Newer
Older
} // End of 'for' statement
} // End of 'for' statement
if (getverdict == fail) {
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": PASS: SSP rage are well configured ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! CAM generation location or certificate region restriction header field does not exist ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
10014
10015
10016
10017
10018
10019
10020
10021
10022
10023
10024
10025
10026
10027
10028
10029
10030
10031
10032
10033
10034
10035
10036
10037
10038
10039
10040
10041
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_cam
),
mw_signerIdentifier_digest // containing digest
)
)
))) {
log("*** " & testcasename() & ": INFO: Generation of CAM messages including digest ***");
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_CERT_21_BV
// /**
// * @desc Sending behaviour test cases for AA certificate profil
// * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.7.7 AA certificate profile
10047
10048
10049
10050
10051
10052
10053
10054
10055
10056
10057
10058
10059
10060
10061
10062
10063
10064
10065
10066
10067
10068
10069
10070
10071
// */
// group AA_Certificates {
//
// /**
// * @desc Check that the subject_type of the AA certificate is set to authorization_authority
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate chain in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * indicating 'certificate_chain'
// * containing certificates[last-1]
// * containing subject_info.subject_type
// * indicating 'authorization_authority' (2)
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_01_01_BV
// * @reference ETSI TS 103 097 [1] Clause 7.4.4
10074
10075
10076
10077
10078
10079
10080
10081
10082
10083
10084
10085
10086
10087
10088
10089
10090
10091
10092
10093
10094
10095
10096
10097
10098
10099
10100
10101
10102
10103
10104
10105
10106
10107
10108
10109
10110
10111
10112
10113
10114
10115
10116
10117
10118
10119
10120
10121
10122
10123
10124
10125
10126
10127
10128
10129
10130
10131
10132
10133
10134
10135
10136
10137
10138
// */
// testcase TC_SEC_ITSS_SND_CERT_AA_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var SequenceOfCertificate v_chain;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
// tc_ac.start;
// if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (lengthof(v_chain) < 2) {
// log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
// }
// if (not match(v_chain[lengthof(v_chain) - 2], mw_aa_certificate)) {
// log("*** " & testcasename() & ": FAIL: AA certificate not found in the chain[last-1] ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// log("*** " & testcasename() & ": PASS: AA certificate was found in the chain ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AA_01_01_BV
//
// /**
// * @desc Check that the AA certificsate subject_name variable-length vector contains 32 bytes maximum
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate chain in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * indicating 'certificate_chain'
// * containing certificates[last-1]
// * containing subject_info.subject_name
// * indicating length <= 32 bytes
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_02_01_BV
// * @reference ETSI TS 103 097 [1] Clause 6.2
10141
10142
10143
10144
10145
10146
10147
10148
10149
10150
10151
10152
10153
10154
10155
10156
10157
10158
10159
10160
10161
10162
10163
10164
10165
10166
10167
10168
10169
10170
10171
10172
10173
10174
10175
10176
10177
10178
10179
10180
10181
10182
10183
10184
10185
10186
10187
10188
10189
10190
10191
10192
10193
10194
10195
10196
10197
10198
10199
10200
10201
10202
10203
10204
10205
10206
10207
// */
// testcase TC_SEC_ITSS_SND_CERT_AA_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var SequenceOfCertificate v_chain;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
// tc_ac.start;
// if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (lengthof(v_chain) < 2) {
// log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
// }
// // Verified automatically on decoding
// if (lengthof(v_chain[lengthof(v_chain) - 2].subject_info.subject_name) > 32 ) {
// log("*** " & testcasename() & ": FAIL: Subject name of the AA certificate is too long ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// log("*** " & testcasename() & ": PASS: Subject name of the AA certificate is good ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AA_02_01_BV
//
// /**
// * @desc Check that signer_info type of AA certificates is set to 'certificate_digest_with_sha256'
