v_counter := v_counter + 1) {
                            var RectangularRegion v_rect := v_rects[v_counter];
                            if (true != f_isValidTwoDLocation(v_rect.northwest)) {
                                log("*** " & testcasename() & ": FAIL: Northwest location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (true != f_isValidTwoDLocation(v_rect.southeast)) {
                                log("*** " & testcasename() & ": FAIL: Southeast location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            // Check normality of the rectangle
                            if (v_rect.northwest.latitude < v_rect.southeast.latitude) {
                                log("*** " & testcasename() & ": FAIL: Rectangular region " & int2str(v_counter) & " is not normalized ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        } // End of 'for' statement
                        
                        // Check for continuous rectangles
                        if (lengthof(v_rects) > 1) { 
                            if (true !=  f_isContinuousRectangularRegions(v_rects)) {
                                log("*** " & testcasename() & ": FAIL: Rectangular regions are not connected all together ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                    } else {
                        log("*** " & testcasename() & ": INCONC: Certificate has other region type ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc
                    }
garciay's avatar
garciay committed
                    // FIXME Check holes
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                } else {
                    log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_04_01_BV
garciay's avatar
garciay committed
             * @desc Check that the rectangular region validity restriction of all certificates contains not more than 
             *       six valid rectangles; 
             *       Check that the rectangular region validity restriction of the AT certificate is continuous and 
             *       does not contain any holes 
             *       Check that the rectangular certificate validity region of the subordinate certificate is well formed and 
             *       inside the validity region of the issuing certificate 
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
garciay's avatar
garciay committed
             * with {
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *   when {
             *     the IUT is requested to send a CAM
             * } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             containing certificates
             *                indicating length N > 0
             *                and containing certificates [n] 0..n
             *                    containing validity_restrictions['region']
             *                        containing region_type
             *                            indicating 'rectangle'
             *                        and containing rectangular_region
             *                            indicating length <= 6
garciay's avatar
garciay committed
             *                            and containing elements of type RectangularRegion
             *                                containing northwest and southeast
             *                                    indicating northwest  on the north from southeast
             *                                and indicating continuous region without holes
garciay's avatar
garciay committed
             *    }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_04_02_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clauses 4.2.20 and 4.2.23
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_04_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
                // Local variables
garciay's avatar
garciay committed
                var CertificateChain    v_chain;
                var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown);  // current and issuing cert validity restrictions
garciay's avatar
garciay committed
                var boolean             f_vr := false, f_vri := false;
garciay's avatar
garciay committed
                // Test control
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***");
garciay's avatar
garciay committed
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_C;
garciay's avatar
garciay committed
                    
                // Test adapter configuration
garciay's avatar
garciay committed
                    
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                } else {
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                }
garciay's avatar
garciay committed
                tc_ac.stop;
                for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
                    v_vri := v_vr;
                    f_vri := f_vr;
                    f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
                    log("v_chain[v_counter]=", v_chain[v_counter]);
                    if (f_vr) {
                        var RectangularRegions v_rects;
                        if (v_vr.validity.region.region_type != e_rectangle) {
                            log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not rectangular ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        v_rects := v_vr.validity.region.region.rectangular_region;
                        log("v_rects=", v_rects);
                        if (lengthof(v_rects) > 6) {
                            log("*** " & testcasename() & ": FAIL: Rectangular regions count is more then 6 ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        for (var integer j:=0; j<lengthof(v_rects); j:=j + 1) {
                            var RectangularRegion v_rect := v_rects[j];
                            if (true != f_isValidTwoDLocation(v_rect.northwest)) {
                                log("*** " & testcasename() & ": FAIL: Northwest location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (true != f_isValidTwoDLocation(v_rect.southeast)) {
                                log("*** " & testcasename() & ": FAIL: Southeast location is invalid in rect " & int2str(v_counter) & " ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            // Check normality of the rectangle
                            if (v_rect.northwest.latitude < v_rect.southeast.latitude) {
                                log("*** " & testcasename() & ": FAIL: Rectangle " & int2str(v_counter) & " is not normalized ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        if (f_vri) {
                            // current restrictions must be inside of the parent one
                            if (not f_isRectangularRegionsInside(v_vri.validity.region.region.rectangular_region, v_rects)) {
                                log("*** " & testcasename() & ": FAIL: Certificate validity restriction region is not inside the issuing one ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                    } else {
                        // Region validity restriction is not exist
                        if (f_vri) {
                            log("*** " & testcasename() & ": FAIL: Certificate validity restriction region must be set if thi restriction exists in the issuing certificate ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                } // End of 'for' statement
garciay's avatar
garciay committed
                // FIXME Check holes
garciay's avatar
garciay committed
                log("*** " & testcasename() & ": PASS: All certificates has a valid rectangular region restrictions ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_04_02_BV
garciay's avatar
garciay committed
             * @desc Check that the polygonal certificate validity region contains at least three and no more than 12 points
             *       Check that the polygonal certificate validity region does not contain intersections and holes 
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate'
             *             containing certificate
             *                 containing validity_restrictions['region']
             *                 and containing region_type
             *                     indicating 'polygon'
             *                 and containing polygonal_region 
             *                     indicating length >=3 and <=12
             *                     and indicating continuous region without holes and intersections
             *   }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_05_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.24
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                var Certificate         v_cert;
                var ValidityRestriction v_vr;
                var integer             v_counter;
garciay's avatar
garciay committed
                // Test control
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
garciay's avatar
garciay committed
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_D;
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
garciay's avatar
garciay committed
                // Test body
                tc_ac.start;
                f_waitForCertificate(v_cert);
                tc_ac.stop;
                if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { 
                    if (v_vr.validity.region.region_type == e_polygon) {
                        var PolygonalRegion v_pr := v_vr.validity.region.region.polygonal_region;
                        var integer v_length := lengthof(v_pr);
                        if (v_length < 3) {
                            log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        if (v_length > 12) {
                            log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        if (true != f_isValidPolygonalRegion(v_pr)) {
                            log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
garciay committed
                        // FIXME Check holes
garciay's avatar
garciay committed
                    } else {
                        log("*** " & testcasename() & ": INCONC: Certificate has other region type ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc
                    }
                } else {
                    log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_05_01_BV
garciay's avatar
garciay committed
             * @desc Check that the polygonal certificate validity region is inside the validity region of the issuing certificate
             *       Check that the issuing polygonal certificate validity region contains at least three and no more than 12 points 
             *       Check that the issuing polygonal certificate validity region does not contain intersections and holes 
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             and containing certificates
             *                 indicating length > 0
             *             and containing certificates [n] (0..n)
             *                 containing validity_restrictions['region']
             *                     containing region_type
             *                         indicating 'polygon'
             *                     and containing polygonal_region
             *                         indicating length >=3 and <=12
garciay's avatar
garciay committed
             *                         and indicating continuous region without holes and intersections
garciay's avatar
garciay committed
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_05_02_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.24
             */
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Local declarations
                var CertificateChain    v_chain;
                var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown);  // current and issuing cert validity restrictions
                var boolean f_vr := false, f_vri := false;
                
                // Test control
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***");
garciay's avatar
garciay committed
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_D;
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                } else {
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                }
garciay's avatar
garciay committed
                f_vr := false;
                tc_ac.stop;
                for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
                    v_vri := v_vr;
                    f_vri := f_vr;
                    f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
                    if (f_vr) {
                        var PolygonalRegion v_pr;
                        var integer v_length;
                        
                        if (v_vr.validity.region.region_type != e_polygon) {
                            log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not polygonal ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        
                        v_pr := v_vr.validity.region.region.polygonal_region;
                        v_length := lengthof(v_pr);
                        
                        if (v_length < 3) {
                            log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small in cert " & int2str(v_counter) & " ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        
                        if (v_length > 12) {
                            log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big  in cert " & int2str(v_counter) & "***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        
                        if (true != f_isValidPolygonalRegion(v_pr)) {
                            log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) in cert " & int2str(v_counter) & " ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        
                        if (f_vri) {
                            // current restrictions must be inside of the parent one
                            if (true != f_isPolygonalRegionInside(v_vri.validity.region.region.polygonal_region, v_pr)) {
                                log("*** " & testcasename() & ": FAIL: Certificate validity restriction region in cert " & int2str(v_counter) & " is not inside the issuing one ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
garciay's avatar
garciay committed
                            // FIXME Check holes
garciay's avatar
garciay committed
                        }
                    } else {
                        // Region validity restriction is not exist
                        if (f_vri) {
                            log("*** " & testcasename() & ": FAIL: Certificate validity restriction region must be set in the certificate "  & int2str(v_counter) &
                                                                  "because this restriction exists in the issuing certificate ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                } // End of 'for' statement
garciay's avatar
garciay committed
                log("*** " & testcasename() & ": PASS: All certificates has a valid polygonal region restrictions ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_05_02_BV
garciay's avatar
garciay committed
            
garciay's avatar
garciay committed
             * @desc Check that the identified certificate validity region contains values that correspond to numeric country codes 
             *       as defined in ISO 3166-1 or defined by United Nations Statistics Division 
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate'
             *             and containing certificate 
             *                 containing validity_restrictions['region']
             *                     containing region
             *                         containing region_type
             *                             indicating 'id'
             *                         and containing id_region
             *                             containing region_dictionary
             *                                 indicating 'iso_3166_1' (0)
             *                             and containing region_identifier
             *                                 indicating valid value according to 'iso_3166_1'
             *                         and containing local_region
             *                     or containing region
             *                         containing id_region
             *                             containing region_dictionary
             *                                  indicating 'un_stats'
             *                             and containing region_identifier
             *                                 indicating valid value according to UN STATS
             *                             and containing local_region
             *   }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_06_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.26 and 7.4.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                var Certificate         v_cert;
                var ValidityRestriction v_vr;
                var integer             v_counter;
garciay's avatar
garciay committed
                // Test control
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
garciay's avatar
garciay committed
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_E;
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
garciay's avatar
garciay committed
                // Test body
                tc_ac.start;
                f_waitForCertificate(v_cert);
                tc_ac.stop;
                if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) {
                    if (v_vr.validity.region.region_type == e_id) {
                        if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) {
                            log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        } else if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) {
                            log("*** " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                    log("*** " & testcasename() & ": PASS: Certificate has a valid  region ID restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                } else {
                    log("*** " & testcasename() & ": FAIL: Certificate doesn't have any location restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_06_01_BV
garciay's avatar
garciay committed
             * @desc Check that the identified certificate validity region contains values that correspond to numeric country codes 
             *       as defined in ISO 3166-1 or defined by United Nations Statistics Division
             *       Check that the identified certificate validity region contains values defining the region which is inside 
             *       the validity region of the issuing certificate 
garciay's avatar
garciay committed
             * @remark The case when signing certificate and issuing certificate contain different type of region validity restriction is not supported by this test 
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             and containing certificate 
             *                 indicating length N > 1
garciay's avatar
garciay committed
             *                 and containing certificates[n] (0..N)
garciay's avatar
garciay committed
             *                     containing validity_restrictions['region']
             *                         containing region
             *                             containing region_type
             *                                 indicating 'id'
             *                             and containing id_region
             *                                     containing region_dictionary
             *                                     indicating 'iso_3166_1' (0)
             *                                 and containing region_identifier
             *                                     indicating valid value according to 'iso_3166_1'
             *                             and containing local_region
             *                         or containing region
             *                             containing id_region
             *                                 containing region_dictionary
             *                                     indicating 'un_stats'
             *                                 and containing region_identifier
             *                                     indicating valid value according to UN STATS
             *                                 and containing local_region
             *   }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_06_02_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.26 and 7.4.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_06_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                var CertificateChain         v_chain;
                var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown);  // current and issuing cert validity restrictions
                var boolean f_vr := false, f_vri := false;
garciay's avatar
garciay committed
                // Test control
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
garciay's avatar
garciay committed
                    
                // Test component configuration
                vc_hashedId8ToBeUsed := cc_iutCert_E;
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
garciay's avatar
garciay committed
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                } else {
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                }
garciay's avatar
garciay committed
                f_vr := false;
                tc_ac.stop;
                for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) {
                    v_vri := v_vr;
                    f_vri := f_vr;
                    f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr);
                    
                    if (f_vr) {
                        if (v_vr.validity.region.region_type == e_id) {
                            if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) {
                                log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) {
                                log("*** " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        
                        if (f_vri) {
                            // the region code must be the same
                            if (v_vr.validity.region.region.id_region.region_identifier !=
                               v_vri.validity.region.region.id_region.region_identifier) {
                                log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            if (    v_vri.validity.region.region.id_region.local_region != 0 
                               and v_vri.validity.region.region.id_region.local_region != v_vr.validity.region.region.id_region.local_region ) {
                                log("*** " & testcasename() & ": FAIL: Certificate validity restriction local identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        }
                        
