Newer
Older
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_03_BV
/**
* @desc Check that IUT sends the secured DENM containing signer containing certificate.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A_AT)
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* the IUT sends a Ieee1609Dot2Data
* containing content
* containing signedData
* containing signer
* containing certificate
* containing toBeSigned
* containing appPermissions
* containing the item of type PsidSsp
* containing psid
* indicating AID_DENM
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_04_BV
* @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2
* @reference IEEE 1609.2 [2] Clause 6.3.4
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
*/
testcase TC_SEC_ITSS_SND_DENM_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate( // or containing certificate
mw_etsiTs103097Certificate(
-,
mw_toBeSignedCertificate_at(
{ mw_appPermissions(c_its_aid_DENM) }
)
)
)
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
)
),
mw_geoNwShbPacket
))) {
tc_ac.stop;
log("*** " & testcasename() & ": PASS: Correct secured packet received, containing certificate");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest // containing digest
)
),
))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: Incorrect secured packet received, containing digest");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_04_BV
/**
* @desc Check that IUT sends the secured DENM containing generation time
* and this time is inside the validity period of the signing certificate;
* Check that message generation time value is realistic.
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A_AT)
* }
* ensure that {
* when {
* the IUT is requested to send a DENM
* } then {
* the IUT sends a SecuredMessage of type EtsiTs103097Data
* containing headerInfo
* containing generationTime
* indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
* and containing signer
* containing certificate
* containing toBeSigned
* containing validityPeriod
* containing start
* indicating value X_START_VALIDITY (X_START_VALIDITY <= GEN_TIME)
* and containing duration
* indicating value > GEN_TIME - X_START_VALIDITY
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_05_BV
* @reference ETSI TS 103 097 [1] Clauses 7.1.2
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2, 5.2.4.2.2, 5.2.4.2.3
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
*/
testcase TC_SEC_ITSS_SND_DENM_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
const integer c_timeLimit := 10 * 60 * 1000000; // us
var GeoNetworkingInd v_geoNwInd;
var HeaderInfo v_headerInfo;
var Time64 v_generationTime;
var Time64 v_curTime;
var SignerIdentifier v_signerIdentifier;
var ValidityPeriod v_validityPeriod;
var Certificate v_cert;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate // containing certificate
)
),
log("*** " & testcasename() & ": INFO: Initial conditions: First DEN message with certificate received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_prDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
} // End of 'alt' statement
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate // containing certificate
)
),
))) -> value v_geoNwInd {
tc_ac.stop;
f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo);
v_generationTime := v_headerInfo.generationTime;
v_curTime := f_getCurrentTime();
v_curTime := v_curTime * 1000; // Time64 is in microseconds
log("v_curTime (us)=", v_curTime);
// Check generation time
if (not match(v_generationTime, Time64:(v_curTime - c_timeLimit, v_curTime + c_timeLimit))) {
log("*** " & testcasename() & ": FAIL: DEN message generation time is not in 5 min range");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
// Check certificate validity period
f_getMsgSignerIdentifier (f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier);
if (not match(v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_, Time32:(v_curTime - c_timeLimit, v_curTime + c_timeLimit))) {
log("*** " & testcasename() & ": FAIL: DEN message certificate validity period is not in 5 min range");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": PASS: Generation of DENM messages including certificate was successful ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
}
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_05_BV
/**
* @desc Check that IUT sends the secured DENM containing generation location when signing certificate
* chain doesn't have any region restriction.
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A_AT)
* containing toBeSigned
* not containing region
* and issuied by the certificate AA (CERT_IUT_A_AA)
* containing toBeSigned
* not containing region
* and issuied by the certificate RCA (CERT_IUT_A_RCA)
* containing toBeSigned
* not containing region
* }
* ensure that {
* when {
* the IUT is requested to send a DENM
* } then {
* the IUT sends a SecuredMessage of type EtsiTs103097Data
* containing headerInfo
* containing generationLocation
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_06_BV
* @reference ETSI TS 103 097 [1] Clauses 7.1.2
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
*/
testcase TC_SEC_ITSS_SND_DENM_06_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderInfo v_headerInfo;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}
// Test component configuration
f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate(
mw_etsiTs103097Certificate(
-,
mw_toBeSignedCertificate_at(
-, -, -,
))) -> value v_geoNwInd {
tc_ac.stop;
f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo);
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_06_BV
/**
* @desc Check that IUT sends the secured DENM containing generation location which is inside the circular region
* defined by the validity restriction of the certificate pointed by the message signer.
