/** * @author ETSI / STF481 * @version $URL$ * $Id$ * @desc Testcases file for Security Protocol * @see Draft ETSI TS 103 097 V1.1.14 */ module ItsSecurity_TestCases { // Libcommon import from LibCommon_Time all; import from LibCommon_VerdictControl all; import from LibCommon_Sync all; // LibItsCommon // import from LibItsCommon_TypesAndValues all; import from LibItsCommon_Functions all; // LibItsSecurity import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Functions all; import from LibItsSecurity_Pixits all; // LibItsGeoNetworking import from LibItsGeoNetworking_TestSystem all; import from LibItsGeoNetworking_Functions all; import from LibItsGeoNetworking_Templates all; import from LibItsGeoNetworking_TypesAndValues all; import from LibItsGeoNetworking_Pics all; import from LibItsGeoNetworking_Pixits all; // LibItsBtp import from LibItsBtp_TypesAndValues all; import from LibItsBtp_Templates all; // LibItsCam import from LibItsCam_Templates all; import from LibItsCam_Functions { group camGenerators } ; // LibItsDenm import from LibItsDenm_TypesAndValues all; import from LibItsDenm_Templates { template m_situation, m_denmLocation_zeroDelta, m_denm, m_denmMgmtCon, m_tsActionId }; import from LibItsDenm_TestSystem all; // AtsSecurity import from AtsSecurity_TestSystem all; import from AtsSecurity_Functions all; import from AtsSecurity_Templates all; group g_SecuredMessages { /** * @desc Check that ITS-S sends a SecuredMessage containing protocol version set to 2 *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         *  with {
         *      the IUT being in the 'authorized' state
         *  }
         * Expected behaviour:
         * ensure that {
         *     when { 
         *     the IUT is requested to send a SecuredMessage
         *     } then {
         *     the IUT sends a SecuredMessage
         *         containing protocol_version 
         *         indicating value '2'
         *     }
         * }
         * 
* * @see Draft ETSI TS 103 097 V1.1.14 Clause 5.1 SecuredMessage * @reference EN 302 636-4-1 [1], clauses 9.3.2 , 8.6.2 and Annex G */ testcase TC_SEC_ITSS_SND_MSG_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test control // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive(mw_geoNwInd(mw_geoNwSecPdu(mdw_securedMessage_dummy))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Security protocol version set to 2 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_MSG_01 /** * @desc Check that IUT sends the message signed with the digest pointing to the AT certificate *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         * with {
         *   the IUT being in the 'authorized' state
         *   and the IUT is configured to send more than one CAM per second
         *   and the IUT having sent last CAM
         *     containing header_fields['signer_info'].signer.type
         *       indicating 'certificate'
         * }
         * Expected behaviour:
         * ensure that {
         *   when {
         *     the IUT is requested to send next CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields ['signer_info'] {
         *         containing signer {
         *           containing type
         *             indicating 'certificate_digest_with_sha256'
         *           containing digest
         *             referencing the certificate
         *               containing subject_info.subject_type
         *                 indicating 'authorization_ticket'
         *         }
         *       }
         *   }
         * } 
         * 
* * @see ETSI TS 103 097 V1.1.14, clause 6.3 * @reference EN 302 636-4-1 [1], clauses 9.3.2 , 8.6.2 and Annex G */ testcase TC_SEC_ITSS_SND_MSG_04_01() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var SecuredMessage v_recv; var Certificate v_cert; var LongPosVector v_longPosVectorIut; // Test control // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_setCamFrequencyGreatherThan1Hz(); // execution will be stopped if cert is not received during tc_ac log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; f_waitForCertificate(v_cert); tc_ac.stop; if (v_cert.subject_info.subject_type != e_authorization_ticket) { log("*** " & testcasename() & ": FAIL: received certificate is not an AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_prDone, e_error); } f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] a_securedMessageWithDigest (v_recv) { var SignerInfo v_si; tc_ac.stop; if (f_getMsgSignerInfo(v_recv, v_si) == true) { if (v_si.signerInfo.digest == f_calculateDigestFromCertificate(v_cert)) { log("*** " & testcasename() & ": PASS: Digest corresponds to the AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: Digest corresponds to unknown certificate ***"); log("f_calculateDigestFromCertificate(v_cert)=", f_calculateDigestFromCertificate(v_cert)); log("v_si.signerInfo.digest=", v_si.signerInfo.digest); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else { log("*** " & testcasename() & ": FAIL: Received message is not signed well ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_MSG_04_01 /** * @desc Check that IUT uses the AT certificate to sign messages *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate in the next CAM
         * }
         * ensure that {
         *     when {
         *         the IUT is requested to send a next CAM
         *     } then {
         *         the IUT sends a SecuredMessage
         *             containing header_fields ['signer_info'] {
         *                 containing signer {
         *                     containing type
         *                         indicating 'certificate'
         *                     containing certificate
         *                         containing subject_info.subject_type
         *                             indicating 'authorization_ticket'
         *                 }
         *             }
         *     }
         * }
         * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 6.3 */ testcase TC_SEC_ITSS_SND_MSG_04_02() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var SecuredMessage v_recv; var Certificate v_cert; var LongPosVector v_longPosVectorIut; // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] a_securedMessageWithCertificate(v_recv) { var SignerInfo v_si; if (f_getMsgSignerInfo(v_recv, v_si)) { v_cert := v_si.signerInfo.certificate; if (v_cert.subject_info.subject_type != e_authorization_ticket ) { log("*** " & testcasename() & ": FAIL: received certificate is not an AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: message signed with AT certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: received message is not signed well ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_MSG_04_02 /** * @desc Check that the SecuredMessage signature containes the ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         * with {
         *   the IUT being in the 'authorized' state
         * }
         * ensure that {
         *     when {
         *         the IUT is requested to send a next CAM
         *     } then {
         *      the IUT sends a SecuredMessage 
         *          containing header_fields ['its_aid']
         *              containing its_aid
         *                  indicating 'AID_CAM'
         *          and containing trailer_fields['signature']
         *              containing signature.ecdsa_signature
         *                  containing R.type
         *                      indicating compressed_lsb_y_0
         *                      or indicating compressed_lsb_y_1 
         *                      or indicating x_coordinate_only
         *     }
         * }
         * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 6.3 */ testcase TC_SEC_ITSS_SND_MSG_05_01() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var LongPosVector v_longPosVectorIut; // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( ?, ?, { mw_trailer_field_signature( mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_y0_coordinate_only, ? ) ) ) } ), ? ))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to compressed_lsb_y_0 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( ?, ?, { mw_trailer_field_signature( mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_y1_coordinate_only, ? ) ) ) } ), ? ))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to compressed_lsb_y_1 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( ?, ?, { mw_trailer_field_signature( mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_x_coordinate_only ) ) ) } ), ? ))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to x_coordinate_only received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { tc_ac.stop; log("*** " & testcasename() & ": Failed: Expected CAM message received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_MSG_05_01 group secCAMProfile { /** * @desc Check that the secured CAM contains exactly one element of these header fields: signer_info, generation_time, its_aid. Check that the header fields are in the ascending order according to the numbering of the enumeration except of the signer_info, which is encoded first. Check that generation_time_standard_deviation, expiration, encryption_parameters, recipient_info are not used *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *     the IUT being in the 'authorized' state
             * }
             * ensure that {
             *     when {
             *         the IUT is requested to send a CAM
             *     } then {
             *         the IUT sends a SecuredMessage  {
             *             containing header_fields[0]
             *                 containing type 
             *                     indicating 'signer_info'
             *             and containing header_fields [n].type
             *                 indicating value < header_fields [n+1].type
             *             and containing header_fields ['generation_time']
             *             and containing header_fields['its_aid']
             *                 indicating 'AID_CAM'
             *             and not containing header_fields['generation_time_standard_deviation']
             *             and not containing header_fields['expiration']
             *             and not containing header_fields['encryption_parameters']
             *             and not containing header_fields['recipient_info']
             *         }
             *     }
             * }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_02_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var HeaderFieldType v_previousHeaderType; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_signer_info ), mw_header_field(e_generation_time), mw_header_field_its_aid_CAM ) ), mw_geoNwPduWithPayload( ?, ?, mw_secCamPayload).packet ))) -> value v_geoNwInd { tc_ac.stop; // Process header fields manually v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields); // Check that signerInfo is first header if ((lengthof(v_headersFields) < 1) or not match(v_headersFields[0].type_, e_signer_info)) { log("*** " & testcasename() & ": FAIL: SignerInfo is not first header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) { // Check forbidden header // FIXME: 'generation_time_with_confidence' does not exist. is it e_generation_time_standard_deviation ? if (match(v_headersFields[v_counter].type_, e_generation_time_standard_deviation)) { log("*** " & testcasename() & ": FAIL: Forbidden header present"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (match(v_headersFields[v_counter].type_, e_signer_info)) { log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_counter > 1 ) { // Check that no header is duplicated if (v_headersFields[v_counter].type_ == v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: multiple instances of same header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that headers are ordered if (v_headersFields[v_counter].type_ < v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: headers not in correct order"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } v_previousHeaderType := v_headersFields[v_counter].type_; } // End of 'for' statement log("*** " & testcasename() & ": PASS: correct secured packet received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_02_01 /** * @desc Check that the secured CAM contains in the normal case the signer_info field of type certificate_digest_with_sha256 *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having sent last CAM
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send next CAM
             *  } then {
             *          the IUT sends a SecuredMessage
             *              containing header_fields['signer_info'] {
             *                  containing signer
             *                      containing type
             *                          indicating 'certificate_digest_with_sha256'
             *                      containing digest
             *                  containing header_fields['its_aid']
             *                      indicating 'AID_CAM'
             *              }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_05_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_cntTimeLimit := 10; const float c_certificateGenerationTime := 1.0; timer t_minTransInterval := c_certificateGenerationTime * 0.95; var integer v_cntTime := 0; var GeoNetworkingInd v_geoNwInd; var boolean v_nextCamWithCertificate := false; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_setCamFrequencyGreatherThan1Hz(); geoNetworkingPort.clear; tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; t_minTransInterval.start; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; if (v_nextCamWithCertificate == true) { v_cntTime := v_cntTime + 1; if (v_cntTime == c_cntTimeLimit) { // Exit message loop log("*** " & testcasename() & ": INFO: The subset of CAM messages including certificate was received ***"); } else { log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); tc_ac.start; t_minTransInterval.start; v_nextCamWithCertificate := false; repeat; } } else { log("*** " & testcasename() & ": FAIL: Certificate in received CAM ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_digest )))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); tc_ac.start; repeat; } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { log("*** " & testcasename() & ": FAIL: Neither Certificate not Digest in received CAM ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] t_minTransInterval.timeout { v_nextCamWithCertificate := true; log("*** " & testcasename() & ": INFO: Next CAM shall contain certificate ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_05_01 /** * @desc Check that the secured CAM contains the signer_info field of certificate when over the time of one second no other SecuredMessage contained a signer_info of type certificate.. *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             *     and the IUT is configured to send more then one CAM per second
             *     and the IUT having sent a CAM
             *         containing header_fields['signer_info'].signer.type
             *             indicating 'certificate'
             *         contains header_fields['generation_time']
             *             indicating TIME_LAST
             *     }
             * ensure that {
             *     when {
             *         the IUT sends one of the next SecuredMessage
             *             containing header_fields['signer_info'] {
             *                 containing signer {
             *                     containing type
             *                         indicating 'certificate'
             *                     containing certificate
             *                 }
             *             containing header_fields['its_aid']
             *                indicating 'AID_CAM'
             *             }
             *     } then {
             *         this message
             *             contains header_fields['generation_time']
             *                 indicating TIME (TIME >= TIME_LAST + 1sec)
             *     }
             * }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_06_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_cntTimeLimit := 10; const float c_certificateGenerationTime := 1.0; timer t_minTransInterval := c_certificateGenerationTime * 1.05; var integer v_cntTime := 0; var GeoNetworkingInd v_geoNwInd; var boolean v_nextCamWithCertificate := false; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_setCamFrequencyGreatherThan1Hz(); geoNetworkingPort.clear; tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; t_minTransInterval.start; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; v_cntTime := v_cntTime + 1; if (v_cntTime == c_cntTimeLimit) { // Exit message loop log("*** " & testcasename() & ": INFO: The subset of CAM messages including certificate was received ***"); } else { log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); tc_ac.start; t_minTransInterval.start; v_nextCamWithCertificate := false; repeat; } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; if (v_nextCamWithCertificate == true) { log("*** " & testcasename() & ": FAIL: No Certificate in received CAM ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); tc_ac.start; repeat; } } [] t_minTransInterval.timeout { v_nextCamWithCertificate := true; log("*** " & testcasename() & ": INFO: Next CAM shall contain certificate ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_06_01 /** * @desc Check that the secured CAM contains the signer_info field of certificate when the timeout of 1 second has been * expired after the previous CAM containing the certificate. *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having sent a CAM
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *          at TIME_1 
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send next CAM right after 1 second after the TIME_1
             *      } then {
             *          the IUT sends a SecuredMessage {
             *              containing header_fields ['signer_info'] {
             *                  containing signer {
             *                      containing type
             *                          indicating 'certificate'
             *                      containing certificate
             *                  }
             *              }
             *              containing header_fields['its_aid']
             *                  indicating 'AID_CAM'
             *          }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_06_02() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_cntTimeLimit := 10; const float c_certificateGenerationTime := 1.0; timer t_minTransInterval := c_certificateGenerationTime * 1.05; var integer v_cntTime := 0; var GeoNetworkingInd v_geoNwInd; var boolean v_nextCamWithCertificate := false; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_setCamFrequencyGreatherThan1Hz(); geoNetworkingPort.clear; tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; t_minTransInterval.start; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; v_cntTime := v_cntTime + 1; if (v_cntTime == c_cntTimeLimit) { // Exit message loop log("*** " & testcasename() & ": INFO: The subset of CAM messages including certificate was received ***"); } else { log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); tc_ac.start; t_minTransInterval.start; v_nextCamWithCertificate := false; repeat; } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { tc_ac.stop; if (v_nextCamWithCertificate == true) { log("*** " & testcasename() & ": FAIL: No Certificate in received CAM ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); tc_ac.start; repeat; } } [] t_minTransInterval.timeout { v_nextCamWithCertificate := true; log("*** " & testcasename() & ": INFO: Next CAM shall contain certificate ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_06_02 /** * @desc Check that SUT send certificate to unknown ITS-S *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent CAM at TIME_1
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *      and the IUT having received a SecuredMessage
             *                              at TIME_2 (TIME_1 < TIME_2 < TIME_1+ 1sec)
             *          containing header_fields['signer_info'] {
             *              containing signer
             *                  containing type
             *                      indicating 'certificate_digest_with_sha256'
             *                  containing digest
             *                      indicating HashedId3 value
             *                          referenced to unknown certificate
             *          }
             *          containing header_fields['its_aid']
             *              indicating 'AID_CAM'
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send CAM
             *                      at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
             *      } then {
             *          the IUT sends a SecuredMessage {
             *              containing header_fields[0] {
             *                  containing type 
             *                      indicating 'signer_info'
             *                  containing signer {
             *                      containing type
             *                          indicating 'certificate'
             *                      containing certificate
             *                  }
             *              }
             *              containing header_fields['its_aid']
             *                  indicating 'AID_CAM'
             *          }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_07_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const float c_certificateGenerationTime := 1.0; timer t_minTransInterval := c_certificateGenerationTime * 0.95; var GeoNetworkingInd v_geoNwInd; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_setCamFrequencyGreatherThan1Hz(); geoNetworkingPort.clear; tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; t_minTransInterval.start; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); // Send secured message from unknown ITS-S f_sendSecuredCam(cc_taCertB); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); if (t_minTransInterval.running) { log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": INCONC: CAM with certificate received after 1s... ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); tc_ac.start; repeat; } [] t_minTransInterval.timeout { log("*** " & testcasename() & ": INFO: Next CAM shall contain certificate ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_07_01 /** * @desc Check that IUT restart the certificate sending timer when the certificate has been sent *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more then one CAM per second
             *      and the IUT having already sent CAM at TIME_1
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *      and the IUT having received a CAM
             *                              at TIME_2 (TIME_1 + 0.3sec) {
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate_digest_with_sha256'
             *          containing header_fields['signer_info'].signer.digest
             *              referenced to unknown certificate
             *      }
             *      and the IUT having sent CAM at TIME_3 (TIME_3 > TIME_2)
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *  }
             *  ensure that {
             *      when {
             *          the IUT is sending the next CAM at TIME_4
             *              containing header_fields['signer_info'].signer.type
             *                  indicating 'certificate'
             *      } then {
             *          the difference between TIME_4 and TIME_3 is about of 1sec
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_07a_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const float c_certificateGenerationTime := 1.0; timer t_minTransInterval := c_certificateGenerationTime * 0.95; var GeoNetworkingInd v_geoNwInd; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_setCamFrequencyGreatherThan1Hz(); geoNetworkingPort.clear; tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; t_minTransInterval.start; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); // Send secured message with request for unrecognized certificate f_sendSecuredCam( cc_taCertB, { m_header_field_unrecognised_certificate( f_HashedId3FromHashedId8( vc_atCertificate.signer_info.signerInfo.digest ) ) } ); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); if (t_minTransInterval.running) { log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": INCONC: CAM with certificate received after 1s... ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); tc_ac.start; repeat; } [] t_minTransInterval.timeout { log("*** " & testcasename() & ": INFO: Next CAM shall contain certificate ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_07a_01 /** * @desc Check that SUT send certificate when requested *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent CAM at TIME_1
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate' 
             *      and the IUT having received a SecuredMessage 
             *                          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
             *          containing header_fields['request_unrecognized_certificate']
             *              containing digests {
             *                  containing HashedId3 value
             *                      referencing to the AT certificate