                    } else {
                        // Region validity restriction is not exist
                        if (f_vri) {
                            log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region must be set in the certificate "  & int2str(v_counter) &
                                                                  "because this restriction exists in the issuing certificate ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
garciay's avatar
garciay committed
                log("*** " & testcasename() & ": PASS: All certificates has a valid identified regionrestrictions ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_06_02_BV
garciay's avatar
garciay committed
            
garciay's avatar
garciay committed
             * @desc Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction 
             * <pre>
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION
garciay's avatar
garciay committed
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             and containing certificates 
             *                 indicating length N > 1
             *                 and containing certificates[n] (0..N)
             *                     indicating certificate
             *                         not containing validity_restrictions['region']
             *                         and containing signer_info
             *                             containing digest
             *                                 referenced to the certificate
             *                                     not containing validity_restrictions['region']
             *                     or indicating certificate
             *                         containing validity_restrictions['region']
             *                             containing region.region_type
             *                                 indicating 'none'
             *                         and containing signer_info
             *                             containing digest
             *                                 referenced to the certificate
             *                                     not containing validity_restrictions['region']
             *                                     or containing validity_restrictions['region']
             *                                         containing region.region_type
             *                                             indicating 'none'
             *                     or indicating certificate
             *                         containing validity_restrictions['region']
             *                             containing region.region_type
             *                                 indicated 'circle'
             *                                 or indicated 'rectangle'
             *                                 or indicated 'polygon'
             *                                 or indicated 'id'
             *                             and containing region (X_CERT__REGION)
             *                         and containing signer_info
             *                             containing digest
             *                                 referenced to the certificate
             *                                     not containing validity_restrictions['region']
             *                                     or containing validity_restrictions['region']
             *                                         containing region.region_type
             *                                             indicating 'none'
             *                                     or containing validity_restrictions['region']
             *                                         containing region
             *                                             indicating region fully covering the X_CERT_REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_07_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.26 and 7.4.1
garciay's avatar
garciay committed
             */
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                var CertificateChain    v_chain;
                var Certificate         v_cert, v_cert_issuer;
                var SignerInfo          v_si;
                var UInt8               v_counter;
                var HashedId8           v_digest;
                var CertificatesCaching v_certificatesCaching;
                var FncRetCode          v_result_status := e_success;
                
                // Test control
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION' required for executing the TC ***");
garciay's avatar
garciay committed
                    stop;
                }
                    
                // Test component configuration
//                vc_hashedId8ToBeUsed := cc_iutCert_E;
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                } else {
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                }
                
                // Test Body
                // 1. Create a cache of certificates
                f_createCertificatesCaching(v_chain, v_certificatesCaching);
                // 2. Process the certificates
                v_counter := f_getCertificatesCachingItemSize(v_certificatesCaching) - 1;
                while (v_counter != 0) {
                    // Get the first certificate
                    if (f_getCertificatesCachingItem(v_certificatesCaching, v_counter, v_cert) == false) {
                        v_result_status := e_error;
                        break;
                    }
                    // Retrive SigneInfo field
                    if (not f_getCertificateSignerInfo(v_cert, v_si)) {
                        log("*** " & testcasename() & ": FAIL: Certificate " & int2str(v_counter) & " doesn't have a signer info ***");
                        v_result_status := e_error;
                        break;
                    }
                    if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
                        log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
                        v_result_status := e_error;
                        break;
                    }
                    // Get issuer
                    if (f_getCertificateFromCaching(v_certificatesCaching, v_si.signerInfo.digest, v_cert_issuer) == false) {
                        log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
                        v_result_status := e_error;
                        break;
                    }
                    // Check that cert is signed by issuing cert
                    v_digest := f_calculateDigestFromCertificate(v_cert_issuer);
                    if (not match (v_si.signerInfo.digest, v_si.signerInfo.digest)) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
                        v_result_status := e_error;
                        break;
                    }
                    // Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction 
                    if (f_checkRegionValidityRestiction(v_cert, v_cert_issuer) == false) {
                        v_result_status := e_error;
                        break;
                    }
                    
                    // Prepare next loop
                    v_counter := v_counter - 1;
                    
                } // End of 'while' statement
                if (v_result_status == e_success) {
                    log("*** " & testcasename() & ": PASS: All certificates has a valid identified region restrictions ***");
                }
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, v_result_status);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_07_01_BV
garciay's avatar
garciay committed
            
            /**
             * @desc Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction
             * <pre>
garciay's avatar
garciay committed
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION
garciay's avatar
garciay committed
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             and containing certificates 
             *                 indicating length N > 1
             *                 and containing certificates[n] (0..N)
             *                     indicating certificate
             *                         containing validity_restrictions['region']
             *                             containing region.region_type
             *                                 indicated 'id'
             *                             and containing id_region
             *                                 containing region_dictionary
             *                                     indicating 'iso_3166_1' 
             *                                     or indicating 'un_stat' 
             *                                 and containing region_identifier (X_CERT_REGION_ID)
             *                                     indicating valid value according to 'iso_3166_1' or 'un_stat' 
             *                                 and containing local_region (X_CERT_LOCAL_REGION)
             *                         and containing signer_info
             *                             containing digest
             *                                 referenced to the certificate
             *                                     containing validity_restrictions['region']
             *                                         containing region
             *                                             indicated 'id'
             *                                         and containing id_region
             *                                             containing region_dictionary
             *                                                 indicating 'iso_3166_1' 
             *                                                 or indicating 'un_stat' 
             *                                             and containing region_identifier
             *                                                 indicating value == X_CERT_REGION_ID
             *                                             and containing local_region
             *                                                 indicating value == X_CERT_LOCAL_REGION
             *                                                 or indicating 0
             *                                             or containing id_region
             *                                                 containing region_dictionary
             *                                                    indicating 'un_stats'
             *                                                 and containing region_identifier
             *                                                     indicating region fully covering the X_CERT_REGION
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_07_02_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.26 and 7.4.1
garciay's avatar
garciay committed
             */
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_07_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                var CertificateChain    v_chain;
                var Certificate         v_cert, v_cert_issuer;
                var SignerInfo          v_si;
                var UInt8               v_counter;
                var HashedId8           v_digest;
                var CertificatesCaching v_certificatesCaching;
                var FncRetCode          v_result_status := e_success;
                
                // Test control
garciay's avatar
garciay committed
                if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***");
garciay's avatar
garciay committed
                    stop;
                }
                    
                // Test component configuration
//                vc_hashedId8ToBeUsed := cc_iutCert_E;
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                } else {
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                }
                
                // Test Body
                // 1. Create a cache of certificates
                f_createCertificatesCaching(v_chain, v_certificatesCaching);
                // 2. Process the certificates
                v_counter := f_getCertificatesCachingItemSize(v_certificatesCaching) - 1;
                while (v_counter != 0) {
                    // Get the first certificate
                    if (f_getCertificatesCachingItem(v_certificatesCaching, v_counter, v_cert) == false) {
                        v_result_status := e_error;
                        break;
                    }
                    // Retrive SigneInfo field
                    if (not f_getCertificateSignerInfo(v_cert, v_si)) {
                        log("*** " & testcasename() & ": FAIL: Certificate " & int2str(v_counter) & " doesn't have a signer info ***");
                        v_result_status := e_error;
                        break;
                    }
                    if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
                        log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
                        v_result_status := e_error;
                        break;
                    }
                    // Get issuer
                    if (f_getCertificateFromCaching(v_certificatesCaching, v_si.signerInfo.digest, v_cert_issuer) == false) {
                        log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
                        v_result_status := e_error;
                        break;
                    }
                    // Check that cert is signed by issuing cert
                    v_digest := f_calculateDigestFromCertificate(v_cert_issuer);
                    if (not match (v_si.signerInfo.digest, v_si.signerInfo.digest)) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
                        v_result_status := e_error;
                        break;
                    }
                    // Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction 
                    if (f_checkRegionValidityRestiction(v_cert, v_cert_issuer) == false) {
                        v_result_status := e_error;
                        break;
                    }
                    
                    // Prepare next loop
                    v_counter := v_counter - 1;
                    
                } // End of 'while' statement
                if (v_result_status == e_success) {
                    log("*** " & testcasename() & ": PASS: All certificates has a valid identified region restrictions ***");
                }
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, v_result_status);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_02_01_BV
garciay's avatar
garciay committed
            
            /**
garciay's avatar
garciay committed
             * @desc Check the certificate chain to ensure that the time validity restriction of the subordinate certificate is inside the time validity restriction of the issuing certificate
garciay's avatar
garciay committed
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
garciay's avatar
garciay committed
             *                 indicating 'certificate_chain'
garciay's avatar
garciay committed
             *             containing certificates
             *                 containing certificates[last-1]
             *                     containing validity_restrictions
             *                         containing validity_restrictions['time_start_and_end']
             *                             containing start_validity
             *                                 indicating START_AA_VALIDITY
             *                             containing end_validity
             *                                 indicating END_AA_VALIDITY >= START_AA_VALIDITY
             *                     and containing signer_info
             *                         containing digest
             *                             referenced to the trusted certificate
             *                                 containing validity_restrictions['time_end']
             *                                     containing end_validity
             *                                         indicating value > AA_END_VALIDITY
             *                                 or containing validity_restrictions['time_start_and_end']
             *                                     containing start_validity
             *                                         indicating value <= AA_START_VALIDITY
             *                                      and containing end_validity
             *                                         indicating value > AA_END_VALIDITY
             *                                 or containing validity_restrictions['time_start_and_duration']
             *                                     containing start_validity
             *                                         indicating X_START_VALIDITY <= AA_START_VALIDITY
             *                                     and containing duration
             *                                         indicating value > AA_END_VALIDITY - X_START_VALIDITY
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_08_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clauses 7.4.4
             */
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                var CertificateChain         v_chain;
                var Certificate              v_aa_cert;
                var ValidityRestriction      v_vr;
                var SignerInfo               v_si;
                var Time64                   v_generationTime;
                var Time64                   v_curTime;
                var Time64                   v_startTime, v_endTime, v_duration;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (lengthof(v_chain) < 2) {
                    log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                }
                v_aa_cert := v_chain[lengthof(v_chain) - 1];
                if (match (v_aa_cert.validity_restrictions, (superset(mw_validity_restriction_time_end,
                                                                      mw_validity_restriction_time_start_and_duration)))
                ) {
                    log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
                    log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                // Process signerInfo field
                if ( true != f_getCertificateSignerInfo(v_aa_cert, v_si)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo fields ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                if (v_si.type_ == e_certificate) {
                    log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo field containing a certificate ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                for (var integer v_counter := 0; v_counter < lengthof(v_si.signerInfo.certificate.validity_restrictions); v_counter := v_counter + 1) {
                    if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_end) {
                        v_endTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.end_validity * 1000000;
                        if (not match(v_generationTime, Time64:(0 .. v_endTime))){
                            log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } else if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_start_and_end) {
                        v_endTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000;
                        v_startTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000;
                        if (not match(v_generationTime, Time64:(v_startTime .. v_endTime))){
                            log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } else if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_start_and_duration) {
                        v_startTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000;
                        v_duration  := f_duration2time(v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000;
                        if (not match(v_generationTime, Time64:(v_startTime .. v_duration))){
                            log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } else {
                        log("*** " & testcasename() & ": FAIL: Mal-formed the certificate");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                } // End of 'for' statement
                
                log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_08_01_BV
garciay's avatar
garciay committed
            