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (X_AT_CERTIFICATE)
* containing toBeSigned
* indicating REGION
* }
* ensure that {
* when {
* the IUT is requested to send a DENM
* } then {
* the IUT sends a SecuredMessage of type EtsiTs103097Data
* containing headerInfo
* containing generationLocation
* indicating value inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_07_BV
* @reference ETSI TS 103 097 [1] Clauses 7.1.2
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2
*/
testcase TC_SEC_ITSS_SND_DENM_07_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderInfo v_headerInfo;
var SignerIdentifier v_signerIdentifier;
var Certificate v_cert;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate(
mw_etsiTs103097Certificate(
-,
mw_toBeSignedCertificate_at(
-, -, -,
?
)
))) -> value v_geoNwInd {
tc_ac.stop;
if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo) and f_getMsgSignerIdentifier(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier)) {
var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation };
var integer v_counter;
for (v_counter := 0; v_counter < lengthof(v_signerIdentifier.certificate); v_counter := v_counter + 1) {
if (f_isLocationInsideRegion(v_signerIdentifier.certificate[v_counter].toBeSigned.region, v_location) == false) {
break;
}
} // End of of for statement
if (v_counter == lengthof(v_signerIdentifier.certificate)) {
log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_07_BV
/**
* @desc Check that IUT sends the secured DENM containing generation location which is inside the region
* defined by the validity restriction of the certificate pointed by the message signer .
* Pics Selection: PICS_GN_SECURITY and not PICS_SEC_CERTIFICATE_SELECTION
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (X_AT_CERTIFICATE)
* containing toBeSigned
* indicating REGION
* }
* ensure that {
* when {
* the IUT is requested to send a DENM
* } then {
* the IUT sends a SecuredMessage of type EtsiTs103097Data
* containing headerInfo
* containing generationLocation
* indicating value inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_08_BV
* @reference ETSI TS 103 097 [1] Clauses 7.1.2
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2
*/
testcase TC_SEC_ITSS_SND_DENM_08_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderInfo v_headerInfo;
var SignerIdentifier v_signerIdentifier;
var Certificate v_cert;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY) or PICS_SEC_CERTIFICATE_SELECTION) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and not PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***");
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate(
mw_etsiTs103097Certificate(
-,
mw_toBeSignedCertificate_at
)
)
)
),
))) -> value v_geoNwInd {
tc_ac.stop;
if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo) and f_getMsgSignerIdentifier(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier)) {
var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation };
var integer v_counter;
for (v_counter := 0; v_counter < lengthof(v_signerIdentifier.certificate); v_counter := v_counter + 1) {
if (f_isLocationInsideRegion(v_signerIdentifier.certificate[v_counter].toBeSigned.region, v_location) == false) {
break;
}
} // End of of for statement
if (v_counter == lengthof(v_signerIdentifier.certificate)) {
log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_08_BV
/**
* @desc Check that IUT sends the secured DENM containing generation location which is inside the identified
* region defined by the validity restriction of the AA certificate used to sign the certificate
* pointed by the message signer doesn't containing any region restriction.
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_CA1_AT)
* containing toBeSigned
* not containing region
* and issuied by the certificate AA (CERT_IUT_CC_AA)
* containing toBeSigned
* containing circularRegion
* indicating REGION
* and issuied by the certificate RCA (CERT_IUT_C_RCA)
* containing toBeSigned
* containing circularRegion
* indicating REGION
* }
* ensure that {
* when {
* the IUT is requested to send a DENM
* } then {
* the IUT sends a SecuredMessage of type EtsiTs103097Data
* containing headerInfo
* containing generationLocation
* indicating value inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_09_BV
* @reference ETSI TS 103 097 [1] Clauses 7.1.2
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 & 6.4.8
*/
testcase TC_SEC_ITSS_SND_DENM_09_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderInfo v_headerInfo;
var SignerIdentifier v_signerIdentifier;
var Certificate v_at_certificate;
var Certificate v_aa_certificate;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_readCertificate(cc_taCert_CA1, v_at_certificate);
f_readCertificate(cc_taCert_CC_AA, v_aa_certificate);
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate(
mw_etsiTs103097Certificate(
-,
mw_toBeSignedCertificate_at(
v_at_certificate.toBeSigned.appPermissions,
v_at_certificate.toBeSigned.verifyKeyIndicator,
v_at_certificate.toBeSigned.validityPeriod,
omit
)
)
)
)
),
mw_geoNwBroadcastPacket
))) -> value v_geoNwInd {
tc_ac.stop;
if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo)) {
var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation };
if (f_isLocationInsideRegion(v_at_certificate.toBeSigned.region, v_location) == true) {
log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***");
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
mw_geoNwBroadcastPacket
))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_09_BV
/**
* @desc Check that IUT sends the secured DENM containing generation location which is inside the identified
* region defined by the validity restriction of the root certificate when subordinate AA and AT
* certificates don't contain any region restriction.