             *                  and not containing HashedId3 value
             *                      referencing to the AA certificate
             *              }
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
             *                  at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
             *      } then {
             *          the IUT sends a SecuredMessage {
             *              containing header_fields['signer_info'] {
             *                  containing signer {
             *                      containing type
             *                          indicating 'certificate'
             *                      containing certificate
             *                          referenced by the requested digest 
             *                  }
             *              }
             *              containing header_fields['its_aid']
             *                  indicating 'AID_CAM'
             *          }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_08_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const float c_certificateGenerationTime := 1.0; timer t_minTransInterval := c_certificateGenerationTime * 0.95; var GeoNetworkingInd v_geoNwInd; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_setCamFrequencyGreatherThan1Hz(); geoNetworkingPort.clear; tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; t_minTransInterval.start; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); // Send secured message with request for unrecognized certificate f_sendSecuredCam( cc_taCertB, { m_header_field_unrecognised_certificate( // containing digests f_HashedId3FromHashedId8( // containing HashedId3 value vc_atCertificate.signer_info.signerInfo.digest // referencing to the AT certificate // and not containing HashedId3 value referencing to the AA certificate ) ) } ); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); if (t_minTransInterval.running) { log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": INCONC: CAM with certificate received after 1s... ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); tc_ac.start; repeat; } [] t_minTransInterval.timeout { log("*** " & testcasename() & ": INFO: Next CAM shall contain certificate ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_08_01 /** * @desc Check that SUT send certificate_chain when requested *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT is configured to send more than one CAM per second
             *      and the IUT having already sent a CAM
             *          containing header_fields['signer_info'].signer.type
             *              indicating 'certificate'
             *          at TIME_1
             *      and the IUT having received a SecuredMessage
             *          containing header_fields['request_unrecognized_certificate'] {
             *              containing digests {
             *                  containing HashedId3 value
             *                      referencing to the AA certificate
             *              }
             *          }
             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1+ 1sec)
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+ 1sec)
             *      } then {
             *          the IUT sends a SecuredMessage {
             *              containing header_fields['signer_info'] {
             *                  containing signer {
             *                      containing type
             *                          indicating 'certificate_chain'
             *                      containing certificates[last]
             *                          indicating the AT certificate
             *                      containing certificates[last-1]
             *                          indicating the AA certificate
             *                  }
             *              }
             *              containing header_fields['its_aid']
             *                  indicating 'AID_CAM'
             *          }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_09_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const float c_certificateGenerationTime := 1.0; timer t_minTransInterval := c_certificateGenerationTime * 0.95; var GeoNetworkingInd v_geoNwInd; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_setCamFrequencyGreatherThan1Hz(); geoNetworkingPort.clear; tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; t_minTransInterval.start; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); // Send secured message with request for unrecognized certificate f_sendSecuredCam( cc_taCertB, { m_header_field_unrecognised_certificate( // containing digests f_HashedId3FromHashedId8( // containing HashedId3 value vc_aaCertificate.signer_info.signerInfo.digest // referencing to the AA certificate ) ) }); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate_chain )))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); if (t_minTransInterval.running) { var SignerInfo v_signerInfo; var CertificateChain v_certificates; var integer v_certificateChainLength; // Extract certificate chain f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); v_certificates := v_signerInfo.signerInfo.certificates; v_certificateChainLength := lengthof(v_certificates); if (v_certificateChainLength >= 2) { // Check length if ( // Check Content not( (v_certificates[v_certificateChainLength - 1].subject_info.subject_type == e_authorization_authority) and // Check the certificate chain contains certificates[last] indicating the AT certificate (v_certificates[v_certificateChainLength - 2].subject_info.subject_type == e_authorization_ticket) // Check the certificate chain contains certificates[last-1] indicating the AA certificate )) { log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } else { log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content length ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } else { log("*** " & testcasename() & ": INCONC: CAM with certificate chain received after 1s... ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***"); tc_ac.start; repeat; } [] t_minTransInterval.timeout { log("*** " & testcasename() & ": INFO: Next CAM shall contain certificate chain ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_09_01 /** * @desc Check that message generation time is inside the validity period of the signing certificate *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      the IUT being requested to include certificate in the next CAM 
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send CAM
             *      } then {
             *          the IUT sends a SecuredMessage {
             *              containing security_profile
             *                  indicating '1'
             *              containing header_fields ['generation_time'] {
             *                  containing generation_time
             *                      indicating TIME_1 (CUR_TIME - 5min <= TIME_1 <= CUR_TIME + 5min)
             *              }
             *              containing header_fields ['signer_info'] {
             *                  containing signer {
             *                      containing type
             *                          indicating 'certificate'
             *                      containing certificate {
             *                          not containing validity_restrictions['time_start_and_end']
             *                          or containing validity_restrictions['time_start_and_end'] {
             *                              containing start_validity
             *                                  indicating value <= TIME_1
             *                              containing end_validity
             *                                  indicating value > TIME_1
             *                          }
             *                      }
             *                  }
             *              }
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_10_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_timeThreshold := 5000; /** Time threshold in milliseconds */ var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; var Certificate v_certificate; var HeaderField v_headerField; var Time64 v_generationTime; var ValidityRestriction v_validity; var integer v_currentTime, v_lowerBound, v_upperBound; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_generation_time, mw_header_field_signer_info_certificate, mw_header_field_its_aid_CAM ))))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM transmission with certificate ***"); v_currentTime := f_getCurrentTime(); v_lowerBound := (v_currentTime - c_timeThreshold) * 1000; v_upperBound := (v_currentTime + c_timeThreshold) * 1000; // Extract generation_time f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField); v_generationTime := v_headerField.headerField.generation_time; // Extract certificate f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); v_certificate := v_signerInfo.signerInfo.certificate; // Check current time if (match(v_generationTime, (v_lowerBound .. v_upperBound))) { log("*** " & testcasename() & ": PASS: Generation time matches current time ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: Generation time does not match current time. ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check generation_time validity if ( not(f_getCertificateValidityRestriction(v_certificate, e_time_start_and_end, v_validity)) or (v_generationTime >= (v_validity.validity.time_start_and_end.start_validity * 1000000) and (v_generationTime < (v_validity.validity.time_start_and_end.end_validity * 1000000))) ) { log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log ("start_validity (in us)=", v_validity.validity.time_start_and_end.start_validity * 1000000); log ("end_validity (in us) =", v_validity.validity.time_start_and_end.end_validity * 1000000); log("*** " & testcasename() & ": FAIL: Generation time not within certificate validity ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); tc_ac.start; repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_10_01 /** * @desc Check secured CAM its_aid value *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send CAM
             *      } then {
             *          the IUT sends a SecuredMessage {
             *              containing header_fields ['its_aid'] {
             *                  containing its_aid
             *                      indicating 'AID_CAM' (16512)
             *              }
             *          }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_11_01() runs on ItsGeoNetworking system ItsSecSystem { // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs, mw_geoNwPduWithPayload( ?, ?, mw_secCamPayload).packet ))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: CAM received as message_type 2"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_dummy, mw_geoNwPduWithPayload( ?, ?, mw_secCamPayload).packet ))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: CAM received with different message_type"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_11_01 /** * @desc Check that the IUT sends certificate request when it receives a message from unknown station *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      and the IUT has receiving a SecuredMessage {
             *          containing header_fields['signer_info'].signer {
             *              containing type
             *                  indicating 'certificate_digest_with_sha256'
             *              containing digest
             *                  indicating HashedId3 value DIGEST_A
             *                      referenced to unknown certificate
             *          }
             *      }
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send CAM
             *      } then {
             *          the IUT sends a SecuredMessage {
             *              containing header_fields['request_unrecognized_certificate'] {
             *                  containing digests
             *                      containing HashedId3 value
             *                          indicating DIGEST_A
             *              }
             *              containing header_fields ['its_aid'] {
             *                  containing its_aid
             *                      indicating 'AID_CAM'
             *          }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_12_01() runs on ItsGeoNetworking system ItsSecSystem { // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); // Send secured message from unknown ITS-S f_sendSecuredCam(cc_taCertB); geoNetworkingPort.clear; f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_request_unrecognized_certificate( { f_HashedId3FromHashedId8( vc_lastAtCertificateUsed.signer_info.signerInfo.digest ) } // End of list ))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: CAM received with request for unrecognized certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_dummy ))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: CAM received without request for unrecognized certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_12_01 /** * @desc Check that the Secured CAM contains exactly one non-empty payload of type signed. *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
             *      } then {
             *          the IUT sends a SecuredMessage {
             *              containing header_fields ['its_aid'] {
             *                  containing its_aid
             *                      indicating 'AID_CAM' (16512)
             *              }
             *              containing payload_field
             *                  containing exactly one element of type Payload {
             *                      containing type
             *                          indicating 'signed'
             *                      containing not-empty data
             *                  }
             *          }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_14_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( ?, mw_payload( e_signed ))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: CAM received with exactly 1 signed payload"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_14_01 /** * @desc Check that the secured CAM contains only one TrailerField of type signature. * Check that the signature contained in the SecuredMessage is calculated over the * right fields by cryptographically verifying the signature. *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when {
             *          the IUT is requested to send a CAM
             *      } then {
             *          the IUT sends a SecuredMessage {
            *              containing header_fields ['signer_info'] {
             *                  containing signer {
             *                      containing type
             *                          indicating 'certificate_digest_with_sha256'
             *                      containing digest
             *                          referenced to the certificate
             *                              containing subject_info.subject_type
             *                                  indicating 'authorization_ticket' (2)
             *                              and containing subject_attributes['verification key'] (KEY)
             *                  }
             *                  or containing signer {
             *                      containing type
             *                          indicating 'certificate'
             *                      containing certificate
             *                          containing subject_info.subject_type
             *                              indicating 'authorization_ticket' (2)
             *                          and containing subject_attributes['verification key'] (KEY)
             *                  }
             *              }
             *              containing header_fields ['its_aid'] {
             *                  containing its_aid
             *                      indicating 'AID_CAM'
             *              }
             *              containing trailer_fields {
             *                  containing single instance of type TrailerField {
             *                      containing type
             *                          indicating 'signature'
             *                      containing signature
             *                          verifiable using KEY
             *                  }
             *              }
             *          }
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_16_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_nbVerification := 3; var integer v_nbVerification := 0; var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; var Certificate v_certificate; var boolean v_certificateReceived := false; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM message with certificate received ***"); f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); v_certificate := v_signerInfo.signerInfo.certificate; v_certificateReceived := true; if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) { log("*** " & testcasename() & ": FAIL: CAM received with invalide signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_nbVerification := v_nbVerification + 1; if (v_nbVerification < c_nbVerification) { tc_ac.start; repeat; } } [v_certificateReceived == true] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_digest )))) -> value v_geoNwInd { tc_ac.stop; if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) { log("*** " & testcasename() & ": FAIL: CAM received with invalide signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_nbVerification := v_nbVerification + 1; if (v_nbVerification < c_nbVerification) { tc_ac.start; repeat; } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: All CAMs received with correct signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_16_01 } // End of group secCAMProfile group secDENMProfile { /** * @desc Check that the secured DENM contains exactly one element of these header fields: signer_info, generation_time, generation_location, message_type. * Check that the header fields are in the ascending order according to the numbering of the enumeration except of the signer_info, which is encoded first. * Check that generation_time_with_confidence (generation_time_standard_deviation) is not used *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing header_fields[0]
             *         containing type 
             *           indicating 'signer_info'
             *       containing header_fields [n].type
             *         indicating value less then header_fields [n+ 1].type
             *       containing header_fields ['generation_time']
             *       containing header_fields ['generation_location']
             *       containing header_fields ['its_aid'] {
             *          containing its_aid
             *              indicating 'AID_DENM'
             *       }
             *       not containing header_fields ['generation_time_with_confidence']
             *     }
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_02_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var HeaderFieldType v_previousHeaderType; var ItsDenm v_denmComponent; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_time ), mw_header_field( e_generation_location ), mw_header_field_its_aid_DENM ) ), mw_geoNwAnyPacket_withPayload( ? )))) -> value v_geoNwInd { tc_ac.stop; // Process header fields manually v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields); // Check that signerInfo is first header if (lengthof(v_headersFields) < 1 or not match(v_headersFields[0].type_, e_signer_info)) { log("*** " & testcasename() & ": FAIL: SignerInfo is not first header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_previousHeaderType := v_headersFields[0].type_; for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) { // Check forbidden header // FIXME: 'generation_time_with_confidence' does not exist. is it e_generation_time_standard_deviation ? if (match(v_headersFields[v_counter].type_, e_generation_time_standard_deviation)) { log("*** " & testcasename() & ": FAIL: Forbidden header present"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (match(v_headersFields[v_counter].type_, e_signer_info)) { log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_counter > 1 ) { // Check that no header is duplicated if (v_headersFields[v_counter].type_ == v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: multiple instances of same header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that headers are ordered if (v_headersFields[v_counter].type_ < v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: headers not in correct order"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } v_previousHeaderType := v_headersFields[v_counter].type_; } // End of 'for' statement log("*** " & testcasename() & ": PASS: correct secured packet received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_02_01 /** * @desc Check that secured DENM contains the certificate as a signer_info *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing header_fields['signer_info']{
             *         containing signer {
             *           containing type
             *             indicating 'certificate'
             *           containing certificate
             *         }
             *       }
             *     }
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_03_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var HeaderFieldType v_previousHeaderType; var integer v_counter; var ItsDenm v_denmComponent; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_signer_info_certificate ), mw_geoNwAnyPacket_withPayload( ? )))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM signed with certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field( e_signer_info ) ), mw_geoNwAnyPacket_withPayload( ? )))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: DENM signed with digest"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } /** * @desc Check that message generation time is inside the validity period of the signing certificate * Check that message generation time value is realistic (according to values proposed in C2C SEC12) *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields['generation_time'] {
             *         containing generation_time
             *           indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
             *       }
             *       containing header_fields['signer_info'] {
             *         containing signer {
             *           containing type
             *             indicating 'certificate'
             *           containing certificate {
             *             containing validity_restrictions['time_start_and_end'] {
             *               containing start_validity
             *                 indicating value <= TIME_1
             *               containing end_validity
             *                 indicating value > TIME_1
             *             }
             *             or not containing validity_restrictions['time_start_and_end']
             *           }
             *         }
             *       }
             *     }
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clauses 5.4, 7.2 */ testcase TC_SEC_ITSS_SND_DENM_04_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var HeaderField v_headerField; var Time64 v_generationTime; var Time64 v_curTime; var Time64 v_startTime, v_endTime; var Certificate v_cert; var ItsDenm v_denmComponent; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_time ), mw_header_field_signer_info_certificate, mw_header_field_its_aid_DENM ) ), mw_geoNwAnyPacket_withPayload( ? )))) -> value v_geoNwInd { tc_ac.stop; v_curTime := f_getCurrentTime(); v_curTime := v_curTime * 1000; // Time64 is in microseconds if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField)) { v_generationTime := v_headerField.headerField.generation_time; if (v_generationTime < v_curTime - (10*60*3600)) { log("*** " & testcasename() & ": FAIL: DENM generation time is too far in the past"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_generationTime > v_curTime + (10*60*3600)) { log("*** " & testcasename() & ": FAIL: DENM generation time is too far in the future"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that generation time is inside the certificate validation period if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_signer_info, v_headerField)) { v_cert := v_headerField.headerField.signer.signerInfo.certificate; for (var integer v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) { if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) { v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000; if (v_generationTime > v_endTime ) { log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) { v_endTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000; v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000; if (v_generationTime < v_startTime or v_generationTime > v_endTime ) { log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } // End of 'for' statement log("*** " & testcasename() & ": PASS: DENM generation time is inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": INCONC: DENM signer info is not available"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else { log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation time header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_04_01 /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location * when AT certificate does not contain any region restrictions *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_A)