            /**
             * @desc    Check that the certificate signature contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 
             *          or x_coordinate_only
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *      the IUT being requested to include certificate in the next CAM
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
garciay's avatar
garciay committed
             *       the IUT is requested to send a CAM
garciay's avatar
garciay committed
             *   } then {
garciay's avatar
garciay committed
             *       the IUT sends a SecuredMessage
             *           containing header_fields['signer_info'].signer
             *               containing type
             *                   indicating certificate
             *               containing certificate
             *                   containing signature.ecdsa_signature
             *                       containing R.type
             *                           indicating compressed_lsb_y_0
             *                           or indicating compressed_lsb_y_1 
             *                           or indicating x_coordinate_only
garciay's avatar
garciay committed
             *   }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_09_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.9
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_at_certificate(
                                                ?,
                                                ?,
                                                ?,
                                                mw_signature(
                                                    mw_ecdsaSignature(
                                                        mw_eccPointecdsa_nistp256_with_sha256_y0_coordinate_only
                    ))))))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_0 received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_at_certificate(
                                                ?,
                                                ?,
                                                ?,
                                                mw_signature(
                                                    mw_ecdsaSignature(
                                                        mw_eccPointecdsa_nistp256_with_sha256_y1_coordinate_only
                    ))))))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_1 received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_at_certificate(
                                                ?,
                                                ?,
                                                ?,
                                                mw_signature(
                                                    mw_ecdsaSignature(
                                                        mw_eccPointecdsa_nistp256_with_sha256_x_coordinate_only
                    ))))))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to x_coordinate_only received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_at_certificate
                    )))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: AT certificate signature mismatch ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_09_01_BV
garciay's avatar
garciay committed
             * @desc    Check that the all certificates in a chain have signatures contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 
             *          or x_coordinate_only
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             *   the IUT being requested to include certificate in the next CAM
garciay's avatar
garciay committed
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             containing certificates
             *                 indicating length N > 1
             *                 and indicating certificates[n] (0..N)
             *                     containing signature.ecdsa_signature
             *                         containing R.type
             *                             indicating compressed_lsb_y_0
             *                             or indicating compressed_lsb_y_1 
             *                             or indicating x_coordinate_only 
garciay's avatar
garciay committed
             *   }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_09_02_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.9
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo       v_si;
                var CertificateChain v_chain;
                var integer          v_counter;
garciay's avatar
garciay committed
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
garciay's avatar
garciay committed
                                        mw_header_field_signer_info_certificate_chain
                    ))))) -> value v_geoNwInd {
garciay's avatar
garciay committed
                        tc_ac.stop;
garciay's avatar
garciay committed
                        // Check certificate chain
                        if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) {
                            v_chain  :=  v_si.signerInfo.certificates;
                            for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) {
                                if (v_chain[v_counter].signature_.algorithm != e_ecdsa_nistp256_with_sha256) {
                                    log("*** " & testcasename() & ": FAIL: Wrong signature algorithm ***");
                                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                                } else if (
                                    (v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_x_coordinate_only) and 
                                    (v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_compressed_lsb_y_0) and 
                                    (v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_compressed_lsb_y_1) 
                                ) {
                                    log("*** " & testcasename() & ": FAIL: Wrong ECDSA R type ***");
                                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                                }
                            } // End of 'for' statement
                        }
                        log("*** " & testcasename() & ": PASS: All certificates in a chain have the correct signature type ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_09_02_BV
garciay's avatar
garciay committed
            
            /**
             * @desc    Check that the certificate verification key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 
             *          or uncompressed
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer
             *         containing type
             *           indicating certificate
             *         containing certificate
             *             containing subject_attributes['verification_key']
             *                 containing key.public_key.type
             *                     indicating compressed_lsb_y_0
             *                     or indicating compressed_lsb_y_1 
             *                     or indicating x_coordinate_only
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_10_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.4
             */
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_at_certificate(
                                                ?,
                                                superset(
                                                    mw_subject_attribute_verification_key(
                                                        mw_publicKey_eccPoint_compressed_lsb_y_0
                                                    )
                                                ),
                                                ?,
                                                mw_signature
                    ))))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to compressed_lsb_y_0 received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
garciay's avatar
garciay committed
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_at_certificate(
                                                ?,
                                                superset(
                                                    mw_subject_attribute_verification_key(
                                                        mw_publicKey_eccPoint_compressed_lsb_y_1
                                                    )
                                                ),
                                                ?,
garciay's avatar
garciay committed
                                                mw_signature
garciay's avatar
garciay committed
                    ))))))) {
                        tc_ac.stop;
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to compressed_lsb_y_1 received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_at_certificate(
                                                ?,
                                                superset(
                                                    mw_subject_attribute_verification_key(
                                                        mw_publicKey_eccPoint_uncompressed
                                                    )
                                                ),
                                                ?,
garciay's avatar
garciay committed
                                                mw_signature
garciay's avatar
garciay committed
                    ))))))) {
                        tc_ac.stop;
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to uncompressed received ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate(
                                            mw_at_certificate
                    )))))) {
                        tc_ac.stop;
                        log("*** " & testcasename() & ": FAIL: AT certificate signature mismatch ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_10_01_BV
garciay's avatar
garciay committed
            
            /**
             * @desc    Check that  all certificate in a chain have verification keys contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 
             *          or uncompressed
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * }
             * Expected Behaviour:
             * ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *             containing type
             *                 indicating 'certificate_chain'
             *             containing certificates
             *                 indicating length N > 1
             *                 and indicating certificates[n] (0..N)
             *                     containing signature.ecdsa_signature
             *                         containing subject_attributes['verification_key']
             *                             indicating compressed_lsb_y_0
             *                             or indicating compressed_lsb_y_1 
             *                             or indicating uncompressed 
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_10_02_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 4.2.4
             */
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_10_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Local variables
                var GeoNetworkingInd v_geoNwInd;
                var SignerInfo       v_si;
                var CertificateChain v_chain;
                var integer          v_counter;
                                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate_chain
                    ))))) {
                        tc_ac.stop;
                        // Check certificate chain
                        if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) {
                            v_chain  :=  v_si.signerInfo.certificates;
                            for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) {
                                if (
                                    (not match(v_chain[v_counter], mw_certificate(?, ?, superset(mw_subject_attribute_verification_key(mw_publicKey_eccPoint_compressed_lsb_y_0))))) and
                                    (not match(v_chain[v_counter], mw_certificate(?, ?, superset(mw_subject_attribute_verification_key(mw_publicKey_eccPoint_compressed_lsb_y_1))))) and
                                    (not match(v_chain[v_counter], mw_certificate(?, ?, superset(mw_subject_attribute_verification_key(mw_publicKey_eccPoint_uncompressed)))))
                                ) {
                                    log("*** " & testcasename() & ": FAIL: Wrong verification key algorithm ***");
                                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                                }
                            } // End of 'for' statement
                        }
                        log("*** " & testcasename() & ": PASS: All certificates in a chain have the correct verification key ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_10_02_BV
garciay's avatar
garciay committed
            
            /**
             * @desc Check the certificate signature 
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
             *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
             *         containing type
             *           indicating 'certificate'
garciay's avatar
garciay committed
             *         ND containing certificate
             *           containing signer_info
garciay's avatar
garciay committed
             *             containing type
             *               indicating 'certificate_digest_with_sha256'
             *             containing digest
             *               referenced to the certificate CERT
garciay's avatar
garciay committed
             *           and containing signature
garciay's avatar
garciay committed
             *             verifiable using CERT.subject_attributes['verification_key'].key
             *   }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_09_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_11_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Local declarations
                var GeoNetworkingInd v_geoNwInd;
                var Certificate      v_at_cert;
                var Certificate      v_aa_cert;
                var HashedId8        v_aa_digest;
                var SignerInfo       v_si;
                var integer          v_counter;
garciay's avatar
garciay committed
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                    
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
garciay's avatar
garciay committed
                // Wait for the message with the certificate to get the AA cert digest.
                // Ask for the chain, containing AT and AA certificate
                // Check that the AT cert in the first message is signed with the AA cert
                log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
                tc_ac.start;
                f_waitForCertificate(v_at_cert);
                tc_ac.stop;
garciay's avatar
garciay committed
                if (true != f_getCertificateSignerInfo(v_at_cert, v_si)) {
                    log("*** " & testcasename() & ": FAIL: AT Certificate signer info is unknown ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
garciay's avatar
garciay committed
                if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
                    log("*** " & testcasename() & ": FAIL: AT Certificate is not signed well ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
garciay's avatar
garciay committed
                v_aa_digest := v_si.signerInfo.digest;
                
                // Send a certificate request to the IUT 
                f_sendCertificateRequest(v_aa_digest, f_generateDefaultCam());
                    
                // Test Body
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate_chain
                    ))))) -> value v_geoNwInd {
                        var SecuredMessage v_secMsg;
                        var integer v_chainLength;
                        tc_ac.stop;
                        // Check certificate chain
                        
                        if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) {
                            v_chainLength := lengthof(v_si.signerInfo.certificates);
                            if (v_chainLength < 2 ) {
                                log("*** " & testcasename() & ": FAIL: Certificate chain doesn't contain the AA cert ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            // get aa cert
                            v_aa_cert := v_si.signerInfo.certificates[v_chainLength-2];
                            if (not match (v_aa_digest, f_calculateDigestFromCertificate(v_aa_cert))) {
                                log("*** " & testcasename() & ": FAIL: AT certificate was not signed with the given AA cert ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            // Check that at cert is signed with aa cert
                            if (false == f_verifyCertificateSignatureWithIssuingCertificate(v_at_cert, v_aa_cert)) {
                                log("*** " & testcasename() & ": FAIL: AT certificate signature error ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                            
                            log("*** " & testcasename() & ": PASS: AT certificate was well signed with AA certificate ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                        } else {
                            log("*** " & testcasename() & ": FAIL: The message signer info is unknown ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                } // End of 'alt' statement
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_11_01_BV
garciay's avatar
garciay committed
             * @desc Check the signatures of the certificates in the chain 
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
garciay committed
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
             *         containing header_fields['signer_info'].signer
             *           containing type
             *               indicating 'certificate_chain'
             *         and containing certificates
             *             indicating length N > 1
             *             and containing certificate[0]
             *                 containing signer_info
             *                     containing type
             *                         indicating 'certificate_digest_with_sha256'
             *                     and containing digest
             *                         referenced to the trusted certificate (CERT_ROOT)
             *                 and containing signature
             *                     verifiable using CERTIFICATES[N-1].subject_attributes['verification_key'].key
             *             and containing certificates[n] (1..N)
             *                 containing signer_info {
             *                     containing type
             *                         indicating 'certificate_digest_with_sha256'
             *                     and containing digest
             *                         referenced to the certificates[n-1]
             *                 and containing signature
             *                     verifiable using certificates[n-1].subject_attributes['verification_key'].key
garciay's avatar
garciay committed
             *   }
             * }
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_09_02_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clauses 6.1 and 7.4.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_SND_CERT_11_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                // Local declarations
                var GeoNetworkingInd v_geoNwInd;
                var Certificate      v_cert;
                var CertificateChain v_chain;
                var SignerInfo       v_si;
                var HashedId8        v_digest;
                var integer          v_counter;
garciay's avatar
garciay committed
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
garciay's avatar
garciay committed
                // Wait for the message with the certificate to get the AA cert digest.
                // Ask for the chain, containing AT and AA certificate
                // Check that the AT cert in the first message is signed with the AA cert
                log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate and ask for a certificate chain ***");
                tc_ac.start;
                f_askForCertificateChain(f_generateDefaultCam());
                tc_ac.stop;
                    
garciay's avatar
garciay committed
                tc_ac.start;
                alt {
                    [] geoNetworkingPort.receive(
                        mw_geoNwInd(
                            mw_geoNwSecPdu(
                                mdw_securedMessage(
                                    superset(
                                        mw_header_field_signer_info_certificate_chain
                    ))))) -> value v_geoNwInd {
                        var SecuredMessage v_secMsg;
                        var integer v_chainLength;
                        tc_ac.stop;
                        // Check certificate chain
                        if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) {
                            v_chain  :=  v_si.signerInfo.certificates;
                            for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) {
                                if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) {
                                    log("*** " & testcasename() & ": FAIL: Certificate "&int2str(v_counter) & " doesn't have a signer info ***");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                                if (not match (v_si.type_, e_certificate_digest_with_sha256)) {
                                    log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                                // Check that cert is signed by issuing cert
                                v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]);
                                if (not match (v_si.signerInfo.digest, v_digest)) {
                                    log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                                // Check that the signature is valid
                                if (false == f_verifyCertificateSignatureWithIssuingCertificate(v_chain[v_counter], v_chain[v_counter - 1])) {
                                    log("*** " & testcasename() & ": FAIL: AT certificate signature error ***");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                            } // End of 'for' statement
                            
                            log("*** " & testcasename() & ": PASS: All certificates in the chain signed by it's issuing certs ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                        } else {
                            log("*** " & testcasename() & ": FAIL: The message signer info is unknown ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                    [] tc_ac.timeout {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
                    }
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
                