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
* <pre>
* Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_CA2_AT)
* containing toBeSigned
* not containing region
* and issuied by the certificate AA (CERT_IUT_CC_AA)
* containing toBeSigned
* containing circularRegion
* indicating REGION
* and issuied by the certificate RCA (CERT_IUT_C_RCA)
* containing toBeSigned
* containing circularRegion
* indicating REGION
* }
* ensure that {
* when {
* the IUT is requested to send a DENM
* } then {
* the IUT sends a SecuredMessage of type EtsiTs103097Data
* containing headerInfo
* containing generationLocation
* indicating value inside the REGION
* }
* }
* </pre>
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_10_BV
* @reference ETSI TS 103 097 [1] Clauses 7.1.2
* @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 & 6.4.8
*/
testcase TC_SEC_ITSS_SND_DENM_10_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var GeoNetworkingInd v_geoNwInd;
var HeaderInfo v_headerInfo;
var SignerIdentifier v_signerIdentifier;
var Certificate v_at_certificate;
var Certificate v_aa_certificate;
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***");
stop;
}
// Test component configuration
vc_hashedId8ToBeUsed := PICS_CERTFICATE_ID_VARIANT;
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
f_cf01Up();
// Test adapter configuration
// Preamble
f_prNeighbour();
f_readCertificate(cc_taCert_CA2, v_at_certificate);
f_readCertificate(cc_taCert_CC_AA, v_aa_certificate);
v_denmComponent := f_triggerDenmEvent();
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_certificate(
mw_etsiTs103097Certificate(
-,
mw_toBeSignedCertificate_at(
v_at_certificate.toBeSigned.appPermissions,
v_at_certificate.toBeSigned.verifyKeyIndicator,
v_at_certificate.toBeSigned.validityPeriod,
omit
)
)
)
)
),
mw_geoNwBroadcastPacket
))) -> value v_geoNwInd {
tc_ac.stop;
if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo)) {
var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation };
if (f_isLocationInsideRegion(v_at_certificate.toBeSigned.region, v_location) == true) {
log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***");
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
} else {
log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed(
mw_signedData(
-,
mw_toBeSignedData(
mw_signedDataPayload,
mw_headerInfo_denm
),
mw_signerIdentifier_digest
)
),
mw_geoNwBroadcastPacket
))) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
//repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
}
} // End of 'alt' statement
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
// Postamble
f_cancelDenmEvent(v_denmComponent);
f_poNeighbour();
f_cf01Down();
} // End of testcase TC_SEC_ITSS_SND_DENM_10_BV
/**
* @desc Check that IUT sends the secured DENM containing the 'data' field in signed data payload,
* containing the EtsiTs103097Data of type unsecured, contained the DENM payload
* <pre>
* Pics Selection: PICS_GN_SECURITY
* Config Id: CF01
* Initial conditions:
* with {
* the IUT is authorized with AT certificate (CERT_IUT_A_AT)
* }
* ensure that {
* when {
* the IUT is requested to send a secured DENM
* } then {
* the IUT sends a message of type EtsiTs103097Data
* contains content
* contains signedData
* containing tbsData
* containing payload
* containing data
* containing content
* containing unsecuredData
* containing not-empty data
* }
* }
* </pre>
*
* @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_DENM_11_BV
* @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2
*/
testcase TC_SEC_ITSS_SND_DENM_11_BV() runs on ItsGeoNetworking system ItsSecSystem {
// Local variables
var ItsDenm v_denmComponent;
// Test control
if (not(PICS_GN_SECURITY)) {
log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***");
stop;
}