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate chain in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * indicating 'certificate_chain'
// * containing certificates[last-1]
// * containing signer_info
// * containing type
// * indicating 'certificate_digest_with_sha256'
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_03_01_BV
// * @reference ETSI TS 103 097 [1] Clause 7.4.4
10210
10211
10212
10213
10214
10215
10216
10217
10218
10219
10220
10221
10222
10223
10224
10225
10226
10227
10228
10229
10230
10231
10232
10233
10234
10235
10236
10237
10238
10239
10240
10241
10242
10243
10244
10245
10246
10247
10248
10249
10250
10251
10252
10253
10254
10255
10256
10257
10258
10259
10260
10261
10262
10263
10264
10265
10266
10267
10268
10269
10270
10271
10272
10273
10274
10275
10276
10277
10278
10279
10280
10281
10282
10283
10284
// */
// testcase TC_SEC_ITSS_SND_CERT_AA_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var SequenceOfCertificate v_chain;
// var Certificate v_aa_cert;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
// tc_ac.start;
// if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (lengthof(v_chain) < 2) {
// log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
// }
// v_aa_cert := v_chain[lengthof(v_chain) - 2];
// if (not match(v_aa_cert, mw_aa_certificate(mw_signerIdentifier_digest))) {
// log("*** " & testcasename() & ": FAIL: AA certificate not signed by digest ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// log("*** " & testcasename() & ": PASS: AA certificate is signed by digest ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AA_03_01_BV
//
// /**
// * @desc Check that AA certificate is signed by Root CA or other authority
// * @remark There is no clear specification that AA cert shall be signed by the Root CA only
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * indicating 'certificate_chain'
// * containing certificates
// * containing certificates[last-1]
// * containing signer_info
// * containing type
// * indicating 'certificate_digest_with_ecdsap256'
// * and containing digest
// * referencing to the trusted certificate
// * containing subject_info.subject_type
// * indicating 'root_ca'
// * or indicating 'authorisation_authority'
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_04_01_BV
// * @reference ETSI TS 103 097 [1] Clauses 6.3
10287
10288
10289
10290
10291
10292
10293
10294
10295
10296
10297
10298
10299
10300
10301
10302
10303
10304
10305
10306
10307
10308
10309
10310
10311
10312
10313
10314
10315
10316
10317
10318
10319
10320
10321
10322
10323
10324
10325
10326
10327
10328
10329
10330
10331
10332
10333
10334
10335
10336
10337
10338
10339
10340
10341
10342
10343
10344
10345
10346
10347
10348
10349
10350
10351
10352
10353
10354
10355
10356
10357
10358
10359
10360
10361
10362
10363
10364
10365
10366
10367
10368
10369
10370
10371
10372
10373
// */
// testcase TC_SEC_ITSS_SND_CERT_AA_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var SequenceOfCertificate v_chain;
// var Certificate v_aa_cert, v_ca_cert;
// var SignerInfo v_si;
// var HashedId8 v_ca_digest;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
// tc_ac.start;
// if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// v_aa_cert := v_chain[lengthof(v_chain) - 2];
// // Process signerInfo field
// if ( true != f_getCertificateSignerInfo(v_aa_cert, v_si)) {
// log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo fields ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// if (v_si.type_ == e_certificate_digest_with_sha256) {
// log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo field containing a certificate_digest_with_ecdsap256 ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// f_readCertificate(cc_taCert_CA, v_ca_cert);
// v_ca_digest := f_calculateDigestFromCertificate(v_ca_cert);
//
// if (not match(v_aa_cert, mw_aa_certificate(mw_signerIdentifier_digest(v_ca_digest)))) {
// log("*** " & testcasename() & ": FAIL: AA certificate signer info doesn't reference the CA certificate from the chain ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// if (not f_verifyCertificateSignatureWithIssuingCertificate(v_aa_cert, v_ca_cert)) {
// log("*** " & testcasename() & ": FAIL: AT certificate signature verification failed ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// log("*** " & testcasename() & ": PASS: AA certificate was signed by the CA certificate from the given chain ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AA_04_01_BV
//
// /**