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_SND_CERT_11_02_BV
            
            /**
             * @desc Check that the assurance level of the subordinate certificate is equal to or less than the assurance level of the issuing certificate
             * <pre>
             * Pics Selection: PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer
             *         containing type
garciay's avatar
garciay committed
             *           indicating 'certificate_chain'
garciay's avatar
garciay committed
             *         containing certificates
             *           indicating length N > 1
             *           and containing certificates[n](0..N)
             *             containing subject_attributes ['assurance_level']
             *               containig assurance_level
             *                 containing bits [5-7]
             *                   indicating assurance level CERT_AL
             *             and containing signer_info
             *               containing digest
             *                 referenced to the certificate
             *                   containing subject_attributes ['assurance_level']
             *                     containing assurance_level
             *                       containing bits [5-7]
             *                         indicating value <= CERT_AL
             *   }
             * }
             * </pre>
garciay's avatar
garciay committed
             * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_12_01_BV
garciay's avatar
garciay committed
             * @reference   ETSI TS 103 097 [1], clause 7.4.1
garciay's avatar
garciay committed
             */
            testcase TC_SEC_ITSS_SND_CERT_12_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                var CertificateChain         v_chain;
                var Certificate              v_aa_cert, v_at_cert;
                var SubjectAttribute         v_sa;
                var SubjectAssurance         v_aa_assurance_level, v_at_assurance_level;
                
                // Test control
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
                // Test component configuration
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                tc_ac.start;
                if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                    log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                }
                tc_ac.stop;
                if (lengthof(v_chain) < 2) {
                    log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                }
                v_aa_cert := v_chain[lengthof(v_chain) - 2];
                v_at_cert := v_chain[lengthof(v_chain) - 1];
                if (not f_getCertificateSubjectAttribute(v_aa_cert, e_assurance_level, v_sa)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                v_aa_assurance_level := v_sa.attribute.assurance_level;
                
                if (not f_getCertificateSubjectAttribute(v_at_cert, e_assurance_level, v_sa)) {
                    log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                v_at_assurance_level := v_sa.attribute.assurance_level;
                
                if (bit2int(v_aa_assurance_level.levels) < bit2int(v_at_assurance_level.levels)) {
                    log("*** " & testcasename() & ": FAIL: The assurence levels mismatch ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                } else {
                    log("*** " & testcasename() & ": PASS: The assurence levels match ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_SND_CERT_12_01_BV
garciay's avatar
garciay committed
             * @desc Sending behaviour test cases for AA certificate profil
             * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7.7 AA certificate profile
             */
            group AA_Certificates {
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that the subject_type of the AA certificate is set to authorization_authority
garciay's avatar
garciay committed
                 * <pre>
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate_chain'
garciay's avatar
garciay committed
                 *         containing certificates[last-1]
garciay's avatar
garciay committed
                 *           containing subject_info.subject_type
                 *             indicating 'authorization_authority' (2)
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_01_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clause 7.4.4
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AA_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var CertificateChain         v_chain;
                    
                    // Test control
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (lengthof(v_chain) < 2) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                    }
                    if (not match(v_chain[lengthof(v_chain) - 2], mw_aa_certificate)) {
                        log("*** " & testcasename() & ": FAIL: AA certificate not found in the chain[last-1] ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    log("*** " & testcasename() & ": PASS: AA certificate was found in the chain ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
garciay committed
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AA_01_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that the AA certificsate subject_name variable-length vector contains 32 bytes maximum
garciay's avatar
garciay committed
                 * <pre>
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate_chain'
garciay's avatar
garciay committed
                 *         containing certificates[last-1]
garciay's avatar
garciay committed
                 *           containing subject_info.subject_name
                 *             indicating length <= 32 bytes
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_02_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clause 6.2
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AA_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var CertificateChain         v_chain;
                    
                    // Test control
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (lengthof(v_chain) < 2) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                    }
                    // Verified automatically on decoding
                    if (lengthof(v_chain[lengthof(v_chain) - 2].subject_info.subject_name) > 32 ) {
                        log("*** " & testcasename() & ": FAIL: Subject name of the AA certificate is too long ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    log("*** " & testcasename() & ": PASS: Subject name of the AA certificate is good ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AA_02_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that signer_info type of AA certificates is set to 'certificate_digest_with_sha256'
garciay's avatar
garciay committed
                 * <pre>
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate_chain'
garciay's avatar
garciay committed
                 *         containing certificates[last-1]
                 *           containing signer_info
garciay's avatar
garciay committed
                 *             containing type
                 *               indicating 'certificate_digest_with_sha256'
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_03_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clause 7.4.4
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AA_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var CertificateChain         v_chain;
                    var Certificate              v_aa_cert;
                    
                    // Test control
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (lengthof(v_chain) < 2) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                    }
                    v_aa_cert := v_chain[lengthof(v_chain) - 2];
                    if (not match(v_aa_cert, mw_aa_certificate(mw_signerInfo_digest))) {
                        log("*** " & testcasename() & ": FAIL: AA certificate not signed by digest ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    log("*** " & testcasename() & ": PASS: AA certificate is signed by digest ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AA_03_01_BV
                
garciay's avatar
garciay committed
                /**
                 * @desc Check that AA certificate is signed by Root CA or other authority
                 * @remark There is no clear specification that AA cert shall be signed by the Root CA only
                 * <pre>
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
                 *       containing header_fields['signer_info'].signer
                 *         containing type
                 *           indicating 'certificate_chain'
                 *         containing certificates
                 *           containing certificates[last-1]
                 *             containing signer_info
                 *               containing type
                 *                 indicating 'certificate_digest_with_ecdsap256'
                 *               and containing digest
                 *                 referencing to the trusted certificate
                 *                   containing subject_info.subject_type
                 *                     indicating 'root_ca'
                 *                     or indicating 'authorisation_authority'
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_04_01_BV
                 * @reference   ETSI TS 103 097 [1], clauses 6.3
garciay's avatar
garciay committed
                 */
                testcase TC_SEC_ITSS_SND_CERT_AA_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                    var CertificateChain    v_chain;
                    var Certificate         v_aa_cert, v_ca_cert;
                    var SignerInfo          v_si;
                    var HashedId8           v_ca_digest;
                    
                    // Test control
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    v_aa_cert := v_chain[lengthof(v_chain) - 2];
                    // Process signerInfo field
                    if ( true != f_getCertificateSignerInfo(v_aa_cert, v_si)) {
                        log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo fields ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    if (v_si.type_ == e_certificate_digest_with_sha256) {
                        log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo field containing a certificate_digest_with_ecdsap256 ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    f_readCertificate(cc_taCert_CA, v_ca_cert);
                    v_ca_digest := f_calculateDigestFromCertificate(v_ca_cert); 
                    
                    if (not match(v_aa_cert, mw_aa_certificate(mw_signerInfo_digest(v_ca_digest)))) {
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": FAIL: AA certificate signer info doesn't reference the CA certificate from the chain ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    if (not f_verifyCertificateSignatureWithIssuingCertificate(v_aa_cert, v_ca_cert)) {
                        log("*** " & testcasename() & ": FAIL: AT certificate signature verification failed ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    log("*** " & testcasename() & ": PASS: AA certificate was signed by the CA certificate from the given chain ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
                } // End of testcase TC_SEC_ITSS_SND_CERT_AA_04_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that all neccesary subject attributes are present and arranged in accesing order
garciay's avatar
garciay committed
                 * <pre>
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate_chain'
garciay's avatar
garciay committed
                 *         containing certificates[last-1]
                 *           containing subject_attributes [0..N]
garciay's avatar
garciay committed
                 *             indicating subject_attributes[n].type < subject_attributes[n+ 1].type
                 *             containing subject_attributes['verification_key']
                 *             containing subject_attributes['assurance_level']
                 *             containing subject_attributes['its_aid_list']
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_05_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clauses 6.1, 7.4.1 and 7.4.4
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AA_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var CertificateChain         v_chain;
                    var SubjectAttributes        v_attrs;
                    
                    // Test control
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (lengthof(v_chain) < 2) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                    }
                    if (not match(v_chain[lengthof(v_chain) - 2], 
                                 mw_aa_certificate(?,
                                        superset(mw_subject_attribute_verification_key,
                                                 mw_subject_attribute_assurance_level,
                                                 mw_subject_attribute_its_aid_list)))
                     ) {
                        log("*** " & testcasename() & ": FAIL: Required subject attribute of AA certificate is not found ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    v_attrs := v_chain[lengthof(v_chain) - 2].subject_attributes;
                    for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) {
                        if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) {
                            log("*** " & testcasename() & ": FAIL: AA certificate subject attributes are not arranged in accening order ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    }
                    
                    log("*** " & testcasename() & ": PASS: All required AA certificate subject attributes are presents ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AA_05_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that all AIDs containing in the its_aid_list in AA certificate are unique
garciay's avatar
garciay committed
                 *       Check that AID list contains not more then 31 items
garciay's avatar
garciay committed
                 * <pre>
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate_chain'
garciay's avatar
garciay committed
                 *         containing certificates[last-1]
                 *           containing subject_attributes['its_aid_list']
                 *             containing its_aid_list[0..N]
                 *               containing no more then 31 unique item
garciay's avatar
garciay committed
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_08_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clauses 7.4.4
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AA_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var CertificateChain         v_chain;
                    var Certificate              v_aa_cert;
garciay's avatar
garciay committed
                    var SubjectAttribute         v_sa;
garciay's avatar
garciay committed
                    
                    // Test control
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (lengthof(v_chain) < 2) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                    }
                    v_aa_cert := v_chain[lengthof(v_chain) - 2];
garciay's avatar
garciay committed
                    if (f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) {
                        
                        if (lengthof(v_sa.attribute.its_aid_list) > 31) {
                            log("*** " & testcasename() & ": FAIL: ITS-AID list contains " & int2str(lengthof(v_sa.attribute.its_aid_list)) & " items (>31) ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                        
                        for (var integer v_counter :=0; v_counter < lengthof(v_sa.attribute.its_aid_list); v_counter := v_counter + 1) {
                            for (var integer j :=0; j < lengthof(v_sa.attribute.its_aid_list); j := j + 1) {
                                if (v_counter != j and v_sa.attribute.its_aid_list[v_counter] == v_sa.attribute.its_aid_list[j]) {
                                    log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_sa.attribute.its_aid_list[j]) & " is duplicated in AA certificate ***");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
                            }
                        } // End of 'for' statement
                    } else {
                        log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AA_08_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that all mandatory validity restrictions are present and arranged in ascending order
garciay's avatar
garciay committed
                 * <pre>
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
                 *           containing type
                 *               indicating 'certificate_chain'
                 *           and containing certificates
                 *               containing certificates[last-1]
                 *                   containing validity_restrictions[0..N]
garciay's avatar
garciay committed
                 *                       indicating validity_restrictions[n].type < validity_restrictions[n+1].type
garciay's avatar
garciay committed
                 *                       and containing validity_restrictions['time_start_and_end']
                 *                       and not containing validity_restrictions['time_end']
                 *                       and not containing validity_restrictions['time_start_and_duration']
garciay's avatar
garciay committed
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_10_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clauses 6.1, 6.7 and 7.4.1
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AA_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    // Local variables
garciay's avatar
garciay committed
                    var CertificateChain v_chain;
                    var Certificate v_cert;
                    var integer v_previousValidityRestrictionType;
garciay's avatar
garciay committed
                    