             *     not containing validity_restrictions['region']
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields ['generation_location']
             *         containing generation_location
             *       containing header_fields ['its_aid'] {
             *          containing its_aid
             *              indicating 'AID_DENM'
             *       }
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var Certificate v_atCertificate; var ItsDenm v_denmComponent; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); // Load IUT certificate IUT_CERT_A f_readCertificate("IUT_CERT_A.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_A f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, superset( mw_validity_restriction_region ))))))) { log("*** " & testcasename() & ": INFO: Skip DENM containing region restrictions ***"); repeat; } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_location ), mw_header_field_signer_info_certificate, mw_header_field_its_aid_DENM ))))) { // The certificate doesn't contain region restrictions because such messages was catched before tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM contains generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_signer_info_certificate )))) { // the message does not contain generation location tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM contains generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble // Cancel DENM events f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_01 function f_TC_SEC_ITSS_SND_DENM_05( in template GeographicRegion pmw_region := ? ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingInd v_geoNwInd; var ItsDenm v_denmComponent; // Trigger DENM v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { // DENM contains generation location and certificate with region restrictions [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_location ), mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, superset( mw_validity_restriction_region( pmw_region ) ) ) ), mw_header_field_its_aid_DENM ))))) -> value v_geoNwInd { var ValidityRestriction v_vr; var HeaderField v_hf; tc_ac.stop; // check that generation location is inside the circular region of the certificate if ( f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf) and f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr) ) { if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) { log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } else { log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // DENM doesn't 'contains generation location and certificate with region restrictions // FIXME Not possible, generation_location field is mandatory for DENM // [] geoNetworkingPort.receive( // mw_geoNwInd( // mw_geoNwSecPdu( // mdw_securedMessage_DENMs( // complement( // FIXME Cannot work !!! // superset( // mw_header_field( // e_generation_location // ))))))) { // tc_ac.stop; // log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location header"); // f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); // } // DENM signing certificate doesn't 'contains region restriction [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, { } // DENM signing certificate doesn't 'contains region restriction )))))) { tc_ac.stop; log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement f_cancelDenmEvent(v_denmComponent); } // End of function f_TC_SEC_ITSS_SND_DENM_05 /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location * which is inside the circular region containing in the validity restriction of the * certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_B) {
             *     containing validity_restrictions ['region'] {
             *       containing region{
             *         containing region_type
             *           indicating 'circle'
             *         containing circular_region
             *           indicating REGION
             *       }
             *     }
             *   }
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *       containing header_fields ['its_aid'] {
             *          containing its_aid
             *              indicating 'AID_DENM'
             *       }
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_02() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var Certificate v_atCertificate; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); // Load IUT certificate IUT_CERT_B f_readCertificate("IUT_CERT_B.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_B f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_DENM_05(mw_geographicRegion_circle); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_02 /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location * which is inside the rectangular region containing in the validity restriction * of the certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_C) {
             *     containing validity_restrictions ['region'] {
             *       containing region{
             *         containing region_type
             *           indicating 'rectangle'
             *         containing rectangular_region
             *           indicating REGION
             *       }
             *     }
             *   }
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_field ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *       containing header_field ['its_aid'] {
             *          containing its_aid
             *              indicating 'AID_DENM'
             *       }
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_03() runs on ItsGeoNetworking system ItsSecSystem { // Test control var Certificate v_atCertificate; // Test component configuration f_cf01Up(); // Test adapter configuration // Load IUT certificate IUT_CERT_C f_readCertificate("IUT_CERT_C.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_C // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_DENM_05(mw_geographicRegion_rectangular); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_03 /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location * which is inside the polygonal region containing in the validity restriction * of the certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_D) {
             *     containing validity_restrictions ['region'] {
             *       containing region{
             *         containing region_type
             *           indicating 'polygon'
             *         containing polygonal_region
             *           indicating REGION
             *       }
             *     }
             *   }
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_field ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *       containing header_field ['its_aid'] {
             *          containing its_aid
             *              indicating 'AID_DENM'
             *       }
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_04() runs on ItsGeoNetworking system ItsSecSystem { // Test control var Certificate v_atCertificate; // Test component configuration f_cf01Up(); // Test adapter configuration // Load IUT certificate IUT_CERT_D f_readCertificate("IUT_CERT_D.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_D // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_DENM_05(mw_geographicRegion_polygonal); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_04 /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location * which is inside the identified region containing in the validity restriction * of the certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_E) {
             *     containing validity_restrictions ['region'] {
             *       containing region{
             *         containing region_type
             *           indicating 'id_region'
             *         containing identified_region
             *           indicating REGION
             *       }
             *     }
             *   }
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *          containing exactly one header_fields ['generation_location'] {
             *              containing generation_location
             *                  indicating value inside the REGION
             *              containing header_fields ['its_aid'] {
             *                  containing its_aid
             *                      indicating 'AID_DENM'
             *              }
             *          }
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_05() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var Certificate v_atCertificate; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Load IUT certificate IUT_CERT_E f_readCertificate("IUT_CERT_E.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_E // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_DENM_05(mw_geographicRegion_identified); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_05 /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location * which is inside the region containing in the validity restriction * of the certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing header_fields['signed_info'].certificate {
             *         containing validity_restrictions ['region']
             *         {
             *           containing region.region_type
             *             indicating 'circle'
             *           containing region.circular_region
             *             indicating REGION
             *         } or {
             *           containing region.region_type
             *             indicating 'rectangle'
             *           containing region.rectangular_region
             *             containing array of rectangles
             *               indicating REGION
             *         } or {
             *           containing region.region_type
             *             indicating 'polygonal'
             *           containing region.polygonal_region
             *             indicating REGION
             *         } or {      
             *           containing region.region_type
             *             indicating 'id_region'
             *           containing region.circular_region
             *             indicating REGION
             *         }
             *       }
             *       containing exactly one header_fields['generation_location']
             *         containing generation_location
             *           indicating location inside the REGION
             *       containing header_fields ['its_aid'] {
             *          containing its_aid
             *              indicating 'AID_DENM'
             *       }
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_06() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var Certificate v_atCertificate; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Load IUT certificate IUT_CERT_B f_readCertificate("IUT_CERT_B.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_B // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_DENM_05(); // any type of regions // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_06 /** * @desc Check secured DENM message type *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             * }
             * Expected results:
             * ensure that {
             *     when {
             *         the IUT is requested to send a DENM
             *     } then {
             *         the IUT sends a SecuredMessage {
             *             containing header_fields ['its_aid'] {
             *                 containing its_aid
             *                     indicating 'AID_DENM' (16513)
             *              }
             *         }
             *     }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_06_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var ItsDenm v_denmComponent; // Test control // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_its_aid_CAM )))) { log("*** " & testcasename() & ": PASS: DENM message type is set to '1'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs ))) { log("*** " & testcasename() & ": FAIL: DENM message type is not '1'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs ))) { log("*** " & testcasename() & ": FAIL: DENM message type header field does not exist"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_06_01 /** * @desc Check secured DENM message type *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             * }
             * Expected results:
             * ensure that {
             *     when {
             *         the IUT is requested to send a DENM
             *     } then {
             *         the IUT sends a SecuredMessage {
             *             containing header_fields ['its_aid'] {
             *                 containing its_aid
             *                     indicating 'AID_DENM'
             *             }
             *             containing payload_field
             *                 containing exactly one element of type Payload {
             *                     containing type
             *                         indicating 'signed'
             *                             containing not-empty data
             *             }
             *         }
             *     }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_08_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var ItsDenm v_denmComponent; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( ?, mw_payload(e_signed) )))) { log("*** " & testcasename() & ": PASS: DENM payload is 'signed'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( ?, mw_payload() )))) { log("*** " & testcasename() & ": FAIL: DENM payload is not 'signed'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs ))) { log("*** " & testcasename() & ": FAIL: DENM payload is not exist"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_08_01 /** * @desc Check that the secured DENM contains only one TrailerField of type signature. * Check that the signature contained in the SecuredMessage is calculated * over the right fields by cryptographically verifying the signature. *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing header_field ['signer_info'] {
             *         containing signer {
             *           containing type
             *             indicating 'certificate'
             *           containing certificate
             *             containing subject_info.subject_type
             *               indicating 'authorization_ticket' (2)
             *             and containing subject_attributes['verification key'] (KEY)
             *         }
             *       }
             *       containing header_field ['its_aid'] {
             *          containing its_aid
             *              indicating 'AID_DENM'
             *       }
             *       containing trailer_fields {
             *         containing single instance of type TrailerField {
             *           containing type
             *             indicating 'signature'
             *           containing signature
             *             verifiable using KEY
             *           }
             *       }
             *     }
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_10_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; var Certificate v_certificate; var ItsDenm v_denmComponent; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); v_denmComponent := f_triggerDenmEvent(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": INFO: DENM message with certificate received ***"); f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) { log("*** " & testcasename() & ": FAIL: DENM received with invalide signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: DENM received with correct signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_10_01 } // End of group secDENMProfile group secOtherProfile { /** * @desc Check that the generic secured message contains exactly one element of these header fields: * signer_info, generation_time, generation_location. * Check that the header fields are in the ascending order according to the numbering of the enumeration * except of the signer_info, which is encoded first. *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected Results:
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing header_fields [0].type
             *         indicating 'signer_info'
             *       containing header_fields [1..n] 
             *         where header_fields [v_counter].type < header_fields [v_counter + 1].type
             *       containing header_fields ['generation_time']
             *       containing header_fields ['generation_location']
             *       not containing header_field ['its_aid']
             *         indicating 'AID_CAM'
             *       not containing header_field ['its_aid']
             *         indicating 'AID_DENM'
             *     }
             *   }  
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_02_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var HeaderFieldType v_previousHeaderType; var integer v_counter; // Test control // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field(e_generation_time), mw_header_field(e_generation_location), complement( mw_header_field_its_aid_CAM, mw_header_field_its_aid_DENM ) ) ), mw_geoNwBeaconPacket( ? )))) -> value v_geoNwInd { tc_ac.stop; // Process header fields manually v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields); // Check that signerInfo is first header if (lengthof(v_headersFields) < 1 or not match(v_headersFields[0].type_, e_signer_info)) { log("*** " & testcasename() & ": FAIL: SignerInfo is not first header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) { // Check that no header is duplicated if (match(v_headersFields[v_counter].type_, e_signer_info)) { log("*** " & testcasename() & ": FAIL: multiple instances of signer_info"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_counter > 1) { // Check that headers are ordered if (v_headersFields[v_counter].type_ == v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: multiple instances of same Header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_headersFields[v_counter].type_ < v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: headers not in correct order"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } v_previousHeaderType := v_headersFields[v_counter].type_; } // End of 'for' statement log("*** " & testcasename() & ": PASS: correct secured packet received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_02_01 /** * @desc Check that generic secured message contains the certificate as a signer_info *
             * Pics Selection: none
             * Config Id: CF01
             * Initial Conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected Behaviour
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields ['signer_info'] {
             *         containing signer {
             *           containing type
             *             indicating 'certificate'
             *           containing certificate
             *         }
             *       }
             *       not containing header_field ['its_aid']
             *         indicating 'AID_CAM'
             *       not containing header_field ['its_aid']
             *         indicating 'AID_DENM'
             *     }
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_03_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test control // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate ), mw_geoNwBeaconPacket( ? )))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Beacon signed with certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field( e_signer_info ) ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": INFO: Beacon signed with digest ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_03_01 /** * @desc Check that message generation time is inside the validity period of the signing certificate * Check that message generation time value is realistic (according to values proposed in C2C SEC12) *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * Expected behaviour:
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields['generation_time'] {
             *         containing generation_time
             *           indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
             *       }
             *       containing header_fields['signer_info'] {
             *         containing signer {
             *           containing type
             *             indicating 'certificate'
             *           containing certificate {
             *             containing validity_restrictions['time_start_and_end'] {
             *               containing start_validity
             *                 indicating value <= TIME_1
             *               containing end_validity
             *                 indicating value > TIME_1
             *             }
             *             or not containing validity_restrictions['time_start_and_end']
             *           }
             *         }
             *       }
             *     }
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clauses 5.4, 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_04_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var GeoNetworkingInd v_geoNwInd; var HeaderField v_headerField; var Time64 v_generationTime; var Time64 v_curTime; var Time64 v_startTime, v_endTime; var Certificate v_cert; var integer v_counter; // Test control // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_time ), mw_header_field_signer_info_certificate, complement( mw_header_field_its_aid_CAM, mw_header_field_its_aid_DENM ) ) ), mw_geoNwBeaconPacket( ? ) ) )) -> value v_geoNwInd { const integer c_deltaTime := 2 * 3600 * 1000000; // Two hours, in microsecoonds tc_ac.stop; v_curTime := f_getCurrentTime(); v_curTime := v_curTime * 1000; // Clause 4.2.16 Time64: is in microseconds if ( f_getMsgHeaderField( v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField )) { v_generationTime := v_headerField.headerField.generation_time; log("v_generationTime=", v_generationTime); log("v_curTime=", v_curTime); log("v_curTime - c_deltaTime=", v_curTime - c_deltaTime); if (v_generationTime < (v_curTime - c_deltaTime)) { log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the past"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_generationTime > (v_curTime + c_deltaTime)) { log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the future"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that generation time is inside the certificate validation period if ( f_getMsgHeaderField( v_geoNwInd.msgIn.gnPacket.securedMsg, e_signer_info, v_headerField )) { v_cert := v_headerField.headerField.signer.signerInfo.certificate; for (v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) { if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) { v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000; if (v_generationTime > v_endTime ) { log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) { v_endTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000; v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000; if (v_generationTime < v_startTime or v_generationTime > v_endTime ) { log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } // End of 'for' statement log("*** " & testcasename() & ": PASS: Beacon generation time is inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": INCONC: DENM signer info is not available"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_04_01 /** * @desc Check that the secured GN Beacon contains exactly one HeaderField generation_location * when AT certificate does not contain any region restrictions *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_A)
             *     not containing validity_restrictions['region']
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields ['generation_location']
             *         containing generation_location
             *       not containing header_field ['its_aid']
             *         indicating 'AID_CAM'
             *       not containing header_field ['its_aid']
             *         indicating 'AID_DENM'
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_GENMSG_05_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd(mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, superset( mw_validity_restriction_region ))))))) { log("*** " & testcasename() & ": INFO: Skip DENM containing region restrictions ***"); repeat; } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_location ), mw_header_field_signer_info_certificate, complement( mw_header_field_its_aid_CAM, mw_header_field_its_aid_DENM ) ))))) { // The certificate doesn't contain region restrictions because such messages was catched before tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM contains generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate )))) { // The message does not contain generation location tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM contains generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_01 /** * @desc Check that the secured GN Beacon contains exactly one HeaderField generation_location * which is inside the circular region containing in the validity restriction of the * certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_B) {
             *     containing validity_restrictions ['region'] {