// * @desc Check that all neccesary subject attributes are present and arranged in accesing order
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate chain in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * indicating 'certificate_chain'
// * containing certificates[last-1]
// * containing subject_attributes [0..N]
// * indicating subject_attributes[n].type < subject_attributes[n+ 1].type
// * containing subject_attributes['verification_key']
// * containing subject_attributes['assurance_level']
// * containing subject_attributes['its_aid_list']
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_05_01_BV
// * @reference ETSI TS 103 097 [1] Clauses 6.1, 7.4.1 and 7.4.4
10376
10377
10378
10379
10380
10381
10382
10383
10384
10385
10386
10387
10388
10389
10390
10391
10392
10393
10394
10395
10396
10397
10398
10399
10400
10401
10402
10403
10404
10405
10406
10407
10408
10409
10410
10411
10412
10413
10414
10415
10416
10417
10418
10419
10420
10421
10422
10423
10424
10425
10426
10427
10428
10429
10430
10431
10432
10433
10434
10435
10436
10437
10438
10439
10440
10441
10442
10443
10444
10445
10446
10447
10448
10449
10450
10451
10452
10453
10454
10455
10456
10457
// */
// testcase TC_SEC_ITSS_SND_CERT_AA_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var SequenceOfCertificate v_chain;
// var SubjectAttributes v_attrs;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
// tc_ac.start;
// if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (lengthof(v_chain) < 2) {
// log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
// }
// if (not match(v_chain[lengthof(v_chain) - 2],
// mw_aa_certificate(?,
// superset(mw_subject_attribute_verification_key,
// mw_subject_attribute_assurance_level,
// mw_subject_attribute_its_aid_list)))
// ) {
// log("*** " & testcasename() & ": FAIL: Required subject attribute of AA certificate is not found ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// v_attrs := v_chain[lengthof(v_chain) - 2].subject_attributes;
// for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) {
// if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) {
// log("*** " & testcasename() & ": FAIL: AA certificate subject attributes are not arranged in accening order ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// }
//
// log("*** " & testcasename() & ": PASS: All required AA certificate subject attributes are presents ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AA_05_01_BV
//
// /**
// * @desc Check that all AIDs containing in the its_aid_list in AA certificate are unique
// * Check that AID list contains not more then 31 items
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate chain in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * indicating 'certificate_chain'
// * containing certificates[last-1]
// * containing subject_attributes['its_aid_list']
// * containing its_aid_list[0..N]
// * containing no more then 31 unique item
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_08_01_BV
// * @reference ETSI TS 103 097 [1] Clauses 7.4.4
10460
10461
10462
10463
10464
10465
10466
10467
10468
10469
10470
10471
10472
10473
10474
10475
10476
10477
10478
10479
10480
10481
10482
10483
10484
10485
10486
10487
10488
10489
10490
10491
10492
10493
10494
10495
10496
10497
10498
10499
10500
10501
10502
10503
10504
10505
10506
10507
10508
10509
10510
10511
10512
10513
10514
10515
10516
10517
10518
10519
10520
10521
10522
10523
10524
10525
10526
10527
10528
10529
10530
10531
10532
10533
10534
10535
10536
10537
10538
10539
10540
10541
10542
10543
10544
10545
10546
10547
// */
// testcase TC_SEC_ITSS_SND_CERT_AA_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var SequenceOfCertificate v_chain;
// var Certificate v_aa_cert;
// var SubjectAttribute v_sa;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
// tc_ac.start;
// if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (lengthof(v_chain) < 2) {
// log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
// }
// v_aa_cert := v_chain[lengthof(v_chain) - 2];
// if (f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) {
//
// if (lengthof(v_sa.attribute.its_aid_list) > 31) {
// log("*** " & testcasename() & ": FAIL: ITS-AID list contains " & int2str(lengthof(v_sa.attribute.its_aid_list)) & " items (>31) ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// for (var integer v_counter :=0; v_counter < lengthof(v_sa.attribute.its_aid_list); v_counter := v_counter + 1) {
// for (var integer j :=0; j < lengthof(v_sa.attribute.its_aid_list); j := j + 1) {