                    // Test control
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
garciay's avatar
garciay committed
                    tc_ac.start;
garciay's avatar
garciay committed
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    
                    // Test Body
                    // Process certificate[last - 1]
                    v_cert := v_chain[lengthof(v_chain) - 2];
                    if (match(
                              v_cert.validity_restrictions, 
                              (
                                  superset(
                                      mw_validity_restriction_time_end,
                                      mw_validity_restriction_time_start_and_duration
                                  )
                              )
                    )) {
                        log("*** " & testcasename() & ": FAIL: certificate[last-2] must not contain time_end and time_start_and_duration restrictions ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    for (var integer v_counter := 1; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
                        // Check forbidden header
                        if (not match(v_cert.validity_restrictions[v_counter].type_, e_time_start_and_end)) { // FIXME To be reviewed
                            log("*** " & testcasename() & ": FAIL: Forbidden header present");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        } 
garciay's avatar
garciay committed
                        
garciay's avatar
garciay committed
                        if (v_counter > 1 ) {
                            // Check that headers are ordered
                            if (match(v_cert.validity_restrictions[v_counter].type_, integer:(0..v_previousValidityRestrictionType))) {
                                // Check that header is duplicated
                                if (match(v_cert.validity_restrictions[v_counter].type_, v_previousValidityRestrictionType)) {
                                    log("*** " & testcasename() & ": FAIL: multiple instances of same header");
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                } else {
                                    log("*** " & testcasename() & ": FAIL: headers not in correct order");
garciay's avatar
garciay committed
                                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                                }
garciay's avatar
garciay committed
                            }
garciay's avatar
garciay committed
                        }
garciay's avatar
garciay committed
                        v_previousValidityRestrictionType := enum2int(v_cert.validity_restrictions[v_counter].type_);
                    } // End of 'for' statement
                    
                    log("*** " & testcasename() & ": PASS: Time validity restriction of the certificate[last-2] is good ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
garciay committed
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AA_10_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that time_start_and_end is included in the AA certificate validation restrictions;
                 *       Check that end_validity is greater than start_validity
                 *       Check that validity restriction of AA certificate is inside the validity restriction of its issuing certificate
garciay's avatar
garciay committed
                 * <pre>
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate_chain'
garciay's avatar
garciay committed
                 *         containing certificates[last-1] {
                 *           containing validity_restrictions
garciay's avatar
garciay committed
                 *             containing validity_restrictions['time_start_and_end']
                 *               containing start_validity
                 *                 indicating START_AA_VALIDITY
                 *               containing end_validity
                 *                 indicating END_AA_VALIDITY >=START_AA_VALIDITY
                 *             and containing signer_info
                 *               containing digest
                 *                 referenced to the trusted certificate
                 *                   containing validity_restrictions['time_end']
                 *                     containing end_validity
                 *                       indicating value > AA_END_VALIDITY
                 *                   or containing validity_restrictions['time_start_and_end']
                 *                     containing start_validity
                 *                       indicating value <= AA_START_VALIDITY
                 *                     and containing end_validity
                 *                       indicating value > AA_END_VALIDITY
                 *                   or containing validity_restrictions['time_start_and_duration']
                 *                     containing start_validity
                 *                       indicating X_START_VALIDITY <= AA_START_VALIDITY
                 *                     and containing duration
                 *                       indicating value > AA_END_VALIDITY - X_START_VALIDITY
garciay's avatar
garciay committed
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_11_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clauses 7.4.4
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AA_11_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var CertificateChain         v_chain;
                    var Certificate              v_aa_cert;
                    var ValidityRestriction      v_vr;
                    
                    // Test control
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (lengthof(v_chain) < 2) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                    }
                    v_aa_cert := v_chain[lengthof(v_chain) - 2];
                    if (match (v_aa_cert.validity_restrictions, (superset(mw_validity_restriction_time_end,
                                                                          mw_validity_restriction_time_start_and_duration)))
                    ) {
                        log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) {
                        log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
                        log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AA_11_01_BV
garciay's avatar
garciay committed
                
            } // End of group AA_Certificates 
garciay's avatar
garciay committed
             * @desc Sending behaviour test cases for AT certificate profil
             * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7.8 AT certificate profile
             */
            group AT_Certificates {
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that the subject_type of the AT certificate is set to 'authorization_ticket'
garciay's avatar
garciay committed
                 * <pre>
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * with {
garciay's avatar
garciay committed
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate in the next CAM
garciay's avatar
garciay committed
                 * } ensure that {
garciay's avatar
garciay committed
                 *      when {
                 *          the IUT is requested to send a CAM
                 *     } then {
                 *         the IUT sends a SecuredMessage
                 *             containing header_fields['signer_info'].signer
                 *                 containing type
                 *                     indicating 'certificate'
                 *                 and containing certificate
                 *                     containing subject_info.subject_type
                 *                         indicating 'authorization_ticket' (1)
                 *     }
garciay's avatar
garciay committed
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_01_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clause 7.4.2
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AT_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var Certificate         v_at_cert;
                    
                    // Test control
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
                    tc_ac.start;
                    if (not f_waitForCertificate(v_at_cert)) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (not match(v_at_cert, mw_at_certificate)) {
                        log("*** " & testcasename() & ": FAIL: Message wasn't signed by AT certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    log("*** " & testcasename() & ": PASS: AT certificate has the 'authorization_ticket' subject_type  ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AT_01_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that the subject_name variable-length vector is empty for AT certificates
garciay's avatar
garciay committed
                 * <pre>
garciay's avatar
garciay committed
                 * Pics Selection: PICS_GN_SECURITY
garciay's avatar
garciay committed
                 * Config Id: CF01
                 * with {
garciay's avatar
garciay committed
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate in the next CAM
garciay's avatar
garciay committed
                 * } ensure that {
garciay's avatar
garciay committed
                 *      when {
                 *          the IUT is requested to send a CAM
                 *      } then {
                 *          the IUT sends a SecuredMessage
                 *              containing header_fields['signer_info'].signer
                 *                  containing type
                 *                      indicating 'certificate'
                 *                  and containing certificates
                 *                      containing subject_info.subject_name
                 *                          indicating length = 0
                 *     }
garciay's avatar
garciay committed
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_02_01_BV
                 * @reference   ETSI TS 103 097 [1], clause 7.4.2
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AT_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var Certificate         v_at_cert;
                    
                    // Test control
garciay's avatar
garciay committed
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
garciay's avatar
garciay committed
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
                    tc_ac.start;
                    if (not f_waitForCertificate(v_at_cert)) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
garciay's avatar
garciay committed
                    if (0 != lengthof(v_at_cert.subject_info.subject_name)) {
                        log("*** " & testcasename() & ": FAIL: Subject name of the AT certificate is not empty ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: Subject name of the AT certificate is empty ***");
garciay's avatar
garciay committed
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AT_02_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that signer_info type of AT certificates is set to 'certificate_digest_with_sha256' 
garciay's avatar
garciay committed
                 * <pre>
garciay's avatar
garciay committed
                 * Pics Selection: PICS_GN_SECURITY
garciay's avatar
garciay committed
                 * Config Id: CF01
                 * with {
garciay's avatar
garciay committed
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate in the next CAM
garciay's avatar
garciay committed
                 * } ensure that {
garciay's avatar
garciay committed
                 *      when {
                 *          the IUT is requested to send a CAM
                 *      } then {
                 *          the IUT sends a SecuredMessage
                 *              containing header_fields['signer_info'].signer
                 *                  containing type
                 *                      indicating 'certificate'
                 *                  and containing certificate
                 *                      containing signer_info
                 *                          containing type
                 *                              indicating 'certificate_digest_with_sha256'
                 *      }
garciay's avatar
garciay committed
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_03_01_BV
                 * @reference   ETSI TS 103 097 [1], clauses 7.4.2
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AT_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var Certificate         v_at_cert;
                    
                    // Test control
garciay's avatar
garciay committed
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
garciay's avatar
garciay committed
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
                    tc_ac.start;
                    if (not f_waitForCertificate(v_at_cert)) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
garciay's avatar
garciay committed
                    if (
                        not match(v_at_cert, mw_certificate(mw_signerInfo_digest))
                    ) {
                        log("*** " & testcasename() & ": FAIL: AT certificate doesn't contain a digest of issuing cert ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: The signer info of AT certificate is a digest ***");
garciay's avatar
garciay committed
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AT_03_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that subject attributes are present and arranged in ascending order
garciay's avatar
garciay committed
                 * <pre>
garciay's avatar
garciay committed
                 * Pics Selection: PICS_GN_SECURITY
garciay's avatar
garciay committed
                 * Config Id: CF01
                 * with {
garciay's avatar
garciay committed
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate in the next CAM
garciay's avatar
garciay committed
                 * } ensure that {
garciay's avatar
garciay committed
                 *     when {
                 *         the IUT is requested to send a CAM
                 *     } then {
                 *         the IUT sends a SecuredMessage
                 *             containing header_fields['signer_info'].signer
                 *                 containing type
                 *                     indicating 'certificate'
                 *             containing certificate
                 *                 containing subject_attributes [0..N]
                 *                     indicating subject_attributes[n].type < subject_attributes[n+ 1].type
                 *                 containing subject_attributes['verification_key']
                 *                 containing subject_attributes['assurance_level']
                 *                 containing subject_attributes['its_aid_ssp_list']
                 *     }
garciay's avatar
garciay committed
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_04_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clauses 7.4.1 and 7.4.2
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AT_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var Certificate         v_at_cert;
                    var SubjectAttributes   v_attrs;
                    
                    // Test control
garciay's avatar
garciay committed
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
garciay's avatar
garciay committed
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
                    tc_ac.start;
                    if (not f_waitForCertificate(v_at_cert)) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (not match(
                        v_at_cert, 
                            mw_at_certificate(
                                ?,
                                superset(
                                    mw_subject_attribute_verification_key,
                                    mw_subject_attribute_assurance_level,
                                    mw_subject_attribute_its_aid_ssp_list
                     )))) {
                        log("*** " & testcasename() & ": FAIL: Required subject attribute of AT certificate is not found ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    v_attrs := v_at_cert.subject_attributes;
                    for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) {
                        if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) {
                            log("*** " & testcasename() & ": FAIL: AT certificate subject attributes are not arranged in ascending order ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } // End of 'for' statement
                    
                    log("*** " & testcasename() & ": PASS: All required AT certificate subject attributes are presents and arranged in ascending order ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AT_04_01_BV
garciay's avatar
garciay committed
                
                /**
                 * @desc Check that time_start_and_end is included in the AT certificate validation restrictions
garciay's avatar
garciay committed
                 *       Check that time_start_and_end is inside the AA certificate time restrictions
                 *       Check that validity restriction of AT certificate is inside the validity restriction of its issuing certificate 
garciay's avatar
garciay committed
                 * <pre>
garciay's avatar
garciay committed
                 * Pics Selection: PICS_GN_SECURITY
garciay's avatar
garciay committed
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate_chain'
garciay's avatar
garciay committed
                 *         containing certificates[last] 
garciay's avatar
garciay committed
                 *           containing subject_info.subject_type
                 *             indicating 'authorization_ticket' (1)
                 *           not containing validity_restrictions['time_end']
                 *           and not containing validity_restrictions['time_start_and_duration']
garciay's avatar
garciay committed
                 *           and containing validity_restrictions['time_start_and_end'] 
garciay's avatar
garciay committed
                 *             containing start_validity
garciay's avatar
garciay committed
                 *               indicating START_AT_VALIDITY
garciay's avatar
garciay committed
                 *             and containing end_validity
garciay's avatar
garciay committed
                 *               indicating END_AT_VALIDITY
garciay's avatar
garciay committed
                 *         and containing certificates[last-1] 
                 *           containing validity_restrictions['time_end']
                 *             containing end_validity
                 *               indicating value > AT_END_VALIDITY
                 *           or containing validity_restrictions['time_start_and_end']
                 *             containing start_validity
                 *               indicating value <= AT_START_VALIDITY
                 *             containing end_validity
                 *               indicating value > AT_END_VALIDITY
                 *           or containing validity_restrictions['time_start_and_duration']
                 *             containing start_validity
                 *               indicating X_START_VALIDITY <= AT_START_VALIDITY
                 *             and containing duration
                 *               indicating value > AT_END_VALIDITY - X_START_VALIDITY
garciay's avatar
garciay committed
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_05_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clause 7.4.2
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AT_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var CertificateChain         v_chain;
                    var Certificate              v_aa_cert, v_at_cert;
                    var ValidityRestriction      v_vr, v_aa_vr;
                    
                    // Test control
garciay's avatar
garciay committed
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
garciay's avatar
garciay committed
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (lengthof(v_chain) < 2) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                    }
                    v_aa_cert := v_chain[lengthof(v_chain) - 2];
                    v_at_cert := v_chain[lengthof(v_chain) - 1];
                    if (match (
                        v_at_cert.validity_restrictions, 
                        (
                            superset(
                                mw_validity_restriction_time_end,
                                mw_validity_restriction_time_start_and_duration
                            )
                        )
                    )) {
                        log("*** " & testcasename() & ": FAIL: AT certificate must not contain time_end and time_start_and_duration restrictions ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    if ( true != f_getCertificateValidityRestriction(v_at_cert, e_time_start_and_end, v_vr)) {
                        log("*** " & testcasename() & ": FAIL: AT certificate must contain time_start_and_end restrictions ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
                        log("*** " & testcasename() & ": FAIL: start validity must not be greater then end validity in the validity restrictions of AT certificate ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
garciay's avatar
garciay committed
                    if (true == f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_aa_vr)) {
                        if (
                            (v_vr.validity.time_start_and_end.start_validity < v_aa_vr.validity.time_start_and_end.start_validity) or 
                            (v_vr.validity.time_start_and_end.end_validity > v_aa_vr.validity.time_start_and_end.end_validity)
                        ) {
                            log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***"); 
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } else if (true == f_getCertificateValidityRestriction(v_aa_cert, e_time_end, v_aa_vr)) {
                        if (v_vr.validity.time_start_and_end.end_validity > v_aa_vr.validity.end_validity) {
                            log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***"); 
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } else if (true == f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_duration, v_aa_vr)) {
                        var Time64 v_end := v_aa_vr.validity.time_start_and_duration.start_validity + f_duration2time(v_aa_vr.validity.time_start_and_duration.duration_);
                        if (
                            (v_vr.validity.time_start_and_end.start_validity < v_aa_vr.validity.time_start_and_duration.start_validity) or 
                            (v_vr.validity.time_start_and_end.end_validity > v_end)
                        ) {
                            log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***"); 
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } else {
                        log("*** " & testcasename() & ": FAIL: Wrong AA certificate time restrictions ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    log("*** " & testcasename() & ": PASS: Time validity restriction of the AT certificate is good ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AT_05_01_BV
garciay's avatar
garciay committed
                