             *       containing region{
             *         containing region_type
             *           indicating 'circle'
             *         containing circular_region
             *           indicating REGION
             *       }
             *     }
             *   }
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a GN Beacon
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *       not containing header_field ['its_aid']
             *         indicating 'AID_CAM'
             *       not containing header_field ['its_aid']
             *         indicating 'AID_DENM'
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_GENMSG_05_02() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var Certificate v_atCertificate; // Test control // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Load IUT certificate IUT_CERT_B f_readCertificate("IUT_CERT_B.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_B // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05(mw_geographicRegion_circle); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_02 /** * @desc Check that the secured GN Beacon contains exactly one HeaderField generation_location * which is inside the rectangular region containing in the validity restriction * of the certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_C) {
             *     containing validity_restrictions ['region'] {
             *       containing region{
             *         containing region_type
             *           indicating 'rectangle'
             *         containing rectangular_region
             *           indicating REGION
             *       }
             *     }
             *   }
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a DENM
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *       not containing header_field ['its_aid']
             *         indicating 'AID_CAM'
             *       not containing header_field ['its_aid']
             *         indicating 'AID_DENM'
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_GENMSG_05_03() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var Certificate v_atCertificate; // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Load IUT certificate IUT_CERT_C f_readCertificate("IUT_CERT_C.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_C // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05(mw_geographicRegion_rectangular); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_03 /** * @desc Check that the secured GN Message contains exactly one HeaderField generation_location * which is inside the polygonal region containing in the validity restriction * of the certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_D) {
             *     containing validity_restrictions ['region'] {
             *       containing region{
             *         containing region_type
             *           indicating 'polygon'
             *         containing polygonal_region
             *           indicating REGION
             *       }
             *     }
             *   }
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *       not containing header_field ['its_aid']
             *         indicating 'AID_CAM'
             *       not containing header_field ['its_aid']
             *         indicating 'AID_DENM'
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_GENMSG_05_04() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var Certificate v_atCertificate; // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Load IUT certificate IUT_CERT_D f_readCertificate("IUT_CERT_D.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_D // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05(mw_geographicRegion_polygonal); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_04 /** * @desc Check that the secured GN Message contains exactly one HeaderField generation_location * which is inside the identified region containing in the validity restriction * of the certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT has been authorized with the AT certificate (CERT_AT_E) {
             *     containing validity_restrictions ['region'] {
             *       containing region{
             *         containing region_type
             *           indicating 'id_region'
             *         containing identified_region
             *           indicating REGION
             *       }
             *     }
             *   }
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing exactly one header_fields ['generation_location']
             *         containing generation_location
             *           indicating value inside the REGION
             *       not containing header_field ['its_aid']
             *         indicating 'AID_CAM'
             *       not containing header_field ['its_aid']
             *         indicating 'AID_DENM'
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_GENMSG_05_05() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var Certificate v_atCertificate; // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Load IUT certificate IUT_CERT_E f_readCertificate("IUT_CERT_E.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_E // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05(mw_geographicRegion_identified); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_05 /** * @desc Check that the secured GN Message contains exactly one HeaderField generation_location * which is inside the region containing in the validity restriction * of the certificate pointed by the signer_info field *
             * Pics Selection: none
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send a Beacon
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing header_fields['signed_info'].certificate {
             *         containing validity_restrictions ['region']
             *         {
             *           containing region.region_type
             *             indicating 'circle'
             *           containing region.circular_region
             *             indicating REGION
             *         } or {
             *           containing region.region_type
             *             indicating 'rectangle'
             *           containing region.rectangular_region
             *             containing array of rectangles
             *               indicating REGION
             *         } or {
             *           containing region.region_type
             *             indicating 'polygonal'
             *           containing region.polygonal_region
             *             indicating REGION
             *         } or {      
             *           containing region.region_type
             *             indicating 'id_region'
             *           containing region.circular_region
             *             indicating REGION
             *         }
             *       }
             *       containing exactly one header_fields['generation_location']
             *         containing generation_location
             *           indicating location inside the REGION
             *       not containing header_field ['its_aid']
             *         indicating 'AID_CAM'
             *       not containing header_field ['its_aid']
             *         indicating 'AID_DENM'
             *     }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_SND_GENMSG_05_06() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var Certificate v_atCertificate; // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Load IUT certificate IUT_CERT_B f_readCertificate("IUT_CERT_B.AT_CERT", v_atCertificate); // TODO: Push Certificate IUT_CERT_B // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05(); // any type of regions // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_06 group f_TC_SEC_ITSS_SND_GENMSG_05_xx { function f_TC_SEC_ITSS_SND_GENMSG_05( in template (present) GeographicRegion p_region := ? ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingInd v_geoNwInd; tc_ac.start; alt { // GN message must contain generation location and the certificate with region restrictions [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field(e_generation_location), mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, superset( mw_validity_restriction_region( p_region ))))))))) -> value v_geoNwInd { var ValidityRestriction v_vr; var HeaderField v_hf; tc_ac.stop; // Check that generation location is inside the circular region of the certificate if ( f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf) and f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr) ) { if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) { log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } else { log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // GN message doesn't contain generation location [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others ))) -> value v_geoNwInd { var HeaderField v_hf; tc_ac.stop; // Check that generation location is not present f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf); if (not isbound(v_hf)) { log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // GN signing certificate doesn't contains region restriction [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, { } // GN signing certificate doesn't contains region restriction )))))) { tc_ac.stop; log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement } // End of function f_TC_SEC_ITSS_SND_GENMSG_05 } // End of group f_TC_SEC_ITSS_SND_GENMSG_05_xx /** * @desc Check that the secured message contains exactly one payload of type signed *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *     the IUT being in the 'authorized' state
             * }
             * Expected results:
             * ensure that {
             *     when {
             *         the IUT is requested to send a Beacon
             *     } then {
             *         the IUT sends a SecuredMessage {
             *            not containing header_field ['its_aid']
             *              indicating 'AID_CAM'
             *            not containing header_field ['its_aid']
             *              indicating 'AID_DENM'
             *            containing payload_fields
             *              containing exactly one element of type Payload {
             *                containing type
             *                  indicating 'signed'
             *                containing not-empty data
             *              }
             *         }
             *     }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_06_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others, mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": FAIL: Beacon multiple payloads"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( ? //omit // FIXME Not possible due to SecuredMessage typing ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": FAIL: Beacon payload is ommited"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( ?, mw_payload( e_signed ) ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": PASS: Beacon payload is 'signed'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( ?, mw_payload ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": FAIL: Beacon payload is not 'signed'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( ?, mw_payload( e_signed, ? length(0) // TODO ''O ????? ) ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": FAIL: Beacon payload data is empty"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected Message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_06_01 /** * @desc Check that the secured GN Message contains only one TrailerField of type signature. * Check that the signature contained in the SecuredMessage is calculated * over the right fields by cryptographically verifying the signature. *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send Beacon
             *   } then {
             *     the IUT sends a SecuredMessage {
             *       containing header_fields ['signer_info'] {
             *         containing signer {
             *           containing type
             *             indicating 'certificate'
             *           containing certificate
             *             containing subject_info.subject_type
             *               indicating 'authorization_ticket' (2)
             *             and containing subject_attributes['verification key'] (KEY)
             *         }
             *       }
             *       not containing header_field ['its_aid']
             *         indicating 'AID_CAM'
             *       not containing header_field ['its_aid']
             *         indicating 'AID_DENM'
             *       containing trailer_fields {
             *         containing single instance of type TrailerField {
             *           containing type
             *             indicating 'signature'
             *           containing signature
             *             verifiable using KEY        }
             *       }
             *     }
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_07_01() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": INFO: Beacon message with certificate received ***"); f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) { log("*** " & testcasename() & ": FAIL: Beacon received with invalide signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others ))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: Beacon message without certificate received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected GN Message not received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: GN Message received with correct signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_10_01 } // End of group secOtherProfile } // End of group g_SecuredMessages group g_receiverBehavior { group g_recvCamProfile { /** * @desc Check that IUT accepts a well-formed Secured CAM containing certificate in signer_info *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage
             *              containing protocol_version 
             *                  indicating value '2'
             *              and containing header_fields[0]
             *                  containing type 
             *                      indicating 'signer_info'
             *                  and containing signer {
             *                      containing type
             *                          indicating 'certificate'
             *                      and containing certificate (CERT_AT_A) {
             *                          containing subject_info.subject_type
             *                              indicating 'authorization_ticket' (2)
             *                          and containing subject_attributes['verification key'] (KEY)
             *                      }
             *                  }
             *              and containing header_fields [1] {
             *                  containing type
             *                      indicating 'generation_time'
             *                  containing generation_time
             *                      indicating CURRENT_TIME
             *              }
             *              and containing header_fields[2] {
             *                  containing type
             *                      indicating 'its_aid'
             *                  containing its_aid
             *                      indicating 'AID_CAM'
             *              }
             *              and not containing any other header fields
             *              and containing payload_field {
             *                  containing type
             *                      indicating 'signed'
             *                  containing data
             *                      indicating length > 0
             *                      containing CAM payload
             *              }
             *              and containing trailer_fields {
             *                  containing single instance of type TrailerField {
             *                      containing type
             *                          indicating 'signature'
             *                      containing signature
             *                          verifiable using KEY
             *                  }
             *              }
             *      } then {
             *          the IUT accepts the message
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_01_01_NB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCertA, omit, e_certificate); f_sleep(PX_TAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_01_01_NB /** * @desc Check that IUT accepts a well-formed Secured CAM containing certificate digest of the known certificate in signer_info *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *      the IUT already sent a Secured message containing certificate (CERT_AT_A)
             *          containing subject_info.subject_type
             *              indicating 'authorization_ticket' (2)
             *          and containing subject_attributes['verification key'] (KEY)
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage
             *              containing protocol_version 
             *                  indicating value '2'
             *              and containing header_fields[0]
             *                  containing type 
             *                      indicating 'signer_info'
             *                  and containing signer {
             *                      containing type
             *                          indicating 'certificate_digest_with_sha256'
             *                      and containing digest
             *                          referencing to certificate (CERT_AT_A)
             *                  }
             *              and containing header_fields [1] {
             *                  containing type
             *                      indicating 'generation_time'
             *                  containing generation_time
             *                      indicating CURRENT_TIME
             *              }
             *              and containing header_fields[2] {
             *                  containing type
             *                      indicating 'its_aid'
             *                  containing its_aid
             *                      indicating 'AID_CAM'
             *              }
             *              and not containing any other header fields
             *              and containing payload_field {
             *                  containing type
             *                      indicating 'signed'
             *                  containing data
             *                      indicating length > 0
             *                      containing CAM payload
             *              }
             *              and containing trailer_fields {
             *                  containing single instance of type TrailerField {
             *                      containing type
             *                          indicating 'signature'
             *                      containing signature
             *                          verifiable using KEY
             *                  }
             *              }
             *      } then {
             *          the IUT accepts the message
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_01_02_NB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCertA, omit, e_certificate_digest_with_sha256); f_sleep(PX_TAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_01_02_NB /** * @desc Check that IUT accepts a well-formed Secured CAM containing certificate chain in signer_info *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage
             *              containing protocol_version 
             *                  indicating value '2'
             *              and containing header_fields[0]
             *                  containing type 
             *                      indicating 'signer_info'
             *                  and containing signer {
             *                      containing type
             *                          indicating 'certificate_chain'
             *                      and containing certificates
             *                          containing certificate (CERT_AA_A) at index 0 {
             *                              containing subject_info.subject_type
             *                                  indicating 'authorization_authority'
             *                              and containing subject_attributes['verification key'] (KEY_AA)
             *                          }
             *                          and containing certificate (CERT_AT_A) at index 1 {
             *                              containing subject_info.subject_type
             *                                  indicating 'authorization_ticket'
             *                              and containing signer_info {
             *                                  containing type
             *                                      indicating 'certificate_digest_with_sha256'
             *                                  containing digest
             *                                      referencing to the CERT_AA_A
             *                              }
             *                              and containing signature
             *                                  verifiable using KEY_AA
             *                              and containing subject_attributes['verification key'] (KEY)
             *                          }
             *                  }
             *              and containing header_fields [1] {
             *                  containing type
             *                      indicating 'generation_time'
             *                  containing generation_time
             *                      indicating CURRENT_TIME
             *              }
             *              and containing header_fields[2] {
             *                  containing type
             *                      indicating 'its_aid'
             *                  containing its_aid
             *                      indicating 'AID_CAM'
             *              }
             *              and not containing any other header fields
             *              and containing payload_field {
             *                  containing type
             *                      indicating 'signed'
             *                  containing data
             *                      indicating length > 0
             *                      containing CAM payload
             *              }
             *              and containing trailer_fields {
             *                  containing single instance of type TrailerField {
             *                      containing type
             *                          indicating 'signature'
             *                      containing signature
             *                          verifiable using KEY
             *                  }
             *              }
             *      } then {
             *          the IUT accepts the message
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_01_03_NB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCertA, omit, e_certificate_chain); f_sleep(PX_TAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_01_03_NB /** * @desc Check that IUT discards a Secured CAM containing protocol version set to a value less then 2 *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage (CAM)
             *              containing protocol_version 
             *                  indicating 1
             *              containing header_fields['its_aid']
             *                  indicating 'AID_CAM'
             *      } then {
             *          the IUT discards a SecuredMessage
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_02_01a_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam(cc_taCertA); v_securedGnPdu.gnPacket.securedMsg.protocol_version := 1; f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_02_01a_EB /** * @desc Check that IUT discards a Secured CAM containing protocol version set to a value greater then 2 *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage (CAM)
             *              containing protocol_version 
             *                  indicating 3
             *              containing header_fields['its_aid']
             *                  indicating 'AID_CAM'
             *      } then {
             *          the IUT discards a SecuredMessage
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_02_01b_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam(cc_taCertA); v_securedGnPdu.gnPacket.securedMsg.protocol_version := 3; f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_02_01b_EB /** * @desc Check that IUT discards a secured CAM if the header_fields contains more than one element of header field type: signer_info *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (CAM) 
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'signer_info'
             *          and containing header_fields[2].type
             *              indicating 'generation_time'
             *          and containing header_fields[3] {