// if (v_counter != j and v_sa.attribute.its_aid_list[v_counter] == v_sa.attribute.its_aid_list[j]) {
// log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_sa.attribute.its_aid_list[j]) & " is duplicated in AA certificate ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// }
// } // End of 'for' statement
// } else {
// log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AA_08_01_BV
//
// /**
// * @desc Check that all mandatory validity restrictions are present and arranged in ascending order
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate chain in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * indicating 'certificate_chain'
// * and containing certificates
// * containing certificates[last-1]
// * containing validity_restrictions[0..N]
// * indicating validity_restrictions[n].type < validity_restrictions[n+1].type
// * and containing validity_restrictions['time_start_and_end']
// * and not containing validity_restrictions['time_end']
// * and not containing validity_restrictions['time_start_and_duration']
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_10_01_BV
// * @reference ETSI TS 103 097 [1] Clauses 6.1, 6.7 and 7.4.1
10550
10551
10552
10553
10554
10555
10556
10557
10558
10559
10560
10561
10562
10563
10564
10565
10566
10567
10568
10569
10570
10571
10572
10573
10574
10575
10576
10577
10578
10579
10580
10581
10582
10583
10584
10585
10586
10587
10588
10589
10590
10591
10592
10593
10594
10595
10596
10597
10598
10599
10600
10601
10602
10603
10604
10605
10606
10607
10608
10609
10610
10611
10612
10613
10614
10615
10616
10617
10618
10619
10620
10621
10622
10623
10624
10625
10626
10627
10628
10629
10630
10631
10632
10633
10634
10635
10636
10637
10638
10639
10640
10641
10642
10643
10644
10645
10646
10647
10648
10649
10650
10651
10652
10653
10654
10655
10656
10657
10658
10659
10660
10661
10662
10663
10664
10665
10666
10667
10668
10669
// */
// testcase TC_SEC_ITSS_SND_CERT_AA_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
//
// // Local variables
// var SequenceOfCertificate v_chain;
// var Certificate v_cert;
// var integer v_previousValidityRestrictionType;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
// tc_ac.start;
// if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
//
// // Test Body
// // Process certificate[last - 1]
// v_cert := v_chain[lengthof(v_chain) - 2];
// if (match(
// v_cert.validity_restrictions,
// superset(
// mw_validity_restriction_time_end,
// mw_validity_restriction_time_start_and_duration
// )
// )) {
// log("*** " & testcasename() & ": FAIL: certificate[last-2] must not contain time_end and time_start_and_duration restrictions ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// for (var integer v_counter := 1; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) {
// // Check forbidden header
// if (v_cert.validity_restrictions[v_counter].type_ != e_time_start_and_end) { // FIXME To be reviewed
// log("*** " & testcasename() & ": FAIL: Forbidden header present");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// if (v_counter > 1 ) {
// // Check that headers are ordered
// if (enum2int(v_cert.validity_restrictions[v_counter].type_) <= v_previousValidityRestrictionType) {
// // Check that header is duplicated
// if (enum2int(v_cert.validity_restrictions[v_counter].type_) == v_previousValidityRestrictionType) {
// log("*** " & testcasename() & ": FAIL: multiple instances of same header");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// } else {
// log("*** " & testcasename() & ": FAIL: headers not in correct order");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// }
// }
// v_previousValidityRestrictionType := enum2int(v_cert.validity_restrictions[v_counter].type_);
// } // End of 'for' statement
//
// log("*** " & testcasename() & ": PASS: Time validity restriction of the certificate[last-2] is good ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AA_10_01_BV
//
// /**
// * @desc Check that time_start_and_end is included in the AA certificate validation restrictions;
// * Check that end_validity is greater than start_validity
// * Check that validity restriction of AA certificate is inside the validity restriction of its issuing certificate
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate chain in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * indicating 'certificate_chain'
// * containing certificates[last-1] {
// * containing validity_restrictions
// * containing validity_restrictions['time_start_and_end']
// * containing start_validity
// * indicating START_AA_VALIDITY
