module ItsGencert_TestCases { // LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; // LibIts import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; import from IEEE1609dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; // LibItsGeoNetworking import from LibItsGeoNetworking_EncdecDeclarations all; import from LibItsGeoNetworking_TypesAndValues all; import from LibItsGeoNetworking_Templates all; // LibItsSecurity import from LibItsSecurity_EncdecDeclarations all; import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Functions all; import from LibItsSecurity_Pixits all; // AtsGenCert import from ItsGenCert_TypeAndValues all; import from ItsGenCert_Functions all; import from ItsGenCert_TestSystem all; import from ItsGenCert_Pics all; modulepar boolean PX_VALIDATE_CERTIFICATES_ONLY := false; testcase TC_GEN_CERT() runs on TCType system TCType { var certificate_details_list v_certificate_details_list := {}; var integer v_idx := 0; for (var integer v_counter := 0; v_counter < lengthof(PICS_CERTFICATES); v_counter := v_counter + 1) { var certificate_details v_details; var template (value) EtsiTs103097Certificate v_certificate; var certificate_params v_certificate_params; var certificate_details v_issuer_certificate_details; var integer v_counter1; // Setup v_certificate_params := PICS_CERTFICATES[v_counter]; v_details := { v_certificate_params.certificate_id, {}, ''O, ''O, ''O, ''O, ''O, 0, ''O, '0000000000000000'O, '0000000000000000'O, omit, omit, omit, omit, omit }; // Generate Private/Public signing and encryption keys for the certificate if (f_generate_signing_keys(v_certificate_params, v_details) == -1) { setverdict(fail, "Unsupported curve"); stop; } // Build the certificate templates if (f_fill_certificate(v_certificate_params, v_details) == -1) { setverdict(fail, "Failed to build the certificate templates"); stop; } // Generate the certificate // 1. Find the issuer for (v_counter1 := 0; v_counter1 < lengthof(v_certificate_details_list); v_counter1 := v_counter1 + 1) { if (v_certificate_params.signed_by == v_certificate_details_list[v_counter1].certificate_id) { log("Issuer for ", v_certificate_params.certificate_id, " is ", v_certificate_details_list[v_counter1].certificate_id); v_issuer_certificate_details := v_certificate_details_list[v_counter1]; break; } } // End of 'for' statement if (v_counter1 == lengthof(v_certificate_details_list)) { v_issuer_certificate_details := v_details; } // 2. Generate the certificate, including the signature if (f_generate_certificate(v_certificate_params, v_issuer_certificate_details, v_details) == -1) { setverdict(fail, "Failed to generate the certificate"); stop; } // Fianlyse certificate if (f_finalyse_certificate(v_certificate_params, v_certificate_details_list, v_details) == -1) { setverdict(fail, "Failed to finalyse the certificate"); stop; } v_certificate_details_list[v_idx] := v_details; v_idx := v_idx + 1; } // End of 'for' statement log("v_certificate_details_list = ", v_certificate_details_list); // Store them if (f_store_certificates(v_certificate_details_list) == -1) { setverdict(fail, "Failed to finalyse the certificate"); stop; } else { setverdict(pass); } } // End of testcase TC_GEN_CERT testcase TC_VALIDATE_CERT() runs on TCType system TCType { var SequenceOfCertificate v_certificate_list; var integer v_idx := 0; // 1. Load certificates fx_loadCertificates(PX_CERTIFICATE_POOL_PATH, PX_IUT_SEC_CONFIG_NAME); // 2. Create the list of certificates for (var integer v_counter := 0; v_counter < lengthof(PICS_CERTFICATES); v_counter := v_counter + 1) { var EtsiTs103097Certificate v_certificate; if (f_readCertificate(PICS_CERTFICATES[v_counter].certificate_id, v_certificate) == false) { setverdict(fail, "Failed to read certificate ", PICS_CERTFICATES[v_counter].certificate_id); stop; } else { v_certificate_list[v_idx] := v_certificate; v_idx := v_idx + 1; } } // End of 'for' statement log("TC_VALIDATE_CERT: v_certificate_list = ", v_certificate_list); // 3. Check signature for (var integer v_counter := 0; v_counter < lengthof(v_certificate_list); v_counter := v_counter + 1) { var EtsiTs103097Certificate v_certificate := v_certificate_list[v_counter]; log("TC_VALIDATE_CERT: Processing certificate ", v_certificate.toBeSigned.id.name, " - ", v_certificate.issuer); if (ischosen(v_certificate.issuer.self_)) { if (f_verifyCertificateSignatureWithIssuingCertificate(v_certificate, v_certificate) == false) { setverdict(fail, "Failed to verify signature for CA certificate ", v_certificate.toBeSigned.id.name); stop; } } else { var EtsiTs103097Certificate v_issuing_certificate; var charstring v_certificate_id; var HashedId8 v_issuer; if (ischosen(v_certificate.issuer.sha256AndDigest)) { v_issuer := v_certificate.issuer.sha256AndDigest; } else if (ischosen(v_certificate.issuer.sha384AndDigest)) { v_issuer := v_certificate.issuer.sha384AndDigest; } else { setverdict(fail, "Unsupported issuer"); stop; } if (f_getCertificateFromDigest(v_issuer, v_issuing_certificate, v_certificate_id) == false) { setverdict(fail, "Failed to get certificate from digest ", v_issuer); stop; } if (f_verifyCertificateSignatureWithIssuingCertificate(v_certificate, v_issuing_certificate) == false) { setverdict(fail, "Failed to verify signature for CA certificate ", v_certificate.toBeSigned.id.name); stop; } } } // End of 'for' statement setverdict(pass); } // End of testcase TC_VALIDATE_CERT control { if (PX_VALIDATE_CERTIFICATES_ONLY == false) { execute(TC_GEN_CERT(), 1.0); } execute(TC_VALIDATE_CERT(), 1.0); } // End of 'control' statement } // End of module ItsGencert_TestCases