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_01a_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_signer_info( m_signerInfo_certificate( vc_aaCertificate )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_01a_EB /** * @desc Check that IUT discards a secured CAM if the header_fields does not contain the header field type: signer_info *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (CAM) 
             *          containing header_fields[0].type
             *              indicating 'generation_time'
             *          and containing header_fields[1] {
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_01b_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_01b_EB /** * @desc Check that IUT is able to receive a secured CAM if the signer_info header field is not encoded first *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
             *  when {  
             *      TODO
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_01c_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM, m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_01c_EB /** * @desc Check that IUT discards a secured CAM if the header_fields doesn't contain the element of header field of type: generation_time *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (CAM)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1] {
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *       }
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_02a_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_02a_EB /** * @desc Check that IUT discards a secured CAM if the header_fields contain more than one element of header field of type: its_aid *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (CAM)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *          and and containing header_fields[2] {
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *          and and containing header_fields[3] {
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_DENM'
             *       }
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_03a_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM, m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_03a_EB /** * @desc Check that IUT ignores the HeaderFields generation_time_standard_deviation of received Secured CAM *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (CAM)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *                  indicating TIME_1 inside the validity period of the signer certificate
             *          and containing header_fields[2].type
             *              indicating 'generation_time_with_standard_deviation'
             *                  indicating TIME_2 inside the validity period of the signer certificate
             *          and and containing header_fields[3] {
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *       }
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_05a_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_time_with_standard_deviation( m_time64WithStandardDeviation( 1000, // In us 0 )), m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_05a_EB /** * @desc Check that IUT ignores the HeaderFields generation_time_standard_deviation of received Secured CAM *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
             *  when {  
             *      the IUT is receiving a SecuredMessage (CAM)
             *          containing header_fields[0].type
             *              indicating 'signer_info'
             *          and containing header_fields[1].type
             *              indicating 'generation_time'
             *                  indicating TIME_1 outside the validity period of the signer certificate
             *          and containing header_fields[2].type
             *              indicating 'generation_time_with_standard_deviation'
             *                  indicating TIME_2 inside the validity period of the signer certificate
             *          and and containing header_fields[3] {
             *              containing type
             *                  indicating 'its_aid'
             *              containing its_aid
             *                  indicating 'AID_CAM'
             *       }
             *       and not containing other header fields
             *  } then { 
             *      the IUT discards the message 
             *  } 
             * } 
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_05b_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_time_with_standard_deviation( m_time64WithStandardDeviation( 1000 * f_getCurrentTime(), // In us 0 )), m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_05b_EB /** * @desc Check that IUT discards secured CAM when its_aid value is not equal to 16512 *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with { 
             *  the IUT being in the 'authorized' state 
             * } 
             * ensure that { 
             *     when {  
             *         the IUT is receiving a SecuredMessage (CAM) 
             *             containing header_fields['its_aid'] 
             *                 indicating AID_DENM 
             *             and containing payload_field { 
             *                 containing type 
             *                     indicating 'signed' 
             *                 containing data 
             *                     containing CAM payload 
             *             } 
             *     } then { 
             *         the IUT discards the message 
             *     } 
             * } 
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_07_01_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, { m_header_field_its_aid_DENM } ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_07_01a_EB /** * @desc Check that IUT discards the Secured CAM containing empty payload of type 'signed'. *
            * Pics Selection: none
            * Config Id: CF01
            * Initial conditions:
            *   with {
            *       the IUT being in the 'authorized' state
            *   }
            *   ensure that {
            *       when {
            *           the IUT is receiving a SecuredMessage {
            *              and containing header_fields['its_aid']
            *                  indicating 'AID_CAM'
            *               and containing payload_field {
            *                   containing type
            *                       indicating 'signed'
            *                   containing data
            *                       indicating length 0
            *               }
            *           }
            *       } then {
            *           the IUT discards the message
            *       }
            *   }
            * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_02_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload.rawPayload := ''O; v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_signed( v_gnPayload ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_02_EB /** * @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'unsecured' *
            * Pics Selection: none
            * Config Id: CF01
            * Initial conditions:
            *   with {
            *       the IUT being in the 'authorized' state
            *   }
            *   ensure that {
            *       when {
            *           the IUT is receiving a SecuredMessage {
            *              and containing header_fields['its_aid']
            *                  indicating 'AID_CAM'
            *               and containing payload_field {
            *                   containing type
            *                       indicating 'unsecured'
            *               }
            *           }
            *       } then {
            *           the IUT discards the message
            *       }
            *   }
            * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_03_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof(f_adaptPayload_m( bit2oct( encvalue( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition ) ) ) )); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_unsecured( v_gnPayload ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_03_EB /** * @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'encrypted' *
            * Pics Selection: none
            * Config Id: CF01
            * Initial conditions:
            *   with {
            *       the IUT being in the 'authorized' state
            *   }
            *   ensure that {
            *       when {
            *           the IUT is receiving a SecuredMessage {
            *              and containing header_fields['its_aid']
            *                  indicating 'AID_CAM'
            *               and containing payload_field {
            *                   containing type
            *                       indicating 'encrypted'
            *               }
            *           }
            *       } then {
            *           the IUT discards the message
            *       }
            *   }
            * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_04_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof(f_adaptPayload_m( bit2oct( encvalue( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition ) ) ) )); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_encrypted( v_gnPayload ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_04_EB /** * @desc Check that IUT discards the Secured CAM containing exactly one non-empty payload of type 'signed_external' *
            * Pics Selection: none
            * Config Id: CF01
            * Initial conditions:
            *   with {
            *       the IUT being in the 'authorized' state
            *   }
            *   ensure that {
            *       when {
            *           the IUT is receiving a SecuredMessage {
            *              and containing header_fields['its_aid']
            *                  indicating 'AID_CAM'
            *               and containing payload_field {
            *                   containing type
            *                       indicating 'signed_external'
            *               }
            *           }
            *       } then {
            *           the IUT discards the message
            *       }
            *   }
            * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_05_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof(f_adaptPayload_m( bit2oct( encvalue( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition ) ) ) )); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_signed_external ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_05_EB /** * @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'signed_and_encrypted' *
            * Pics Selection: none
            * Config Id: CF01
            * Initial conditions:
            *   with {
            *       the IUT being in the 'authorized' state
            *   }
            *   ensure that {
            *       when {
            *           the IUT is receiving a SecuredMessage {
            *              and containing header_fields['its_aid']
            *                  indicating 'AID_CAM'
            *               and containing payload_field {
            *                   containing type
            *                       indicating 'signed_and_encrypted'
            *               }
            *           }
            *       } then {
            *           the IUT discards the message
            *       }
            *   }
            * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_06_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof(f_adaptPayload_m( bit2oct( encvalue( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition ) ) ) )); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_signed_and_encrypted( v_gnPayload ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_06_EB /** * @desc Check that IUT discards the Secured CAM doesn't containing the TrailerField of type 'signature' *
            * Pics Selection: none
            * Config Id: CF01
            * Initial conditions:
            *    with {
            *        the IUT being in the 'authorized' state
            *    }
            *    ensure that {
            *        when {
            *            the IUT is receiving a SecuredMessage {
            *              and containing header_fields['its_aid']
            *                  indicating 'AID_CAM'
            *                and containing trailer_fields
            *                    not containing any instance of type TrailerField {
            *                        containing type
            *                            indicating 'signature'
            *                    }
            *            }
            *        } then {
            *            the IUT discards the message
            *        }
            *    }
            * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_10_01_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam(cc_taCertA); v_securedGnPdu.gnPacket.securedMsg.trailer_fields := {}; f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for(i:=0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i:=i+1) { // empty on purpose } if(i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_10_01_EB /** * @desc Check that IUT discards the Secured CAM containing more then one instance of TrailerField of type 'signature' *
            * Pics Selection: none
            * Config Id: CF01
            * Initial conditions:
            *   with {
            *       the IUT being in the 'authorized' state
            *   }
            *   ensure that {
            *       when {
            *           the IUT is receiving a SecuredMessage {
            *              and containing header_fields['its_aid']
            *                  indicating 'AID_CAM'
            *              and containing trailer_fields[0].type
            *                           indicating 'signature'
            *              and containing trailer_fields[1].type
            *                  indicating 'signature'
            *                   }
            *       } then {
            *           the IUT discards the message
            *       }
            *   }
            * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_10_02_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam(cc_taCertA); v_securedGnPdu.gnPacket.securedMsg.trailer_fields[1] := v_securedGnPdu.gnPacket.securedMsg.trailer_fields[0]; f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for(i:=0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i:=i+1) { // empty on purpose } if(i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_10_02_EB /** * @desc Check that the IUT discards Secured message containing signature that is not verified using the * verification key from the certificate contained in the message's signer info *
            * Pics Selection: none
            * Config Id: CF01
            * Initial conditions:
            *   with {
            *       the IUT being in the 'authorized' state
            *   }
            *   ensure that {
            *       when {
            *           the IUT is receiving a SecuredMessage {
            *               containing header_fields ['signer_info'] {
            *                   containing signer {
            *                       containing type
            *                           indicating 'certificate'
            *                       containing certificate
            *                           containing subject_info.subject_type
            *                               indicating 'authorization_ticket' (2)
            *                           and containing subject_attributes['verification key'] (KEY)
            *                   }
            *               }
            *               containing header_fields['its_aid']
            *                   indicating 'AID_CAM'
            *               containing trailer_fields {
            *                   containing single instance of type TrailerField {
            *                       containing type
            *                           indicating 'signature'
            *                       containing signature
            *                           NOT verifiable using KEY
            *                   }
            *               }
            *           }
            *       } then {
            *           the IUT discards the message
            *       }
            *   }
            * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_11_01_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, omit, e_certificate ); v_securedGnPdu.gnPacket.securedMsg.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s := not4b(v_securedGnPdu.gnPacket.securedMsg.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for(i:=0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i:=i+1) { // empty on purpose } if(i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_11_01_EB /** * @desc Check that the IUT discards Secured message containing signature that is not verified using the * verification key from the certificate, referenced by the digest contained in the message's signer info *
            * Pics Selection: none
            * Config Id: CF01
            * Initial conditions:
            *   with {
            *       the IUT being in the 'authorized' state
            *   }
            *   ensure that {
            *       when {
            *           the IUT is receiving a SecuredMessage {
            *               containing header_fields ['signer_info'] {
            *                   containing signer {
            *                       containing type
            *                           indicating 'certificate_digest_with_sha256'
            *                       containing digest
            *                           referencing to the certificate
            *                               containing subject_info.subject_type
            *                                   indicating 'authorization_ticket' (2)
            *                               and containing subject_attributes['verification key'] (KEY)
            *                   }
            *               }
            *               containing header_fields['its_aid']
            *                   indicating 'AID_CAM'
            *               containing trailer_fields {
            *                   containing single instance of type TrailerField {
            *                       containing type
            *                           indicating 'signature'
            *                       containing signature
            *                           NOT verifiable using KEY
            *                   }
            *               }
            *           }
            *       } then {
            *           the IUT discards the message
            *       }
            *   }
            * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_11_02_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, omit, e_certificate_digest_with_sha256 ); v_securedGnPdu.gnPacket.securedMsg.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s := not4b(v_securedGnPdu.gnPacket.securedMsg.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for(i:=0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i:=i+1) { // empty on purpose } if(i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_11_02_EB /** * @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type "enrolment_credential" *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * Expected behaviour:
             * ensure that {
             *   when {
             *      the IUT is receiving a SecuredMessage (CAM)
             *          containing header_field 'signer_info'
             *              containing signer_info.type
             *                  indicating 'certificate'
             *              containing signer.certificate.subject_info.subject_type
             *                  indicating 'enrolment_credentials'
             *          and containing header_field 'its_aid'
             *              indicating 'AID_CAM'
             *       }
             *       and not containing other header fields
             *   } then { 
             *      the IUT discards the message 
             *   }
             * } 
             * 
* * @see ETSI TS 103 097 V1.1.14, clause 6.3 * @reference EN 302 636-4-1 [1], clauses 9.3.2 , 8.6.2 and Annex G */ testcase TC_SEC_ITSS_RCV_CAM_12_01_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertF, { m_header_field_signer_info( m_signerInfo_certificate( vc_atCertificate )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_12_01_EB /** * @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type "authorization_authority" *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * Expected behaviour:
             * ensure that {
             *   when {
             *      the IUT is receiving a SecuredMessage (CAM)
             *          containing header_field 'signer_info'
             *              containing signer_info.type
             *                  indicating 'certificate'
             *              containing signer.certificate.subject_info.subject_type
             *                  indicating 'authorization_authority'
             *          and containing header_field 'its_aid'
             *              indicating 'AID_CAM'
             *       }
             *       and not containing other header fields
             *   } then { 
             *      the IUT discards the message 
             *   }
             * } 
             * 
* * @see ETSI TS 103 097 V1.1.14, clause 6.3 * @reference EN 302 636-4-1 [1], clauses 9.3.2 , 8.6.2 and Annex G */ testcase TC_SEC_ITSS_RCV_CAM_12_02_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCertA, { m_header_field_signer_info( m_signerInfo_certificate( vc_aaCertificate )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_12_02_EB } // End of group g_recvCamProfile group g_recvDenmProfile { /** * @desc Check that IUT accepts a well-formed Secured DENM signed with the certificate without region validity restriction *
             * Pics Selection: none
             * Config Id: CF01
             * Expected behavior:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is receiving a SecuredMessage
             *          containing header_fields[0]
             *              containing type 
             *                  indicating 'signer_info'
             *              and containing signer {
             *                  containing type
             *                      indicating 'certificate'
             *                  and containing certificate (CERT_AT_A) {
             *                      containing subject_info.subject_type
             *                          indicating 'authorization_ticket' (2)
             *                      and containing subject_attributes['verification key'] (KEY)
             *             and not containing validity_restrictions['region']
             *                  }
             *              }
             *       and containing header_fields [1]
             *         containing type 
             *           indicating 'generation_time'
             *              containing generation_time
             *                  indicating CURRENT_TIME
             *       and containing header_fields [2]
             *         containing type 
             *           indicating 'generation_location'
             *              containing generation_location
             *       and containing header_fields[3]
             *         containing type 
             *           indicating 'its_aid'
             *         containing its_aid
             *              indicating 'AID_DENM'
             *          and containing payload_field {
             *              containing type
             *                  indicating 'signed'
             *              containing data
             *                  indicating length > 0
             *                  containing DENM payload
             *          }
             *          and containing trailer_fields {
             *              containing single instance of type TrailerField {
             *                  containing type
             *                      indicating 'signature'
             *                  containing signature
             *                      verifiable using KEY
             *              }
             *          }
             *   } then {
             *     the IUT accepts the message
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_01a_NB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertA, omit, e_certificate); f_sleep(PX_TAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_01a_NB /** * @desc Check that IUT accepts a well-formed Secured DENM signe with the certificate with a circular region validity restriction *
             * Pics Selection: none
             * Config Id: CF01
             * Expected behavior:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is receiving a SecuredMessage
             *       and containing header_fields[0]
             *              containing type 
             *                  indicating 'signer_info'
             *              and containing signer {
             *                  containing type
             *                      indicating 'certificate'
             *                  and containing certificate (CERT_AT_B) {
             *                      containing subject_info.subject_type