                /**
garciay's avatar
garciay committed
                 * @desc Check that all AIDs containing in the its_aid_ssp_list in AT certificate are unique 
                 *       Check that all AIDs containing in the its_aid_ssp_list in AT certificate are also containing in the 
                 *       its_aid_list in the correspondent AA certificate
garciay's avatar
garciay committed
                 *       Check that the length of SSP of each AID is 31 octet maximum
garciay's avatar
garciay committed
                 * <pre>
garciay's avatar
garciay committed
                 * Pics Selection: PICS_GN_SECURITY
garciay's avatar
garciay committed
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate_chain'
garciay's avatar
garciay committed
                 *         containing certificates[last-1] 
garciay's avatar
garciay committed
                 *           containing subject_info.subject_type
                 *             indicating 'authorization_authority' (2)
                 *           containing subject_attributes['its_aid_list']
                 *             containing its_aid_list[0..N]
                 *               indicating ITS_AID_LIST_AA
garciay's avatar
garciay committed
                 *         containing certificates[last] 
garciay's avatar
garciay committed
                 *           containing subject_info.subject_type
                 *             indicating 'authorization_ticket' (1)
                 *           containing subject_attributes['its_aid_ssp_list']
garciay's avatar
garciay committed
                 *             containing its_aid_ssp_list[0..N] 
                 *               containing its_aid_ssp_list[n]
garciay's avatar
garciay committed
                 *                 containing its_aid
                 *                   indicating unique value containing in the  ITS_AID_LIST_AA
                 *                 containing service_specific_permissions
                 *                   indicating length <= 31 octet
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_07_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clauses 6.9 and 7.4.2
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var CertificateChain         v_chain;
                    var Certificate              v_aa_cert, v_at_cert;
                    var SubjectAttribute         v_sa;
                    var IntXs                    v_aid_list;
                    var ItsAidSsps               v_aid_ssp_list;
                    
                    // Test control
garciay's avatar
garciay committed
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
garciay's avatar
garciay committed
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (lengthof(v_chain) < 2) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                    }
                    v_aa_cert := v_chain[lengthof(v_chain) - 2];
                    v_at_cert := v_chain[lengthof(v_chain) - 1];
                    if (not f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) {
                        log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    v_aid_list := v_sa.attribute.its_aid_list;
                    
                    if (not f_getCertificateSubjectAttribute(v_at_cert, e_its_aid_ssp_list, v_sa)) {
                        log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    v_aid_ssp_list := v_sa.attribute.its_aid_ssp_list;
                    
                    for (var integer v_counter :=0; v_counter < lengthof(v_aid_ssp_list); v_counter := v_counter + 1) {
                        // Check unique
                        for (var integer j :=0; j < lengthof(v_aid_ssp_list); j := j + 1) {
                            if (v_counter != j and v_aid_ssp_list[v_counter].its_aid == v_aid_ssp_list[j].its_aid) {
                                log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is duplicated in AT certificate ***");
                                f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                            }
                        } // End of 'for' statement
garciay's avatar
garciay committed
//                        if (not match(v_aid_ssp_list[v_counter], (all from v_aid_list))) {
//                            log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is not exist in AA certificate ***");
//                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//                        }
garciay's avatar
garciay committed
                        // TODO Not possible due to typing To be removed
garciay's avatar
garciay committed
//                        if (lengthof(v_aid_ssp_list[v_counter].service_specific_permissions.sspContainer) > 31) {
//                            log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " has too long service_specific_permissions ***");
//                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//                        }
garciay's avatar
garciay committed
                    } // End of 'for' statement
                    
                    log("*** " & testcasename() & ": PASS: The ITS_AID_SSP list of the AT certificate is good ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AT_07_01_BV
garciay's avatar
garciay committed
                
                /**
                 * @desc Check that AT certificate is signed by AA cert
                 * <pre>
garciay's avatar
garciay committed
                 * Pics Selection: PICS_GN_SECURITY
garciay's avatar
garciay committed
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
                 *   the IUT being requested to include certificate chain in the next CAM
                 * } ensure that {
                 *    when {
garciay's avatar
garciay committed
                 *     the IUT is requested to send a CAM
garciay's avatar
garciay committed
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate_chain'
                 *         containing certificates[last-1] (CERT_AA)
garciay's avatar
garciay committed
                 *           containing subject_info.subject_type
                 *             indicating 'authorization_authority' (2)
                 *           and containing subject_attributes['verification key'] (KEY)
garciay's avatar
garciay committed
                 *         containing certificates[last] 
garciay's avatar
garciay committed
                 *           containing subject_info.subject_type
                 *             indicating 'authorization_ticket' (1)
garciay's avatar
garciay committed
                 *           and containing signer_info[0]
garciay's avatar
garciay committed
                 *             containing type
                 *               indicating 'certificate_digest_with_sha256'
                 *             containing digest
                 *               referencing to CERT_AA
                 *           and containing signature
                 *             verifiable using KEY
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_08_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clause 6.3
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var CertificateChain         v_chain;
                    var Certificate              v_aa_cert, v_at_cert;
                    var HashedId8                v_aa_digest;
                    
                    // Test control
garciay's avatar
garciay committed
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
garciay's avatar
garciay committed
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    
                    // Test Body
                    log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain  ***");
                    tc_ac.start;
                    if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
                    if (lengthof(v_chain) < 2) {
                        log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
                    }
                    v_at_cert := v_chain[lengthof(v_chain) - 1];
                    v_aa_cert := v_chain[lengthof(v_chain) - 2];
                    v_aa_digest := f_calculateDigestFromCertificate(v_aa_cert); 
                    
                    if (not match(v_at_cert, mw_at_certificate(mw_signerInfo_digest(v_aa_digest)))) {
                        log("*** " & testcasename() & ": FAIL: AT certificate signer info doesn't reference the  AA certificate from the chain ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    if (not f_verifyCertificateSignatureWithIssuingCertificate(v_at_cert, v_aa_cert)) {
                        log("*** " & testcasename() & ": FAIL: AT certificate signature verification failed ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    
                    log("*** " & testcasename() & ": PASS: AT certificate was signed by the AA certificate from the given chain ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AT_08_01_BV
                
garciay's avatar
garciay committed
                /**
garciay's avatar
garciay committed
                 * @desc Check that all necessary validity restrictions are present and arranged in ascending order 
garciay's avatar
garciay committed
                 * <pre>
garciay's avatar
garciay committed
                 * Pics Selection: PICS_GN_SECURITY
garciay's avatar
garciay committed
                 * Config Id: CF01
                 * with {
                 *   the IUT being in the 'authorized' state
garciay's avatar
garciay committed
                 *   the IUT being requested to include certificate in the next CAM
garciay's avatar
garciay committed
                 * } ensure that {
                 *    when {
                 *     the IUT is requested to send a CAM
                 *   } then {
                 *     the IUT sends a SecuredMessage
garciay's avatar
garciay committed
                 *       containing header_fields['signer_info'].signer
garciay's avatar
garciay committed
                 *         containing type
garciay's avatar
garciay committed
                 *           indicating 'certificate'
                 *         containing certificate
                 *           containing subject_attributes [0..N]
                 *             indicating subject_attributes[n].type < subject_attributes[n+ 1].type
                 *             containing subject_attributes['verification_key']
                 *             containing subject_attributes['assurance_level']
                 *             containing subject_attributes['its_aid_ssp_list']
garciay's avatar
garciay committed
                 *   }
                 * }
                 * </pre>
garciay's avatar
garciay committed
                 * @see         ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_10_01_BV
garciay's avatar
garciay committed
                 * @reference   ETSI TS 103 097 [1], clauses 6.1
garciay's avatar
garciay committed
                 */
garciay's avatar
garciay committed
                testcase TC_SEC_ITSS_SND_CERT_AT_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
garciay's avatar
garciay committed
                    var Certificate             v_at_cert;
                    var ValidityRestriction     v_vr;
                    var ValidityRestrictions    v_vrs;
garciay's avatar
garciay committed
                    
                    // Test control
garciay's avatar
garciay committed
                    if (not(PICS_GN_SECURITY)) {
                        log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
garciay's avatar
garciay committed
                        stop;
                    }
                    
                    // Test component configuration
                    f_cf01Up();
                    
                    // Test adapter configuration
                    
                    // Preamble
                    f_prNeighbour();
                    f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                    
                    // Test Body
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate  ***");
garciay's avatar
garciay committed
                    tc_ac.start;
garciay's avatar
garciay committed
                    if (not f_waitForCertificate(v_at_cert)) {
garciay's avatar
garciay committed
                        log("*** " & testcasename() & ": INCONC: Expected message not received ***");
                        f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
                    }
                    tc_ac.stop;
garciay's avatar
garciay committed
                    if (not match(
                        v_at_cert, 
                            mw_at_certificate(
                                mw_signerInfo_certificate
                     ))) {
garciay's avatar
garciay committed
                    }
                    
garciay's avatar
garciay committed
                    if (true != f_getCertificateValidityRestriction(v_at_cert.signer_info.signerInfo.certificate, e_time_start_and_end, v_vr)) {
                        log("*** " & testcasename() & ": FAIL: Required 'time_start_and_end' validity_restriction attribute of AT certificate is not found ***");
garciay's avatar
garciay committed
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
garciay's avatar
garciay committed
                    v_vrs := v_at_cert.signer_info.signerInfo.certificate.validity_restrictions;
                    for (var integer v_counter := 1; v_counter < lengthof(v_vrs); v_counter := v_counter + 1 ) {
                        if (v_vrs[v_counter].type_ <= v_vrs[v_counter-1].type_) {
                            log("*** " & testcasename() & ": FAIL: AT certificate subject attributes are not arranged in ascending order ***");
                            f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                        }
                    } // End of 'for' statement
garciay's avatar
garciay committed
                    
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: All required AT certificate subject attributes are presents and arranged in ascending order ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
garciay committed
                    
                    // Postamble
                    f_poNeighbour();
                    f_cf01Down();
garciay's avatar
garciay committed
                } // End of testcase TC_SEC_ITSS_SND_CERT_AT_10_01_BV
garciay's avatar
garciay committed
                
            } // End of group AT_Certificates 
            
        } // End of group sendCertificatesProfile
    
    } // End of group sendingBehavior
    
    /**
     * @desc Receiver behaviour test cases
     * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3 Receiver behaviour
     */
    group receiverBehavior {
        
        /**
garciay's avatar
garciay committed
         * @desc Receiving behaviour test cases for CAM profile
garciay's avatar
garciay committed
         * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3.2 CAM Profile
         */
        group recvCamProfile {
            