// * containing end_validity
// * indicating END_AA_VALIDITY >=START_AA_VALIDITY
// * and containing signer_info
// * containing digest
// * referenced to the trusted certificate
// * containing validity_restrictions['time_end']
// * containing end_validity
// * indicating value > AA_END_VALIDITY
// * or containing validity_restrictions['time_start_and_end']
// * containing start_validity
// * indicating value <= AA_START_VALIDITY
// * and containing end_validity
// * indicating value > AA_END_VALIDITY
// * or containing validity_restrictions['time_start_and_duration']
// * containing start_validity
// * indicating X_START_VALIDITY <= AA_START_VALIDITY
// * and containing duration
// * indicating value > AA_END_VALIDITY - X_START_VALIDITY
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AA_11_01_BV
// * @reference ETSI TS 103 097 [1] Clauses 7.4.4
10672
10673
10674
10675
10676
10677
10678
10679
10680
10681
10682
10683
10684
10685
10686
10687
10688
10689
10690
10691
10692
10693
10694
10695
10696
10697
10698
10699
10700
10701
10702
10703
10704
10705
10706
10707
10708
10709
10710
10711
10712
10713
10714
10715
10716
10717
10718
10719
10720
10721
10722
10723
10724
10725
10726
10727
10728
10729
10730
10731
10732
10733
10734
// */
// testcase TC_SEC_ITSS_SND_CERT_AA_11_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var SequenceOfCertificate v_chain;
// var Certificate v_aa_cert;
// var ValidityRestriction v_vr;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***");
// tc_ac.start;
// if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (lengthof(v_chain) < 2) {
// log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
// }
// v_aa_cert := v_chain[lengthof(v_chain) - 2];
// if (match (v_aa_cert.validity_restrictions, superset(mw_validity_restriction_time_end,
// mw_validity_restriction_time_start_and_duration))
// ) {
// log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) {
// log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) {
// log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AA_11_01_BV
//
// } // End of group AA_Certificates
//
// /**
// * @desc Sending behaviour test cases for AT certificate profil
// * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.7.8 AT certificate profile
10736
10737
10738
10739
10740
10741
10742
10743
10744
10745
10746
10747
10748
10749
10750
10751
10752
10753
// */
// group AT_Certificates {
//
// /**
// * @desc Check that the subject_type of the AT certificate is set to 'authorization_ticket'
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * and containing certificate
// * containing subject_info.subject_type
// * indicating 'authorization_ticket' (1)
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_01_01_BV
// * @reference ETSI TS 103 097 [1] Clause 7.4.2
10763
10764
10765
10766
10767
10768
10769
10770
10771
10772
10773
10774
10775
10776
10777
10778
10779
10780
10781
10782
10783
10784
10785
10786
10787
10788
10789
10790
10791
10792
10793
10794
10795
10796
10797
10798
10799
10800
10801
10802
10803
10804
10805
10806
10807
10808
10809
10810
10811
10812
10813
10814
10815
10816
// */
// testcase TC_SEC_ITSS_SND_CERT_AT_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var Certificate v_at_cert;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
// tc_ac.start;
// if (not f_waitForCertificate(v_at_cert)) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (not match(v_at_cert, mw_at_certificate)) {
// log("*** " & testcasename() & ": FAIL: Message wasn't signed by AT certificate ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// log("*** " & testcasename() & ": PASS: AT certificate has the 'authorization_ticket' subject_type ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AT_01_01_BV
//
// /**
// * @desc Check that the subject_name variable-length vector is empty for AT certificates
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * and containing certificates
// * containing subject_info.subject_name
// * indicating length = 0
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_02_01_BV
// * @reference ETSI TS 103 097 [1] Clause 7.4.2
10826
10827
10828
10829
10830
10831
10832
10833
10834
10835
10836
10837
10838
10839
10840
10841
10842
10843
10844
10845
10846
10847
10848
10849
10850
10851
10852
10853
10854
10855
10856
10857
10858
10859
10860
10861
10862
10863
10864
10865
10866
10867
10868
10869
10870
10871
10872
10873
10874
10875
10876
10877
10878
10879
// */