             *                          indicating 'authorization_ticket' (2)
             *                      and containing subject_attributes['verification key'] (KEY)
             *                      and containing validity_restrictions['region'] {
             *                          containing region{
             *                              containing region_type
             *                                  indicating 'circle'
             *                              and containing circular_region
             *                                  indicating REGION
             *                          }
             *                      }
             *                  }
             *       and containing header_fields [1]
             *         containing type 
             *           indicating 'generation_time'
             *              containing generation_time
             *                  indicating CURRENT_TIME
             *       and containing header_fields [2]
             *         containing type 
             *           indicating 'generation_location'
             *              containing generation_location
             *                  indicating position inside the REGION
             *       and containing header_fields[3]
             *         containing type 
             *           indicating 'its_aid'
             *         containing its_aid
             *              indicating 'AID_DENM'
             *       and not containing any other header_fields
             *       and containing payload_fields {
             *              containing type
             *                  indicating 'signed'
             *              containing data
             *                  indicating length > 0
             *                  containing DENM payload
             *          }
             *          and containing trailer_fields {
             *              containing single instance of type TrailerField {
             *                  containing type
             *                      indicating 'signature'
             *                  containing signature
             *                      verifiable using KEY
             *              }
             *          }
             *   } then {
             *     the IUT accepts the message
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_01b_NB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertB, omit, e_certificate); f_sleep(PX_TAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_01b_NB /** * @desc Check that IUT accepts a well-formed Secured DENM signe with the certificate with a rectangular region validity restriction *
             * Pics Selection: none
             * Config Id: CF01
             * Expected Behavior:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is receiving a SecuredMessage
             *       containing protocol_version 
             *         indicating value '2'
             *       and containing header_fields[0]
             *              containing type 
             *                  indicating 'signer_info'
             *              and containing signer {
             *                  containing type
             *                      indicating 'certificate'
             *                  and containing certificate (CERT_AT_C) {
             *                      containing subject_info.subject_type
             *                          indicating 'authorization_ticket' (2)
             *                      and containing subject_attributes['verification key'] (KEY)
             *                      and containing validity_restrictions['region'] {
             *                          containing region{
             *                              containing region_type
             *                                  indicating 'rectangle'
             *                              and containing rectangular_regions
             *                                  indicating REGIONS
             *                          }
             *                      }
             *                  }
             *       and containing header_fields [1]
             *         containing type 
             *           indicating 'generation_time'
             *              containing generation_time
             *                  indicating CURRENT_TIME
             *       and containing header_fields [2]
             *         containing type 
             *           indicating 'generation_location'
             *              containing generation_location
             *           indicating position inside the REGION
             *       and containing header_fields[3]
             *         containing type 
             *           indicating 'its_aid'
             *         containing its_aid
             *              indicating 'AID_DENM'
             *       and not containing any other header_fields
             *          and containing payload_field {
             *              containing type
             *                  indicating 'signed'
             *              containing data
             *                  indicating length > 0
             *                  containing DENM payload
             *          }
             *          and containing trailer_fields {
             *              containing single instance of type TrailerField {
             *                  containing type
             *                      indicating 'signature'
             *                  containing signature
             *                      verifiable using KEY
             *              }
             *          }
             *   } then {
             *     the IUT accepts the message
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_01c_NB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertC, omit, e_certificate); f_sleep(PX_TAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_01c_NB /** * @desc Check that IUT accepts a well-formed Secured DENM signe with the certificate with a polygonal region validity restriction *
             * Pics Selection: none
             * Config Id: CF01
             * Expected Behavior:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is receiving a SecuredMessage
             *       containing protocol_version 
             *         indicating value '2'
             *       and containing header_fields[0]
             *              containing type 
             *                  indicating 'signer_info'
             *              and containing signer {
             *                  containing type
             *                      indicating 'certificate'
             *                  and containing certificate (CERT_AT_D) {
             *                      containing subject_info.subject_type
             *                          indicating 'authorization_ticket' (2)
             *                      and containing subject_attributes['verification key'] (KEY)
             *                      and containing validity_restrictions['region'] {
             *                          containing region{
             *                              containing region_type
             *                                  indicating 'polygon'
             *                              and containing polygonal_region
             *                   indicating REGION
             *                          }
             *                      }
             *                  }
             *       and containing header_fields [1]
             *         containing type 
             *           indicating 'generation_time'
             *              containing generation_time
             *                  indicating CURRENT_TIME
             *       and containing header_fields [2]
             *         containing type 
             *           indicating 'generation_location'
             *              containing generation_location
             *           indicating position inside the REGION
             *       and containing header_fields[3]
             *         containing type 
             *           indicating 'its_aid'
             *         containing its_aid
             *              indicating 'AID_DENM'
             *       and not containing any other header_fields
             *          and containing payload_field {
             *              containing type
             *                  indicating 'signed'
             *              containing data
             *                  indicating length > 0
             *                  containing DENM payload
             *          }
             *          and containing trailer_fields {
             *              containing single instance of type TrailerField {
             *                  containing type
             *                      indicating 'signature'
             *                  containing signature
             *                      verifiable using KEY
             *              }
             *          }
             *   } then {
             *     the IUT accepts the message
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_01d_NB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertD, omit, e_certificate); f_sleep(PX_TAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_01d_NB /** * @desc Check that IUT accepts a well-formed Secured DENM signe with the certificate with a identified region validity restriction *
             * Pics Selection: none
             * Config Id: CF01
             * Expected Behavior:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is receiving a SecuredMessage
             *       containing protocol_version 
             *         indicating value '2'
             *       and containing header_fields[0]
             *              containing type 
             *                  indicating 'signer_info'
             *              and containing signer {
             *                  containing type
             *                      indicating 'certificate'
             *           and containing certificate (CERT_AT_E) {
             *                      containing subject_info.subject_type
             *                          indicating 'authorization_ticket' (2)
             *                      and containing subject_attributes['verification key'] (KEY)
             *                      and containing validity_restrictions['region'] {
             *                          containing region{
             *                              containing region_type
             *                                  indicating 'id_region'
             *                              and containing identified_region
             *                                  indicating REGION
             *                          }
             *                      }
             *                  }
             *       and containing header_fields [1]
             *         containing type 
             *           indicating 'generation_time'
             *              containing generation_time
             *                  indicating CURRENT_TIME
             *       and containing header_fields [2]
             *         containing type 
             *           indicating 'generation_location'
             *              containing generation_location
             *                  indicating position inside the REGION
             *       and containing header_fields[3]
             *         containing type 
             *           indicating 'its_aid'
             *         containing its_aid
             *              indicating 'AID_DENM'
             *       and not containing any other header_fields
             *          and containing payload_field {
             *              containing type
             *                  indicating 'signed'
             *              containing data
             *                  indicating length > 0
             *                  containing DENM payload
             *          }
             *          and containing trailer_fields {
             *              containing single instance of type TrailerField {
             *                  containing type
             *                      indicating 'signature'
             *                  containing signature
             *                      verifiable using KEY
             *              }
             *          }
             *   } then {
             *     the IUT accepts the message
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_01e_NB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertD, omit, e_certificate); f_sleep(PX_TAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_01e_NB /** * @desc Check that IUT discards a Secured DENM containing protocol version set to a value less then 2 *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage (DENM)
             *              containing protocol_version 
             *                  indicating 1
             *              containing header_fields['its_aid']
             *                  indicating 'AID_DENM'
             *      } then {
             *          the IUT discards a SecuredMessage
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_02_01a_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm(cc_taCertA); v_securedGnPdu.gnPacket.securedMsg.protocol_version := 1; f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_02_01a_EB /** * @desc Check that IUT discards a Secured DENM containing protocol version set to a value greater then 2 *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage (DENM)
             *              containing protocol_version 
             *                  indicating 3
             *              containing header_fields['its_aid']
             *                  indicating 'AID_DENM'
             *      } then {
             *          the IUT discards a SecuredMessage
             *      }
             *  }
             * 
* * @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_02_01b_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm(cc_taCertA); v_securedGnPdu.gnPacket.securedMsg.protocol_version := 1; f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_02_01b_EB /** * @desc Check that IUT discards secured DENM when its_aid value is not equal to 16513 *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             *  with {
             *      the IUT being in the 'authorized' state
             *  }
             *  ensure that {
             *      when { 
             *          the IUT is receiving a SecuredMessage
             *              containing header_fields['its_aid']
             *                  indicating 'AID_CAM'
             *              and containing payload_field {
             *                  containing type    
             *                    indicating 'signed'    
             *                  containing data    
             *                    containing DENM payload    
             *              }    
             *      } then {
             *          the IUT discards the DENM
             *      }
             *  }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.1 */ testcase TC_SEC_ITSS_RCV_DENM_07_01a_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCertA, { m_header_field_its_aid_CAM } ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_securedGnPdu.gnPacket.packet.payload.rawPayload); i := i + 1) { // empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_07_01a_EB /** * @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the circular validity region of the signing certificate *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT is receiving a SecuredMessage {
             *          containing header_fields['signer_info'].type
             *              indicating 'certificate'
             *          and containing  header_fields ['signer_info'].certificate (CERT_AT_B)
             *              containing validity_restrictions['region'] {
             *                  containing region{
             *                      containing region_type
             *                          indicating 'circle'
             *                      and containing circular_region
             *                          indicating REGION
             *                  }
             *              }
             *          and containing header_fields ['generation_location']
             *              containing generation_location
             *                  indicating position outside the REGION
             *          and containing header_fields['its_aid']
             *              indicating 'AID_DENM'
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_01a_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertB, omit, e_certificate); f_sleep(PX_TNOAC); if (lengthof(vc_utInds) == 0) { log("*** " & testcasename() & ": PASS: DENM was dropped by the IUT ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_01a_EB /** * @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the rectangilar validity region of the signing certificate *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT is receiving a SecuredMessage {
             *          containing header_fields['signer_info'].type
             *              indicating 'certificate'
             *          and containing  header_fields ['signer_info'].certificate (CERT_AT_C)
             *              containing validity_restrictions['region'] {
             *                  containing region{
             *                      containing region_type
             *                          indicating 'rectangle'
             *                      and containing rectangular_regions
             *                          indicating REGION
             *                  }
             *              }
             *          and containing header_fields ['generation_location']
             *              containing generation_location
             *                  indicating position outside the REGION
             *          and containing header_fields['its_aid']
             *              indicating 'AID_DENM'
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_01b_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertC, omit, e_certificate); f_sleep(PX_TNOAC); if (lengthof(vc_utInds) == 0) { log("*** " & testcasename() & ": PASS: DENM was dropped by the IUT ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_01b_EB /** * @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the polygonal validity region of the signing certificate *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT is receiving a SecuredMessage {
             *          containing header_fields['signer_info'].type
             *              indicating 'certificate'
             *          and containing  header_fields ['signer_info'].certificate (CERT_AT_D)
             *              containing validity_restrictions['region'] {
             *                  containing region{
             *                      containing region_type
             *                          indicating 'polygon'
             *                      and containing polygonal_region
             *                          indicating REGION
             *                  }
             *              }
             *          and containing header_fields ['generation_location']
             *              containing generation_location
             *                  indicating position outside the REGION
             *          and containing header_fields['its_aid']
             *              indicating 'AID_DENM'
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_01c_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertD, omit, e_certificate); f_sleep(PX_TNOAC); if (lengthof(vc_utInds) == 0) { log("*** " & testcasename() & ": PASS: DENM was dropped by the IUT ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_01c_EB /** * @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the identified validity region of the signing certificate *
             * Pics Selection: none
             * Config Id: CF01
             * Initial conditions:
             * with {
             *   the IUT being in the 'authorized' state
             * }
             * ensure that {
             *   when {
             *     the IUT is requested to send DENM
             *   } then {
             *     the IUT is receiving a SecuredMessage {
             *          containing header_fields['signer_info'].type
             *              indicating 'certificate'
             *          and containing  header_fields ['signer_info'].certificate (CERT_AT_E)
             *              containing validity_restrictions['region'] {
             *                  containing region{
             *                      containing region_type
             *                          indicating 'id_region'
             *                      and containing identified_region
             *                          indicating REGION
             *                  }
             *              }
             *          and containing header_fields ['generation_location']
             *              containing generation_location
             *                  indicating position outside the REGION
             *          and containing header_fields['its_aid']
             *              indicating 'AID_DENM'
             *   }
             * }
             * 
* @see * @reference ETSI TS 103 097 V1.1.14, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_01d_EB() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertE, omit, e_certificate); f_sleep(PX_TNOAC); if (lengthof(vc_utInds) == 0) { log("*** " & testcasename() & ": PASS: DENM was dropped by the IUT ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_01d_EB } // End of group g_recvDenmProfile } // End of group g_receiverbehavior group g_Certificates { /** * @desc Check that AT certificate has version 2 *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate in the next CAM
         * }
         * Expected Behaviour:
         * ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating certificate
         *         containing certificate {
         *           containing version
         *             indicating '2'
         *         }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clause 6.1 */ testcase TC_SEC_SND_CERT_01_01() runs on ItsGeoNetworking system ItsSecSystem { // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_certificate( ))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT Certificate version set to " & int2char(c_certificate_version) & " ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( ? )))))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: AT Certificate version mismatch ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_01_01 /** * @desc Check that AA certificate has version 2 *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         * with {
         *   the IUT being in the 'authorized' state
         *      the IUT being requested to include certificate chain in the next CAM
         * }
         * Expected Behaviour:
         * ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating certificate_chain
         *         containing certificates.length >1
         *         containing certificates[last-1] {
         *           containing version
         *             indicating '2'
         *         }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clause 6.1 */ testcase TC_SEC_SND_CERT_01_02() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var SecuredMessage v_recv; var Certificate v_cert; var SignerInfo v_si; var HashedId8 v_digest; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Wait for the message with the certificate to retrieve the AA digest. // Ask for the chain, containing AT and AA certificate // Check AA Certificate log("*** " & testcasename() & ": INFO: Wait for certificate and ask for certificate chain ***"); tc_ac.start; f_askForCertificateChain(f_generateDefaultCam()); tc_ac.stop; // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain( superset( mw_aa_certificate ))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AA certificate version set to " & int2char(c_certificate_version) & " ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain ))))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: AA certificate version mismatch or no AA cert received***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_01_02 /** * @desc Check that the certificate chain is valid: Check signer_info *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate chain in the next CAM
         * } ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating certificate_chain
         *         containing certificates[N] {
         *           containing signer_info {
         *             containing type
         *               indicating 'certificate_digest_with_sha256'
         *             containing digest
         *               referenced to the certificates[N-1]
         *           }