            /**
             * @desc    Check that IUT accepts a well-formed Secured CAM containing certificate in signer_info
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage
             *              containing protocol_version 
             *                  indicating value '2'
             *              and containing header_fields[0]
             *                  containing type 
             *                      indicating 'signer_info'
garciay's avatar
garciay committed
             *                  and containing signer 
garciay's avatar
garciay committed
             *                      containing type
             *                          indicating 'certificate'
garciay's avatar
garciay committed
             *                      and containing certificate (CERT_TS_AT_A)
garciay's avatar
garciay committed
             *                          containing subject_info.subject_type
             *                              indicating 'authorization_ticket' (2)
             *                          and containing subject_attributes['verification key'] (KEY)
garciay's avatar
garciay committed
             *              and containing header_fields [1]
garciay's avatar
garciay committed
             *                  containing type
             *                      indicating 'generation_time'
             *                  containing generation_time
             *                      indicating CURRENT_TIME
garciay's avatar
garciay committed
             *              and containing header_fields[2] 
garciay's avatar
garciay committed
             *                  containing type
             *                      indicating 'its_aid'
             *                  containing its_aid
             *                      indicating 'AID_CAM'
             *              and not containing any other header fields
garciay's avatar
garciay committed
             *              and containing payload_field 
garciay's avatar
garciay committed
             *                  containing type
             *                      indicating 'signed'
             *                  containing data
             *                      indicating length > 0
             *                      containing CAM payload
garciay's avatar
garciay committed
             *              and containing trailer_fields 
             *                  containing single instance of type TrailerField
garciay's avatar
garciay committed
             *                      containing type
             *                          indicating 'signature'
             *                      containing signature
             *                          verifiable using KEY
             *      } then {
             *          the IUT accepts the message
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_01_01_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, omit, e_certificate);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
garciay's avatar
garciay committed
                    // empty on purpose 
                }
                if (i < lengthof(vc_utInds)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_01_01_BV
            
garciay's avatar
garciay committed
             * @desc    Check that IUT accepts a well-formed Secured CAM containing certificate digest of the known certificate in signer_info
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
             *      and the IUT already sent a Secured message containing certificate (CERT_TS_A_AT)
garciay's avatar
garciay committed
             *          containing subject_info.subject_type
             *              indicating 'authorization_ticket' (2)
             *          and containing subject_attributes['verification key'] (KEY)
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage
             *              containing protocol_version 
             *                  indicating value '2'
             *              and containing header_fields[0]
             *                  containing type 
             *                      indicating 'signer_info'
garciay's avatar
garciay committed
             *                  and containing signer
garciay's avatar
garciay committed
             *                      containing type
             *                          indicating 'certificate_digest_with_sha256'
             *                      and containing digest
garciay's avatar
garciay committed
             *                          referencing to certificate (CERT_TS_A_AT)
garciay's avatar
garciay committed
             *              and containing header_fields [1]
garciay's avatar
garciay committed
             *                  containing type
             *                      indicating 'generation_time'
             *                  containing generation_time
             *                      indicating CURRENT_TIME
garciay's avatar
garciay committed
             *              and containing header_fields[2]
garciay's avatar
garciay committed
             *                  containing type
             *                      indicating 'its_aid'
             *                  containing its_aid
             *                      indicating 'AID_CAM'
             *              and not containing any other header fields
garciay's avatar
garciay committed
             *              and containing payload_field 
garciay's avatar
garciay committed
             *                  containing type
             *                      indicating 'signed'
             *                  containing data
             *                      indicating length > 0
             *                      containing CAM payload
garciay's avatar
garciay committed
             *              and containing trailer_fields
             *                  containing single instance of type TrailerField
garciay's avatar
garciay committed
             *                      containing type
             *                          indicating 'signature'
             *                      containing signature
             *                          verifiable using KEY
             *      } then {
             *          the IUT accepts the message
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_01_02_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, omit, e_certificate_digest_with_sha256);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
garciay's avatar
garciay committed
                    // empty on purpose 
                }
                if (i < lengthof(vc_utInds)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_01_02_BV
garciay's avatar
garciay committed
             * @desc    Check that IUT accepts a well-formed Secured CAM containing certificate chain in signer_info
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage
             *              containing protocol_version 
             *                  indicating value '2'
             *              and containing header_fields[0]
             *                  containing type 
             *                      indicating 'signer_info'
garciay's avatar
garciay committed
             *                  and containing signer
garciay's avatar
garciay committed
             *                      containing type
             *                          indicating 'certificate_chain'
             *                      and containing certificates
garciay's avatar
garciay committed
             *                          containing certificate (CERT_TS_A_AA) at index 0 
garciay's avatar
garciay committed
             *                              containing subject_info.subject_type
             *                                  indicating 'authorization_authority'
garciay's avatar
garciay committed
             *                              and containing subject_attributes['verification key'] (KEY_TS_AA)
             *                          and containing certificate (CERT_TS_A_AT) at index 1 
garciay's avatar
garciay committed
             *                              containing subject_info.subject_type
             *                                  indicating 'authorization_ticket'
garciay's avatar
garciay committed
             *                              and containing signer_info 
garciay's avatar
garciay committed
             *                                  containing type
             *                                      indicating 'certificate_digest_with_sha256'
             *                                  containing digest
garciay's avatar
garciay committed
             *                                      referencing to the CERT_TS_A_AA
garciay's avatar
garciay committed
             *                              and containing signature
garciay's avatar
garciay committed
             *                                  verifiable using KEY_TS_AA
             *                              and containing subject_attributes['verification key'] (KEY_TS_AT)
garciay's avatar
garciay committed
             *              and containing header_fields [1] 
garciay's avatar
garciay committed
             *                  containing type
             *                      indicating 'generation_time'
             *                  containing generation_time
             *                      indicating CURRENT_TIME
garciay's avatar
garciay committed
             *              and containing header_fields[2] 
garciay's avatar
garciay committed
             *                  containing type
             *                      indicating 'its_aid'
             *                  containing its_aid
             *                      indicating 'AID_CAM'
             *              and not containing any other header fields
garciay's avatar
garciay committed
             *              and containing payload_field 
garciay's avatar
garciay committed
             *                  containing type
             *                      indicating 'signed'
             *                  containing data
             *                      indicating length > 0
             *                      containing CAM payload
garciay's avatar
garciay committed
             *              and containing trailer_fields 
             *                  containing single instance of type TrailerField 
garciay's avatar
garciay committed
             *                      containing type
             *                          indicating 'signature'
             *                      containing signature
garciay's avatar
garciay committed
             *                          verifiable using KEY_TC_AT
garciay's avatar
garciay committed
             *      } then {
             *          the IUT accepts the message
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_01_03_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_01_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, -, e_certificate_chain);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
garciay's avatar
garciay committed
                    // empty on purpose 
                }
                if (i < lengthof(vc_utInds)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
garciay's avatar
garciay committed
                 
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_01_03_BV
garciay's avatar
garciay committed
             * @desc    Check that IUT discards a Secured CAM containing protocol version set to a value less then 2
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
garciay's avatar
garciay committed
             *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             *  }
             *  ensure that {
             *      when { 
garciay's avatar
garciay committed
             *          the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
garciay's avatar
garciay committed
             *              containing protocol_version 
             *                  indicating 1
             *      } then {
             *          the IUT discards a SecuredMessage
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_02_01_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 5.1
garciay's avatar
garciay committed
             */
            testcase TC_SEC_ITSS_RCV_CAM_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                v_securedGnPdu := f_sendSecuredCam_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
garciay's avatar
garciay committed
                    // empty on purpose 
                }
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_02_01_BO
garciay's avatar
garciay committed
             * @desc    Check that IUT discards a Secured CAM containing protocol version set to a value greater then 2
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when { 
garciay's avatar
garciay committed
             *          the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
garciay's avatar
garciay committed
             *              containing protocol_version 
             *                  indicating 3
             *      } then {
             *          the IUT discards a SecuredMessage
             *      }
             *  }
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_02_02_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 5.1
garciay's avatar
garciay committed
             */
            testcase TC_SEC_ITSS_RCV_CAM_02_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                v_securedGnPdu := f_sendSecuredCam_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION); // Change PX_WRONG_PROTOCOL_VERSION to 3
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
garciay's avatar
garciay committed
                    // empty on purpose 
garciay's avatar
garciay committed
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
garciay's avatar
garciay committed
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_02_02_BO
garciay's avatar
garciay committed
             * @desc    Check that IUT discards a secured CAM if the header_fields contains more than one element of header field type: signer_info
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
garciay's avatar
garciay committed
             *  and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
garciay's avatar
garciay committed
             *  when { 
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01) 
garciay's avatar
garciay committed
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'signer_info'
             *          and containing header_fields[2].type
             *              indicating 'generation_time'
garciay's avatar
garciay committed
             *          and containing header_fields[3]
garciay's avatar
garciay committed
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_01_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_A, 
                    {
                        m_header_field_signer_info(
                            m_signerInfo_digest(
                                vc_atCertificate.signer_info.signerInfo.digest
                        )), 
                        m_header_field_signer_info(
                            m_signerInfo_certificate(
                                vc_aaCertificate
                        )), 
                        m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
                        m_header_field_its_aid_CAM
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
garciay's avatar
garciay committed
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
garciay's avatar
garciay committed
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_01_BO
            
garciay's avatar
garciay committed
             * @desc    Check that IUT discards a secured CAM if the header_fields does not contain the header field type: signer_info
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
garciay's avatar
garciay committed
             *    the IUT being in the 'authorized' state 
             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
garciay's avatar
garciay committed
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01) 
garciay's avatar
garciay committed
             *          containing header_fields[0].type
             *              indicating 'generation_time'
garciay's avatar
garciay committed
             *          and containing header_fields[1]
garciay's avatar
garciay committed
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_02_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                v_securedGnPdu := f_prepareSecuredCam(
garciay's avatar
garciay committed
                    {
                        m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
                        m_header_field_its_aid_CAM
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
garciay's avatar
garciay committed
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
garciay's avatar
garciay committed
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_02_BO
            
garciay's avatar
garciay committed
             * @desc    Check that IUT is able to receive a secured CAM if the signer_info header field is not encoded first
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
garciay's avatar
garciay committed
             *    the IUT being in the 'authorized' state 
             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
garciay's avatar
garciay committed
             *    the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
garciay's avatar
garciay committed
             *      containing header_fields[0].type
             *        indicating 'signer_info'
             *      and containing header_fields[1].type
             *        indicating 'generation_time'
             *      and containing header_fields[2].type
             *        indicating 'signer_info'
garciay's avatar
garciay committed
             *      and containing header_fields[3]
garciay's avatar
garciay committed
             *        containing type
             *          indicating 'its_aid'
             *        containing its_aid
             *          indicating 'AID_CAM'
             *      and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_03_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
garciay's avatar
garciay committed
                    {
garciay's avatar
garciay committed
                        m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
                        m_header_field_its_aid_CAM,
                        m_header_field_signer_info(
                            m_signerInfo_digest(
                                vc_atCertificate.signer_info.signerInfo.digest
                        ))
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_03_BO
garciay's avatar
garciay committed
            
            /**
             * @desc    Check that IUT discards a secured CAM if the header_fields doesn't contain the element of header field of type: generation_time
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
garciay's avatar
garciay committed
             *  and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1]
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_04_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_A, 
                    {
                        m_header_field_signer_info(
                            m_signerInfo_digest(
                                vc_atCertificate.signer_info.signerInfo.digest
                        )), 
                        m_header_field_its_aid_CAM
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_04_BO
            
            /**
             * @desc    Check that IUT discards a secured CAM if the header_fields does not contain the header field type: generation_time
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
garciay's avatar
garciay committed
             *  and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01) 
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1]
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_05_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_05_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_A, 
                    {
                        m_header_field_signer_info(
                            m_signerInfo_digest(
                                vc_atCertificate.signer_info.signerInfo.digest
                        )), 
                        m_header_field_its_aid_CAM
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_05_BO
            
            /**
             * @desc    Check that IUT discards a secured CAM if the header_fields contain more than one element of header field of type: its_aid
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
garciay's avatar
garciay committed
             *  and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *          and containing header_fields[2]
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and containing header_fields[3]
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_DENM'
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_06_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_06_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_A, 
                    {
                        m_header_field_signer_info(
                            m_signerInfo_digest(
                                vc_atCertificate.signer_info.signerInfo.digest
                        )), 
                        m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
                        m_header_field_its_aid_CAM,
                        m_header_field_its_aid_DENM
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_06_BO
            
            /**
             * @desc    Check that IUT discards a secured CAM if the header fields are not in the ascending order according to the numbering of the enumeration
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
garciay's avatar
garciay committed
             *  and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1]
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and containing header_fields[2].type
             *              indicating 'generation_time'
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_07_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_07_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_A, 
                    {
                        m_header_field_signer_info(
                            m_signerInfo_digest(
                                vc_atCertificate.signer_info.signerInfo.digest
                        )), 
                        m_header_field_its_aid_CAM,
                        m_header_field_generation_time(1000 * f_getCurrentTime()) // In us
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_07_BO
            
            /**
             * @desc    Check that IUT ignores the HeaderFields generation_time_standard_deviation of received Secured CAM
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
garciay's avatar
garciay committed
             *  and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *                  indicating TIME_1 inside the validity period of the signer certificate
             *          and containing header_fields[2].type
             *              indicating 'generation_time_with_standard_deviation'
             *                  indicating TIME_2 inside the validity period of the signer certificate
             *          and containing header_fields[3]
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_08_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_08_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_A, 
                    {
                        m_header_field_signer_info(
                            m_signerInfo_digest(
                                vc_atCertificate.signer_info.signerInfo.digest
                        )), 
                        m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
                        m_header_field_generation_time_with_standard_deviation(
                            m_time64WithStandardDeviation(
                                1000, // In us
                                0
                        )), 
                        m_header_field_its_aid_CAM
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_08_BO
            