// testcase TC_SEC_ITSS_SND_CERT_AT_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var Certificate v_at_cert;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
// tc_ac.start;
// if (not f_waitForCertificate(v_at_cert)) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (0 != lengthof(v_at_cert.subject_info.subject_name)) {
// log("*** " & testcasename() & ": FAIL: Subject name of the AT certificate is not empty ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// log("*** " & testcasename() & ": PASS: Subject name of the AT certificate is empty ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AT_02_01_BV
//
// /**
// * @desc Check that signer_info type of AT certificates is set to 'certificate_digest_with_sha256'
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * and containing certificate
// * containing signer_info
// * containing type
// * indicating 'certificate_digest_with_sha256'
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_03_01_BV
// * @reference ETSI TS 103 097 [1] Clauses 7.4.2
10890
10891
10892
10893
10894
10895
10896
10897
10898
10899
10900
10901
10902
10903
10904
10905
10906
10907
10908
10909
10910
10911
10912
10913
10914
10915
10916
10917
10918
10919
10920
10921
10922
10923
10924
10925
10926
10927
10928
10929
10930
10931
10932
10933
10934
10935
10936
10937
10938
10939
10940
10941
10942
10943
10944
10945
// */
// testcase TC_SEC_ITSS_SND_CERT_AT_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var Certificate v_at_cert;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
// tc_ac.start;
// if (not f_waitForCertificate(v_at_cert)) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (
// not match(v_at_cert, mw_certificate(mw_signerIdentifier_digest))
// ) {
// log("*** " & testcasename() & ": FAIL: AT certificate doesn't contain a digest of issuing cert ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
// log("*** " & testcasename() & ": PASS: The signer info of AT certificate is a digest ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
//
// // Postamble
// f_poNeighbour();
// f_cf01Down();
// } // End of testcase TC_SEC_ITSS_SND_CERT_AT_03_01_BV
//
// /**
// * @desc Check that subject attributes are present and arranged in ascending order
// * <pre>
// * Pics Selection: PICS_GN_SECURITY
// * Config Id: CF01
// * with {
// * the IUT being in the 'authorized' state
// * the IUT being requested to include certificate in the next CAM
// * } ensure that {
// * when {
// * the IUT is requested to send a CAM
// * } then {
// * the IUT sends a Ieee1609Dot2Data
// * containing header_fields['signer_info'].signer
// * containing type
// * containing certificate
// * containing subject_attributes [0..N]
// * indicating subject_attributes[n].type < subject_attributes[n+ 1].type
// * containing subject_attributes['verification_key']
// * containing subject_attributes['assurance_level']
// * containing subject_attributes['its_aid_ssp_list']
// * }
// * }
// * </pre>
// * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_CERT_AT_04_01_BV
// * @reference ETSI TS 103 097 [1] Clauses 7.4.1 and 7.4.2
10958
10959
10960
10961
10962
10963
10964
10965
10966
10967
10968
10969
10970
10971
10972
10973
10974
10975
10976
10977
10978
10979
10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
10990
10991
10992
10993
10994
10995
10996
10997
10998
10999
11000
// */
// testcase TC_SEC_ITSS_SND_CERT_AT_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
// var Certificate v_at_cert;
// var SubjectAttributes v_attrs;
//
// // Test control
// if (not(PICS_GN_SECURITY)) {
// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
// stop;
// }
//
// // Test component configuration
// f_cf01Up();
//
// // Test adapter configuration
//
// // Preamble
// f_prNeighbour();
// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
//
// // Test Body
// log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***");
// tc_ac.start;
// if (not f_waitForCertificate(v_at_cert)) {
// log("*** " & testcasename() & ": INCONC: Expected message not received ***");
// f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
// }
// tc_ac.stop;
// if (not match(
// v_at_cert,
// mw_at_certificate(
// ?,
// superset(
// mw_subject_attribute_verification_key,
// mw_subject_attribute_assurance_level,
// mw_subject_attribute_its_aid_ssp_list
// )))) {
// log("*** " & testcasename() & ": FAIL: Required subject attribute of AT certificate is not found ***");
// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
// }
//
// v_attrs := v_at_cert.subject_attributes;
// for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) {