         *         }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clause 6.1 */ testcase TC_SEC_SND_CERT_02_01() runs on ItsGeoNetworking system ItsSecSystem { // TODO: This TC is fully covered by TC_SEC_SND_CERT_09_02 // Local declarations var CertificateChain v_chain; var SignerInfo v_si; var HashedId8 v_digest; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; // Test Body for (var integer v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1) { if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) { log("*** " & testcasename() & ": FAIL: Certificate " & int2str(v_counter) & " doesn't contain signer info ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (not match (v_si.type_, e_certificate_digest_with_sha256)) { log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]); if (not match (v_si.signerInfo.digest, v_digest)) { log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement log("*** " & testcasename() & ": PASS: Certificate chain is well signed ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_02_01 /** * @desc Check that the length of the vector of rectangles is less then 6. * Check that region is continuous and does not contain any holes. * Check that the rectangles are valid *
         * Pics Selection: PIC_UseRectangularRegion
         * Config Id: CF01
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate in the next CAM
         * } ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating 'certificate'
         *         containing certificate {
         *           containing no validity restriction or validity_restrictions['region']{
         *             containing region_type
         *               indicating 'rectangle'
         *             containing rectangular_region {
         *               indicating length <= 6
         *               containing elements of type RectangularRegion
         *                 indicating continuous region without holes
         *                 containing northwest and southeast
         *                   indicating northwest is on the north from southeast
         *             }
         *           }
         *         }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clauses 4.2.21, 4.2.24 */ testcase TC_SEC_SND_CERT_04_01() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var Certificate v_cert; var ValidityRestriction v_vr; var integer v_counter; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test body tc_ac.start; f_waitForCertificate(v_cert); tc_ac.stop; if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { if (v_vr.validity.region.region_type == e_rectangle) { var RectangularRegions v_rects := v_vr.validity.region.region.rectangular_region; if (lengthof(v_rects) > 6) { log("*** " & testcasename() & ": FAIL: Rectangular regions count is more then 6 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (v_counter := 0; v_counter 1) { if (true != f_isContinuousRectangularRegions(v_rects)) { log("*** " & testcasename() & ": FAIL: Rectangular regions are not connected all together ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } else { log("*** " & testcasename() & ": INCONC: Certificate has other region type ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc } log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_04_01 /** * @desc Check that the rectangular region of the subordinate certificate is well formed * and inside the validity restrictions of the issuing certificate. *
         * Pics Selection: PIC_UseRectangularRegion
         * Config Id: CF01
         * with {
         *     the IUT being in the 'authorized' state
         *     the IUT being requested to include certificate chain in the next CAM
         * } ensure that {
         *   when {
         *        the IUT is requested to send a CAM
         *      } then {
         *        the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *          containing type
         *            indicating 'certificate_chain'
         *         containing certificates
         *           indicating CERTIFICATES {
         *                containing CERTIFICATES[N] {
         *               containing validity_restrictions['region'] {
         *                 containing region_type
         *                   indicating 'rectangle'
         *                 containing rectangular_region {
         *                   indicating length <= 6
         *                   and containing elements of type RectangularRegion
         *                     containing northwest and southeast
         *                       indicating northwest  on the north from southeast
         *                   and indicating continuous region without holes
         *                     which is inside the CERTIFICATES[N-1].validity_restrictions['region'] if region validity restriction is containted in certificate CERTIFICATES[N-1]
         *                    }
         *                  }
         *             }
         *           }
         *       }
         *       }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clauses 4.2.21, 4.2.24 */ testcase TC_SEC_SND_CERT_04_02() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var CertificateChain v_chain; var ValidityRestriction v_vr, v_vri; // current and issuing cert validity restrictions var boolean f_vr, f_vri; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; // Test Body f_vr := false; for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) { v_vri := v_vr; f_vri := f_vr; f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr); if (f_vr) { var RectangularRegions v_rects; if (v_vr.validity.region.region_type != e_rectangle) { log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not rectangular ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_rects := v_vr.validity.region.region.rectangular_region; if (lengthof(v_rects) > 6) { log("*** " & testcasename() & ": FAIL: Rectangular regions count is more then 6 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (var integer j:=0; j * Pics Selection: PIC_UsePolygonalRegion * Config Id: CF01 * with { * the IUT being in the 'authorized' state * the IUT being requested to include certificate in the next CAM * } ensure that { * when { * the IUT is requested to send a CAM * } then { * the IUT sends a SecuredMessage * containing header_fields['signer_info'].signer { * containing type * indicating 'certificate' * containing certificate { * containing validity_restrictions['region']{ * containing region_type * indicating 'polygon' * containing polygonal_region { * indicating length >=3 and <=12 * indicating continuous region without holes and intersections * } * } * } * } * } * } * * @reference ETSI TS 103 097 V1.1.14, clauses 4.2.25 */ testcase TC_SEC_SND_CERT_05_01() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_cert; var ValidityRestriction v_vr; var integer v_counter; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test body tc_ac.start; f_waitForCertificate(v_cert); tc_ac.stop; if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { if (v_vr.validity.region.region_type == e_polygon) { var PolygonalRegion v_pr := v_vr.validity.region.region.polygonal_region; var integer v_length := lengthof(v_pr); if (v_length < 3) { log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_length > 12) { log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (true != f_isValidPolygonalRegion(v_pr)) { log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": INCONC: Certificate has other region type ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc } } else { log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_05_01 /** * @desc Check Polygonal Region: * Must contain at least 3 and no more then 12 points. * Intersections and holes are not permited. * The region must be inside the issuing certificate restrictions. *
         * Pics Selection: PIC_UsePolygonalRegion
         * Config Id: CF01
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate chain in the next CAM
         * } ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating 'certificate_chain'
         *         containing certificates
         *           indicating CERTIFICATES {
         *             containing CERTIFICATES[N] {
         *               containing validity_restrictions['region'] {
         *                 containing region_type
         *                   indicating 'polygon'
         *                 containing polygonal_region {
         *                   indicating length >=3 and <=12
         *                   indicating continuous region without holes and intersections
         *                     which is inside the CERTIFICATES[N-1].validity_restrictions['region'].polygonal_region 
         *                       if region validity restriction is containted in certificate CERTIFICATES[N-1]
         *                 }
         *               }
         *             }
         *           }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clauses 4.2.25 */ testcase TC_SEC_SND_CERT_05_02() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var CertificateChain v_chain; var ValidityRestriction v_vr, v_vri; // current and issuing cert validity restrictions var boolean f_vr, f_vri; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; f_vr := false; for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) { v_vri := v_vr; f_vri := f_vr; f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr); if (f_vr) { var PolygonalRegion v_pr; var integer v_length; if (v_vr.validity.region.region_type != e_polygon) { log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not polygonal ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_pr := v_vr.validity.region.region.polygonal_region; v_length := lengthof(v_pr); if (v_length < 3) { log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small in cert " & int2str(v_counter) & " ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_length > 12) { log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big in cert " & int2str(v_counter) & "***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (true != f_isValidPolygonalRegion(v_pr)) { log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) in cert " & int2str(v_counter) & " ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (f_vri) { // current restrictions must be inside of the parent one if (true != f_isPolygonalRegionInside(v_vri.validity.region.region.polygonal_region, v_pr)) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction region in cert " & int2str(v_counter) & " is not inside the issuing one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } else { // Region validity restriction is not exist if (f_vri) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction region must be set in the certificate " & int2str(v_counter) & "because this restriction exists in the issuing certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } // End of 'for' statement log("*** " & testcasename() & ": PASS: All certificates has a valid polygonal region restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_05_02 /** * @desc Check Identified Region: * Must contain value that correspond to numeric country codes as defined in ISO 3166-1 *
         * Pics Selection: PIC_UseIdentifiedRegion, PIC_UseISO31661RegionDictionary
         * Config Id: CF01
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate in the next CAM
         * } ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating 'certificate'
         *         containing certificate {
         *           containing validity_restrictions['region']{
         *             containing region_type
         *               indicating 'id'
         *             containing id_region {
         *               containing region_dictionary
         *                 indicating 'iso_3166_1' (0)
         *               containing region_identifier
         *                 indicating valid value according to 'iso_3166_1'
         *               containing local_region
         *             }
         *           }
         *         }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clauses 4.2.27 */ testcase TC_SEC_SND_CERT_06_01() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_cert; var ValidityRestriction v_vr; var integer v_counter; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test body tc_ac.start; f_waitForCertificate(v_cert); tc_ac.stop; if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { if (v_vr.validity.region.region_type == e_id) { if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) { log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_06_01 /** * @desc Check Identified Region: * Must contain value that correspond to numeric country codes as defined in ISO 3166-1 * Subordinate certificate restrictions must be a subset of the issuing certificate restrictions *
         * Pics Selection: PIC_UseIdentifiedRegion, PIC_UseISO31661RegionDictionary
         * Config Id: CF01
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate chain in the next CAM
         * } ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating 'certificate_chain'
         *         containing certificates
         *           indicating CERTIFICATES {
         *             containing CERTIFICATES[0] {
         *               containing validity_restrictions['region'] {
         *                 containing region_type
         *                   indicating 'id'
         *                 containing id_region {
         *                   containing region_dictionary
         *                     indicating 'iso_3166_1' (0)
         *                   containing region_identifier
         *                     indicating valid value according to 'iso_3166_1'
         *                   containing local_region
         * 
         *                 }
         *             }
         *             containing CERTIFICATES[n] (1..N) {
         *               containing no validity restriction of type region or validity_restrictions['region'] {
         *                 containing region_type
         *                   indicating 'id'
         *                 containing id_region 
         *                   containing region_dictionary
         *                     indicating 'iso_3166_1' (0)
         *                   containing region_identifier
         *                     indicating CERTIFICATES[n-1].validity_restrictions['region'].id_region.region_identifier
         *                   containing local_region
         *                     indicating CERTIFICATES[n-1].validity_restrictions['region'].id_region.local_region
         *                       or any value if CERTIFICATES[n-1].validity_restrictions['region'].id_region.local_region == 0
         *                 }
         *               }
         *             }
         *           }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clauses 4.2.27 */ testcase TC_SEC_SND_CERT_06_02() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var ValidityRestriction v_vr, v_vri; // current and issuing cert validity restrictions var boolean f_vr, f_vri; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; f_vr := false; for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) { v_vri := v_vr; f_vri := f_vr; f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr); if (f_vr) { if (v_vr.validity.region.region_type == e_id) { if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) { log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } if (f_vri) { // the region code must be the same if (v_vr.validity.region.region.id_region.region_identifier != v_vri.validity.region.region.id_region.region_identifier) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( v_vri.validity.region.region.id_region.local_region != 0 and v_vri.validity.region.region.id_region.local_region != v_vr.validity.region.region.id_region.local_region ) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction local identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } else { // Region validity restriction is not exist if (f_vri) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region must be set in the certificate " & int2str(v_counter) & "because this restriction exists in the issuing certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_06_02 /** * @desc Check Identified Region: * Must contain value that correspond to numeric country codes as defined by United Nations Statistics Division *
         * Pics Selection: PIC_UseIdentifiedRegion, PIC_UseUnStatsRegionDictionary
         * Config Id: CF01
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate in the next CAM
         * } ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating 'certificate'
         *         containing certificate {
         *           containing validity_restrictions['region']{
         *             containing region_type
         *               indicating 'id'
         *             containing id_region {
         *               containing region_dictionary
         *                 indicating 'un_stats' (0)
         *               containing region_dictionary
         *                 indicating 'un_stats' (0)
         *               indicating length >=3 and <=12
         *               indicating continuous region without holes and intersections
         *             }
         *           }
         *         }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clauses 4.2.27 */ testcase TC_SEC_SND_CERT_06_03() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_cert; var ValidityRestriction v_vr; var integer v_counter; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test body tc_ac.start; f_waitForCertificate(v_cert); tc_ac.stop; if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { if (v_vr.validity.region.region_type == e_id) { if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) { log("*** " & testcasename() & ": FAIL: Identified region is not the UN Stats Region Code ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } log("*** " & testcasename() & ": PASS: Certificate has a valid identified region restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_06_03 /** * @desc Check Identified Region: * Must contain value that correspond to numeric country codes as defined by United Nations Statistics Division * Subordinate certificate restrictions must be a subset of the issuing certificate restrictions *
         * Pics Selection: PIC_UseIdentifiedRegion, PIC_UseUnStatsRegionDictionary
         * Config Id: CF01
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate chain in the next CAM
         * } ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating 'certificate_chain'
         *         containing certificates
         *           indicating CERTIFICATES {
         *             containing CERTIFICATES[0] {
         *               containing validity_restrictions['region'] {
         *                 containing region_type
         *                   indicating 'id'
         *                 containing id_region {
         *                   containing region_dictionary
         *                     indicating 'un_stats' (1)
         *                   containing region_identifier
         *                     indicating valid value according to UnStats document
         *                   containing local_region
         * 
         *                 }
         *             }
         *             containing CERTIFICATES[n] (1..N) {
         *               containing no validity restriction of type region or validity_restrictions['region'] {
         *                 containing region_type
         *                   indicating 'id'
         *                 containing id_region 
         *                   containing region_dictionary
         *                     indicating 'un_stats' (1)
         *                   containing region_identifier
         *                     indicating CERTIFICATES[n-1].validity_restrictions['region'].id_region.region_identifier
         *                   containing local_region
         *                     indicating CERTIFICATES[n-1].validity_restrictions['region'].id_region.local_region
         *                       or any value if CERTIFICATES[n-1].validity_restrictions['region'].id_region.local_region == 0
         *                 }
         *               }
         *             }
         *           }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clauses 4.2.27 */ testcase TC_SEC_SND_CERT_06_04() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var ValidityRestriction v_vr, v_vri; // current and issuing cert validity restrictions var boolean f_vr, f_vri; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; f_vr := false; for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) { v_vri := v_vr; f_vri := f_vr; f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr); if (f_vr) { if (v_vr.validity.region.region_type == e_id) { if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) { log("*** " & testcasename() & ": FAIL: Identified region is not the UN Stats Region Code ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } if (f_vri) { // the region code must be the same if (v_vr.validity.region.region.id_region.region_identifier != v_vri.validity.region.region.id_region.region_identifier) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( v_vri.validity.region.region.id_region.local_region != 0 and v_vri.validity.region.region.id_region.local_region != v_vr.validity.region.region.id_region.local_region and not f_isIdentifiedRegionInside(v_vri.validity.region.region.id_region.local_region, v_vr.validity.region.region.id_region.local_region) ) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction local identified region in cert " & int2str(v_counter) & " is not the subregion of the issuing one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } else { // Region validity restriction is not exist if (f_vri) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region must be set in the certificate " & int2str(v_counter) & "because this restriction exists in the issuing certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_06_04 /** * @desc Check that the certificate signature contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         * with {
         *   the IUT being in the 'authorized' state
         *      the IUT being requested to include certificate in the next CAM
         * }
         * Expected Behaviour:
         * ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating certificate
         *         containing certificate {
         *             containing signature.ecdsa_signature
         *                 containing R.type
         *                     indicating compressed_lsb_y_0
         *                     or indicating compressed_lsb_y_1 
         *                     or indicating x_coordinate_only
         *         }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clause 6.1 */ testcase TC_SEC_SND_CERT_07_01() runs on ItsGeoNetworking system ItsSecSystem { // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate( ?, ?, ?, mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_y0_coordinate_only ))))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_0 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate( ?, ?, ?, mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_y1_coordinate_only ))))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_1 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate( ?, ?, ?, mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_x_coordinate_only ))))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to x_coordinate_only received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate )))))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: AT certificate signature mismatch ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_07_01 /** * @desc Check the certificate signature *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate in the next CAM
         * } ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating 'certificate'
         *         containing certificate {
         *           containing signer_info[0] {
         *             containing type
         *               indicating 'certificate_digest_with_sha256'
         *             containing digest
         *               referenced to the certificate CERT
         *           }
         *           containing signature
         *             verifiable using CERT.subject_attributes['verification_key'].key
         *         }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.4 */ testcase TC_SEC_SND_CERT_09_01() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var GeoNetworkingInd v_geoNwInd; var Certificate v_at_cert; var Certificate v_aa_cert; var HashedId8 v_aa_digest; var SignerInfo v_si; var integer v_counter; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Wait for the message with the certificate to get the AA cert digest. // Ask for the chain, containing AT and AA certificate // Check that the AT cert in the first message is signed with the AA cert log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; f_waitForCertificate(v_at_cert); tc_ac.stop; if (true != f_getCertificateSignerInfo(v_at_cert, v_si)) { log("*** " & testcasename() & ": FAIL: AT Certificate signer info is unknown ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } if (not match (v_si.type_, e_certificate_digest_with_sha256)) { log("*** " & testcasename() & ": FAIL: AT Certificate is not signed well ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_digest := v_si.signerInfo.digest; // Send a certificate request to the IUT f_sendCertificateRequest(v_aa_digest, f_generateDefaultCam()); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain ))))) -> value v_geoNwInd { var SecuredMessage v_secMsg; var integer v_chainLength; tc_ac.stop; // Check certificate chain if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) { v_chainLength := lengthof(v_si.signerInfo.certificates); if (v_chainLength < 2 ) { log("*** " & testcasename() & ": FAIL: Certificate chain doesn't contain the AA cert ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // get aa cert v_aa_cert := v_si.signerInfo.certificates[v_chainLength-2]; if (not match (v_aa_digest, f_calculateDigestFromCertificate(v_aa_cert))) { log("*** " & testcasename() & ": FAIL: AT certificate was not signed with the given AA cert ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that at cert is signed with aa cert if (false == f_verifyCertificateSignatureWithIssuingCertificate(v_at_cert, v_aa_cert)) { log("*** " & testcasename() & ": FAIL: AT certificate signature error ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AT certificate was well signed with AA certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: The message signer info is unknown ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_09_01 /** * @desc Check the signatures of the certificates in the chain *