            /**
             * @desc    Check that IUT ignores the HeaderFields generation_time_standard_deviation of received Secured CAM
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
garciay's avatar
garciay committed
             *  and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *                  indicating TIME_1 outside the validity period of the signer certificate
             *          and containing header_fields[2].type
             *              indicating 'generation_time_with_standard_deviation'
             *                  indicating TIME_2 inside the validity period of the signer certificate
             *          and containing header_fields[3]
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_09_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_09_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_A, 
                    {
                        m_header_field_signer_info(
                            m_signerInfo_digest(
                                vc_atCertificate.signer_info.signerInfo.digest
                        )), 
                        m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
                        m_header_field_generation_time_with_standard_deviation(
                            m_time64WithStandardDeviation(
                                1000 * f_getCurrentTime(), // In us
                                0
                        )), 
                        m_header_field_its_aid_CAM
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_09_BO
            
            /**
             * @desc    Check that IUT discards the Secured CAM containing the expiry_time HeaderField
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
garciay's avatar
garciay committed
             *  and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *                  indicating CURRENT_TIME
             *          and containing header_fields[2]
             *              containing type
             *                  indicating 'expiration'
             *              and containing expiry_time
             *                  indicating CURRENT_TIME + 1h
             *          and containing header_fields[3]
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_10_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_10_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_A, 
                    {
                        m_header_field_signer_info(
                            m_signerInfo_digest(
                                vc_atCertificate.signer_info.signerInfo.digest
                        )), 
                        m_header_field_generation_time(
                            1000 * f_getCurrentTime()
                        ), // In us
                        m_header_field_expiry_time(
                            f_getCurrentTime() - 3600/*1h*/
                        ), 
                        m_header_field_its_aid_CAM
                    }, 
                    e_certificate_digest_with_sha256,
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_10_BO
            
            /**
             * @desc    Check that IUT ignores the HeaderFields generation_location of received Secured CAM
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
garciay's avatar
garciay committed
             *    the IUT being in the 'authorized' state 
             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
garciay's avatar
garciay committed
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *              and containing signer
             *                  containing type
             *                      indicating certificate
             *                  and containing certificate (CERT_TS_AT_B)
             *                      containing validity_restrictions['region']
             *                          containing region (X_CERT_REGION)
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *          and containing header_fields[2]
             *              containing type
             *                  indicating 'generation_location'
             *              and containing generation_location
             *                  indicating position outside of the validity restriction of X_CERT_REGION
             *          and containing header_fields[3]
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_11_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_11_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_B, 
                    {
                        m_header_field_generation_time(1000 * (f_getCurrentTime())), // In us
                        m_header_field_generation_location(
                            m_threeDLocation(
                                PX_WGSLONGITUDE,
                                PX_WGSLATITUDE,
                                int2oct(0, 2)
                            )
                        ), 
                        m_header_field_its_aid_CAM
garciay's avatar
garciay committed
                    }, 
garciay's avatar
garciay committed
                    e_certificate,
                    true
garciay's avatar
garciay committed
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
garciay's avatar
garciay committed
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_11_BO
garciay's avatar
garciay committed
            /**
             * @desc    Check that IUT accepts the Secured CAM containing additional non-standard HeaderField
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *    the IUT being in the 'authorized' state 
             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *          and containing header_fields[2].type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and containing header_fields[3]
             *              containing type
             *                  indicating non-standard header field type (200)
             *              and containing other_header
             *                  indicating non-empty data
             *          and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_12_BV
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_12_BV() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_B, 
                    {
                        m_header_field_generation_time(1000 * (f_getCurrentTime())), // In us
                        m_header_field_generation_location(
                            m_threeDLocation(
                                PX_WGSLONGITUDE,
                                PX_WGSLATITUDE,
                                int2oct(0, 2)
                            )
                        ), 
                        m_header_field_its_aid_CAM,
                        m_header_field_unspecify
                    }, 
                    e_certificate_digest_with_sha256,
                    true
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_12_BV
            
            /**
             * @desc    Check that IUT discards the Secured CAM containing the header field 'encryption_parameter' and 'recipient_info'
             * <pre>
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *    the IUT being in the 'authorized' state 
             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *          and containing header_fields[2].type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and containing header_fields[3]
             *              containing type
             *                  indicating 'encryption_parameters'
             *              and containing enc_params
             *                  containing symm_algorithm
             *                      indicating 'aes_128_ccm'
             *                  and containing nonce
             *              and containing header_fields[4]
             *                  containing type
             *                      indicating 'recipient_info'
             *                  and containing recipients
             *                      containing recipients[0]
             *                          containing cert_id
             *                              referencing to CERT_IUT_A_AT
             *                          and containing pk_encryption
             *                              indicating 'ecies_nistp256'
             *                          and containing enc_key
             *          and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_04_13_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
             */
            testcase TC_SEC_ITSS_RCV_CAM_04_13_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                var Certificate v_iutATCertificate;
                var SubjectAttribute v_encryption_key;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
                
garciay's avatar
garciay committed
                // Test component configuration
garciay's avatar
garciay committed
                f_cf01Up();
                
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                if (
                    (f_readCertificate(cc_iutCert_A, v_iutATCertificate) == false) or 
                    (f_getCertificateSubjectAttribute(v_iutATCertificate, e_encryption_key, v_encryption_key) == false)
                    ) {
                    f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); // Set verdict to inconc
                } else {
                    v_securedGnPdu := f_prepareSecuredCam(
                        cc_taCert_B, 
                        {
                            m_header_field_generation_time(1000 * (f_getCurrentTime())), // In us
                            m_header_field_generation_location(
                                m_threeDLocation(
                                    PX_WGSLONGITUDE,
                                    PX_WGSLATITUDE,
                                    int2oct(0, 2)
                                )
                            ), 
                            m_header_field_its_aid_CAM,                                 // containing header_fields[2].type
                                                                                        //     indicating 'its_aid'
                            m_header_field_enc_params(                                  // containing header_fields[3].type.enc_params
                                m_encryptionParameters_aes_128_ccm(                     //      indicating 'aes_128_ccm'
                                    PX_ENCRYPTIONPARAMETERS_AES_128_CCM_NONCE           // and containing nonce
                                )
                            ),
                            m_header_field_multiple_recipients(                         // containing header_fields[4].type
                                {                                                       //     indicating 'encryption_parameters'
                                    m_recipientInfo_ecies_enc_key(
                                        v_iutATCertificate.signer_info.signerInfo.digest,
                                        e_ecies_nistp256,                               // containing symm_algorithm
                                                                                        //     indicating 'aes_128_ccm'
                                        m_eciesEncryptedKey_aesccm(
                                            v_encryption_key.attribute.rv,
                                            '00000000000000000000000000000000'O, // FIXME Where to find these values
                                            '00000000000000000000000000000000'O
                                        )
                                    )
                                }
                            )
                        }, 
                        e_certificate_digest_with_sha256,
                        true
                    ); 
                    f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                    
                    f_sleep(PX_TNOAC);
                    v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                    for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                        // empty on purpose 
                    } // End of 'for' statement
                    if (i < lengthof(vc_utInds)) {
                        log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                    }
                    else {
                        log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                        f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                    }
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
            } // End of testcase TC_SEC_ITSS_RCV_CAM_04_13_BO
            
garciay's avatar
garciay committed
             * @desc    Check that IUT discards a secured CAM if the header_fields contains a signer of type 'self'
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
garciay committed
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
garciay's avatar
garciay committed
             *  when { 
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01) 
garciay's avatar
garciay committed
             *          containing header_fields[0].type
             *              indicating 'signer_info'
garciay's avatar
garciay committed
             *                  containing signer.type
             *                      indicating 'self'
garciay's avatar
garciay committed
             *  } then { 
             *      the IUT discards the message 
garciay's avatar
garciay committed
             *  } 
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_05_01_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_RCV_CAM_05_01_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
garciay's avatar
garciay committed
                    cc_taCert_A, 
garciay's avatar
garciay committed
                        m_header_field_signer_info(
garciay's avatar
garciay committed
                            m_signerInfo_self
                        ), 
                        m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
                        m_header_field_its_aid_CAM
                    }, 
garciay's avatar
garciay committed
                    e_self,
garciay's avatar
garciay committed
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_05_01_BO
garciay's avatar
garciay committed
             * @desc    Check that IUT discards a secured CAM if the header_fields contains a signer of type certificate_digest_with_other_algorithm
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
garciay's avatar
garciay committed
             * with { 
             *  the IUT being in the 'authorized' state 
garciay's avatar
garciay committed
             * ensure that { 
garciay's avatar
garciay committed
             *  when { 
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_02) 
garciay's avatar
garciay committed
             *          containing header_fields[0].type
             *              indicating 'signer_info'
garciay's avatar
garciay committed
             *                  containing signer.type
             *                      indicating 'certificate_digest_with_other_algorithm'
garciay's avatar
garciay committed
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * </pre>
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_05_02_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_RCV_CAM_05_02_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
                v_securedGnPdu := f_prepareSecuredCam(
garciay's avatar
garciay committed
                    cc_taCert_A, 
garciay's avatar
garciay committed
                        m_header_field_signer_info(
garciay's avatar
garciay committed
                            m_signerInfo_other_certificates(
                                m_certificateWithAlgo_ecdsa(
                                    PX_OTHER_CERT_DIGEST
                        ))), 
                        m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
garciay's avatar
garciay committed
                        m_header_field_its_aid_CAM
garciay's avatar
garciay committed
                    e_certificate_digest_with_other_algorithm,
garciay's avatar
garciay committed
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
                }
                else {
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_05_02_BO
garciay's avatar
garciay committed
             * @desc    Check that IUT discards a secured CAM if the header_fields contains a signer of type certificate_chain and the chain is empty
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
garciay's avatar
garciay committed
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
garciay's avatar
garciay committed
             *  when { 
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_02) 
garciay's avatar
garciay committed
             *          containing header_fields[0].type
             *              indicating 'signer_info'
garciay's avatar
garciay committed
             *                  containing signer.type
             *                      indicating 'certificate_chain'
             *                  and containing certificates
             *                      indicating length = 0
garciay's avatar
garciay committed
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
garciay's avatar
garciay committed
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_05_03_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_RCV_CAM_05_03_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;
                var GnRawPayload v_sentRawPayload;
                
garciay's avatar
garciay committed
                // Test adapter configuration
                if (not(PICS_GN_SECURITY)) {
                    log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
                    stop;
                }
garciay's avatar
garciay committed
                // Test component configuration
                // Test adapter configuration
                
                // Preamble
                f_prNeighbour();
                f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
                
                // Test Body
garciay's avatar
garciay committed
                v_securedGnPdu := f_prepareSecuredCam(
                    cc_taCert_A, 
                    {
                        m_header_field_signer_info(
garciay's avatar
garciay committed
                            m_signerInfo_certificates(
garciay's avatar
garciay committed
                                { }
garciay's avatar
garciay committed
                        )), 
                        m_header_field_generation_time(1000 * f_getCurrentTime()), // In us
                        m_header_field_its_aid_CAM
                    }, 
garciay's avatar
garciay committed
                    e_certificate_chain,
garciay's avatar
garciay committed
                    false
                ); 
                f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu));
                f_sleep(PX_TNOAC);
                v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload);
                for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) {
                    // empty on purpose 
garciay's avatar
garciay committed
                } // End of 'for' statement
                if (i < lengthof(vc_utInds)) {
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
garciay's avatar
garciay committed
                    log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***");
                    f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
                }
                
                // Postamble
                f_poNeighbour();
                f_cf01Down();
garciay's avatar
garciay committed
            } // End of testcase TC_SEC_ITSS_RCV_CAM_05_03_BO
garciay's avatar
garciay committed
             * @desc    Check that IUT discards a secured CAM if the header_fields contains a signer of type certificate_chain and the chain contains only one certificate
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
garciay's avatar
garciay committed
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
garciay's avatar
garciay committed
             *  when { 
             *      the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_03) 
garciay's avatar
garciay committed
             *          containing header_fields[0].type
             *              indicating 'signer_info'
garciay's avatar
garciay committed
             *                  containing signer.type
             *                      indicating 'certificate_chain'
             *                  and containing certificates
garciay's avatar
garciay committed
             *                      indicating length = 1
garciay's avatar
garciay committed
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
garciay's avatar
garciay committed
             *
garciay's avatar
garciay committed
             * @see          ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_RCV_CAM_05_04_BO
garciay's avatar
garciay committed
             * @reference    ETSI TS 103 097 [1], clause 7.1
garciay's avatar
garciay committed
            testcase TC_SEC_ITSS_RCV_CAM_05_04_BO() runs on ItsGeoNetworking system ItsSecSystem {
                
                // Local variables
                var integer i;
                var GeoNetworkingPdu v_securedGnPdu;