         * Pics Selection: none
         * Config Id: CF01
         * Initial conditions:
         * with {
         *   the IUT being in the 'authorized' state
         *   the IUT being requested to include certificate chain in the next CAM
         * } ensure that {
         *    when {
         *     the IUT is requested to send a CAM
         *   } then {
         *     the IUT sends a SecuredMessage
         *       containing header_fields['signer_info'].signer {
         *         containing type
         *           indicating 'certificate_chain'
         *         containing certificates
         *           indicating CERTIFICATES {
         *             containing CERTIFICATES[N] {
         *               containing signer_info[0] {
         *                 containing type
         *                   indicating 'certificate_digest_with_sha256'
         *                 containing digest
         *                   referenced to the certificate CERTIFICATES[N-1]
         *               }
         *               containing signature
         *                 verifiable using CERTIFICATES[N-1].subject_attributes['verification_key'].key
         *             }
         *         }
         *       }
         *   }
         * }
         * 
* @reference ETSI TS 103 097 V1.1.14, clause 7.4 */ testcase TC_SEC_SND_CERT_09_02() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var GeoNetworkingInd v_geoNwInd; var Certificate v_cert; var CertificateChain v_chain; var SignerInfo v_si; var HashedId8 v_digest; var integer v_counter; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Wait for the message with the certificate to get the AA cert digest. // Ask for the chain, containing AT and AA certificate // Check that the AT cert in the first message is signed with the AA cert log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate and ask for a certificate chain ***"); tc_ac.start; f_askForCertificateChain(f_generateDefaultCam()); tc_ac.stop; // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain ))))) -> value v_geoNwInd { var SecuredMessage v_secMsg; var integer v_chainLength; tc_ac.stop; // Check certificate chain if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) { v_chain := v_si.signerInfo.certificates; for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) { if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) { log("*** " & testcasename() & ": FAIL: Certificate "&int2str(v_counter) & " doesn't have a signer info ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (not match (v_si.type_, e_certificate_digest_with_sha256)) { log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that cert is signed by issuing cert v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]); if (not match (v_si.signerInfo.digest, v_digest)) { log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that the signature is valid if (false == f_verifyCertificateSignatureWithIssuingCertificate(v_chain[v_counter], v_chain[v_counter - 1])) { log("*** " & testcasename() & ": FAIL: AT certificate signature error ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement log("*** " & testcasename() & ": PASS: All certificates in the chain signed by it's issuing certs ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: The message signer info is unknown ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_09_02 group g_AA_Certificates { /** * @desc Check that the subject_type of the AA certificate is set to authorization_authority *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_authority' (2)
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 7.4.3 */ testcase TC_SEC_SND_CERT_AA_01_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } if (not match(v_chain[lengthof(v_chain) - 2], mw_aa_certificate)) { log("*** " & testcasename() & ": FAIL: AA certificate not found in the chain[last-1] ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AA certificate was found in the chain ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AA_01_01 /** * @desc Check that the subject_name variable-length vector shall have a maximum length of 32 bytes. *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_info.subject_name
             *             indicating length <= 32 bytes
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 7.4.3 */ testcase TC_SEC_SND_CERT_AA_02_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } // Verified automatically on decoding if (lengthof(v_chain[lengthof(v_chain) - 2].subject_info.subject_name) > 32 ) { log("*** " & testcasename() & ": FAIL: Subject name of the AA certificate is too long ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Subject name of the AA certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AA_02_01 /** * @desc Check that signer info of the AA certificate is a digest *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing signer_info {
             *             containing type
             *               indicating 'certificate_digest_with_sha256'
             *             containing digest
             *           }
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 7.4.3 */ testcase TC_SEC_SND_CERT_AA_04_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; if (not match(v_aa_cert, mw_aa_certificate(mw_signerInfo_digest))) { log("*** " & testcasename() & ": FAIL: AA certificate not signed by digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AA certificate is signed by digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AA_04_01 /** * @desc Check that all neccesary subject attributes are present and arranged in accesing order *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_attributes [0..N] {
             *             indicating subject_attributes[n].type < subject_attributes[n+ 1].type
             *             containing subject_attributes['verification_key']
             *             containing subject_attributes['assurance_level']
             *             containing subject_attributes['its_aid_list']
             *           }
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 6.1, 7.4, 7.4.3 */ testcase TC_SEC_SND_CERT_AA_05_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var SubjectAttributes v_attrs; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } if (not match(v_chain[lengthof(v_chain) - 2], mw_aa_certificate(?, superset(mw_subject_attribute_verification_key, mw_subject_attribute_assurance_level, mw_subject_attribute_its_aid_list))) ) { log("*** " & testcasename() & ": FAIL: Required subject attribute of AA certificate is not found ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_attrs := v_chain[lengthof(v_chain) - 2].subject_attributes; for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) { if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) { log("*** " & testcasename() & ": FAIL: AA certificate subject attributes are not arranged in accening order ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } log("*** " & testcasename() & ": PASS: All required AA certificate subject attributes are presents ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AA_05_01 /** * @desc Check that time_start_and_end is included in the AA certificate validation restrictions * Check that end_validity is later then start_validity *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing validity_restrictions [0..N] {
             *             not containing validity_restrictions['time_end']
             *             and not containing validity_restrictions['time_start_and_duration']
             *             and containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_AA_VALIDITY
             *               containing end_validity
             *                 indicating END_AA_VALIDITY >=START_AA_VALIDITY
             *           }
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 6.7, 7.4, 7.4.3 */ testcase TC_SEC_SND_CERT_AA_06_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert; var ValidityRestriction v_vr; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; if (match (v_aa_cert.validity_restrictions, (superset(mw_validity_restriction_time_end, mw_validity_restriction_time_start_and_duration))) ) { log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) { log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) { log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AA_06_01 /** * @desc Check that all AIDs containing in the in the its_aid_list in AA certificate are unique * Check that AID list contains not more then 31 items *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_attributes['its_aid_list']
             *             containing its_aid_list[0..N]
             *               containing no more then 31 unique item
             *           }
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 6.9, 7.4.3 */ testcase TC_SEC_SND_CERT_AA_08_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert; var SubjectAttribute v_sa; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; if (f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) { if (lengthof(v_sa.attribute.its_aid_list) > 31) { log("*** " & testcasename() & ": FAIL: ITS-AID list contains " & int2str(lengthof(v_sa.attribute.its_aid_list)) & " items (>31) ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (var integer v_counter :=0; v_counter < lengthof(v_sa.attribute.its_aid_list); v_counter := v_counter + 1) { for (var integer j :=0; j < lengthof(v_sa.attribute.its_aid_list); j := j + 1) { if (v_counter != j and v_sa.attribute.its_aid_list[v_counter] == v_sa.attribute.its_aid_list[j]) { log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_sa.attribute.its_aid_list[j]) & " is duplicated in AA certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } // End of 'for' statement } else { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AA_08_01 } // End of group g_AA_Certificates group g_AT_Certificates { /** * @desc Check that the subject_type of the AT certificate is set to 'authorization_ticket' *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating 'certificate'
             *         containing certificate {
             *           containing subject_info.subject_type
             *             indicating 'authorization_ticket' (1)
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 7.4.1 */ testcase TC_SEC_SND_CERT_AT_01_01() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_at_cert; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (not match(v_at_cert, mw_at_certificate)) { log("*** " & testcasename() & ": FAIL: Message wasn't signed by AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AT certificate has the 'authorization_ticket' subject_type ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AT_01_01 /** * @desc Check that signer info of the AA certificate is a digest *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating 'certificate'
             *         containing certificate
             *           containing signer_info {
             *             containing type
             *               indicating 'certificate_digest_with_sha256'
             *             containing digest
             *           }
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 6.1, 7.4, 7.4.1 */ testcase TC_SEC_SND_CERT_AT_02_01() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_at_cert; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if ( not match(v_at_cert, mw_certificate(mw_signerInfo_digest)) ) { log("*** " & testcasename() & ": FAIL: AT certificate doesn't contain a digest of issuing cert ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: The signer info of AT certificate is a digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AT_02_01 /** * @desc Check that the subject_name variable-length vector is empty for AT certificates *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating 'certificate'
             *         containing certificates {
             *           containing subject_info.subject_name
             *             indicating length = 0
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 7.4.1 */ testcase TC_SEC_SND_CERT_AT_03_01() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_at_cert; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (0 != lengthof(v_at_cert.subject_info.subject_name)) { log("*** " & testcasename() & ": FAIL: Subject name of the AT certificate is not empty ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Subject name of the AT certificate is empty ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AT_03_01 /** * @desc Check that all neccesary subject attributes of AT certificate are present and arranged in accesing order *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating 'certificate'
             *         containing certificate {
             *           containing subject_attributes [0..N] {
             *             indicating subject_attributes[n].type < subject_attributes[n+ 1].type
             *             containing subject_attributes['verification_key']
             *             containing subject_attributes['assurance_level']
             *             containing subject_attributes['its_aid_ssp_list']
             *           }
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 6.1, 7.4, 7.4.1 */ testcase TC_SEC_SND_CERT_AT_04_01() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_at_cert; var SubjectAttributes v_attrs; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (not match( v_at_cert, mw_at_certificate( ?, superset( mw_subject_attribute_verification_key, mw_subject_attribute_assurance_level, mw_subject_attribute_its_aid_ssp_list )))) { log("*** " & testcasename() & ": FAIL: Required subject attribute of AT certificate is not found ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_attrs := v_at_cert.subject_attributes; for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) { if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) { log("*** " & testcasename() & ": FAIL: AT certificate subject attributes are not arranged in ascending order ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement log("*** " & testcasename() & ": PASS: All required AT certificate subject attributes are presents and arranged in ascending order ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AT_04_01 /** * @desc Check that time_start_and_end is included in the AT certificate validation restrictions * Check that time_start_and_end is inside the AA certificate time restrictions *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_authority' (2)
             *           containing validity_restrictions['time_start_and_end']
             *             containing start_validity
             *               indicating START_AA_VALIDITY
             *             containing end_validity
             *               indicating END_AA_VALIDITY
             *           }
             *         }
             *         containing certificates[last] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_ticket' (1)
             *           not containing validity_restrictions['time_end']
             *           and not containing validity_restrictions['time_start_and_duration']
             *           and containing validity_restrictions['time_start_and_end'] {
             *             containing start_validity
             *               indicating START_AT_VALIDITY (START_AT_VALIDITY >= START_AA_VALIDITY )
             *             and containing end_validity
             *               indicating END_AT_VALIDITY (END_AT_VALIDITY >= START_AT_VALIDITY <= END_AA_VALIDITY)
             *           }
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 6.7, 7.4, 7.4.1 */ testcase TC_SEC_SND_CERT_AT_05_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert, v_at_cert; var ValidityRestriction v_vr, v_aa_vr; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; v_at_cert := v_chain[lengthof(v_chain) - 1]; if (match ( v_at_cert.validity_restrictions, ( superset( mw_validity_restriction_time_end, mw_validity_restriction_time_start_and_duration ) ) )) { log("*** " & testcasename() & ": FAIL: AT certificate must not contain time_end and time_start_and_duration restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( true != f_getCertificateValidityRestriction(v_at_cert, e_time_start_and_end, v_vr)) { log("*** " & testcasename() & ": FAIL: AT certificate must contain time_start_and_end restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) { log("*** " & testcasename() & ": FAIL: start validity must not be greater then end validity in the validity restrictions of AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_aa_vr)) { log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( v_vr.validity.time_start_and_end.start_validity < v_aa_vr.validity.time_start_and_end.start_validity or v_vr.validity.time_start_and_end.end_validity > v_aa_vr.validity.time_start_and_end.end_validity ) { log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Time validity restriction of the AT certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AT_05_01 /** * @desc Check that all AIDs containing in the in the its_aid_ssp_list in AT certificate are unique and exists in the its_aid_list in the AA certificate * Check that the length of SSP of each AID is 31 octet maximum *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_authority' (2)
             *           containing subject_attributes['its_aid_list']
             *             containing its_aid_list[0..N]
             *               indicating ITS_AID_LIST_AA
             *           }
             *         }
             *         containing certificates[last] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_ticket' (1)
             *           containing subject_attributes['its_aid_ssp_list']
             *             containing its_aid_ssp_list[0..N] {
             *               containing its_aid_ssp_list[n]{
             *                 containing its_aid
             *                   indicating unique value containing in the  ITS_AID_LIST_AA
             *                 containing service_specific_permissions
             *                   indicating length <= 31 octet
             *               }
             *             }
             *           }
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 6.9, 7.4.1 */ testcase TC_SEC_SND_CERT_AT_07_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert, v_at_cert; var SubjectAttribute v_sa; var IntXs v_aid_list; var ItsAidSsps v_aid_ssp_list; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; v_at_cert := v_chain[lengthof(v_chain) - 1]; if (not f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_aid_list := v_sa.attribute.its_aid_list; if (not f_getCertificateSubjectAttribute(v_at_cert, e_its_aid_ssp_list, v_sa)) { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_aid_ssp_list := v_sa.attribute.its_aid_ssp_list; for (var integer v_counter :=0; v_counter < lengthof(v_aid_ssp_list); v_counter := v_counter + 1) { // Check unique for (var integer j :=0; j < lengthof(v_aid_ssp_list); j := j + 1) { if (v_counter != j and v_aid_ssp_list[v_counter].its_aid == v_aid_ssp_list[j].its_aid) { log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is duplicated in AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement if (not match(v_aid_ssp_list[v_counter], (all from v_aid_list))) { log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is not exist in AA certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // TODO Not possible due to typing To be removed // if (lengthof(v_aid_ssp_list[v_counter].service_specific_permissions.sspContainer) > 31) { // log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " has too long service_specific_permissions ***"); // f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); // } } // End of 'for' statement log("*** " & testcasename() & ": PASS: The ITS_AID_SSP list of the AT certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AT_07_01 /** * @desc Check that AT certificate is signed by AA cert *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a first CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] (CERT_AA) {
             *           containing subject_info.subject_type
             *             indicating 'authorization_authority' (2)
             *           and containing subject_attributes['verification key'] (KEY)
             *         }
             *         containing certificates[last] {
             *           containing subject_info.subject_type
             *             indicating 'authorization_ticket' (1)
             *           }
             *           and containing signer_info[0]{
             *             containing type
             *               indicating 'certificate_digest_with_sha256'
             *             containing digest
             *               referencing to CERT_AA
             *           }
             *           and containing signature
             *             verifiable using KEY
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 6.9, 7.4.1 */ testcase TC_SEC_SND_CERT_AT_08_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert, v_at_cert; var HashedId8 v_aa_digest; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_at_cert := v_chain[lengthof(v_chain) - 1]; v_aa_cert := v_chain[lengthof(v_chain) - 2]; v_aa_digest := f_calculateDigestFromCertificate(v_aa_cert); if (not match(v_at_cert, mw_at_certificate(mw_signerInfo_digest(v_aa_digest)))) { log("*** " & testcasename() & ": FAIL: AT certificate signer info doesn't reference the AA certificate from the chain ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (not f_verifyCertificateSignatureWithIssuingCertificate(v_at_cert, v_aa_cert)) { log("*** " & testcasename() & ": FAIL: AT certificate signature verification failed ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AT certificate was signed by the AA certificate from the given chain ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AT_08_01 /** * @desc Check that the assurance level of the subordinate certificate is equal to or lower than the assurance level of the issuing certificate *
             * Pics Selection: 
             * Config Id: CF01
             * with {
             *   the IUT being in the 'authorized' state
             *   the IUT being requested to include certificate chain in the next CAM
             * } ensure that {
             *    when {
             *     the IUT is requested to send a CAM
             *   } then {
             *     the IUT sends a SecuredMessage
             *       containing header_fields['signer_info'].signer {
             *         containing type
             *           indicating certificate_chain
             *         containing certificates[last-1] (CERT_AA) {
             *           containing subject_attributes ['assurance_level']
             *             containig assurance_level
             *               indicating indicating assurance level AL_AA
             *         }
             *         containing certificates[last] (CERT_AT) {
             *           containing subject_attributes ['assurance_level']
             *             containig assurance_level
             *               indicating indicating assurance level AL_AT (AL_AT <= AL_AA)
             *         }
             *           }
             *         }
             *       }
             *   }
             * }
             * 
* @reference ETSI TS 103 097 V1.1.14, clauses 6.9, 7.4.1 */ testcase TC_SEC_SND_CERT_AT_09_01() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert, v_at_cert; var SubjectAttribute v_sa; var SubjectAssurance v_aa_assurance_level, v_at_assurance_level; // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; v_at_cert := v_chain[lengthof(v_chain) - 1]; if (not f_getCertificateSubjectAttribute(v_aa_cert, e_assurance_level, v_sa)) { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_aa_assurance_level := v_sa.attribute.assurance_level; if (not f_getCertificateSubjectAttribute(v_at_cert, e_assurance_level, v_sa)) { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_at_assurance_level := v_sa.attribute.assurance_level; if (bit2int(v_aa_assurance_level.levels) < bit2int(v_at_assurance_level.levels)) { log("*** " & testcasename() & ": FAIL: The assurence levels mismatch ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: The assurence levels match ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_SND_CERT_AT_09_01 } // End of group g_AT_Certificates } // End of group g_Certificates } // End of module ItsSecurity_TestCase