/** * @author ETSI / STF481 / STF507 / STF517 * @version $URL$ * $Id$ * @desc Testcases file for Security Protocol * @reference ETSI TS 103 097 v1.2.1 * @copyright ETSI Copyright Notification * No part may be reproduced except as authorized by written permission. * The copyright and the foregoing restriction extend to reproduction in all media. * All rights reserved. */ module ItsSecurity_TestCases { // Libcommon import from LibCommon_Time all; import from LibCommon_VerdictControl all; import from LibCommon_Sync all; import from LibCommon_BasicTypesAndValues all; // LibIts import from DENM_PDU_Descriptions language "ASN.1:1997" all; import from ITS_Container language "ASN.1:1997" all; // LibItsCommon import from LibItsCommon_Functions all; // LibItsGeoNetworking import from LibItsGeoNetworking_TestSystem all; import from LibItsGeoNetworking_Functions all; import from LibItsGeoNetworking_Templates all; import from LibItsGeoNetworking_TypesAndValues all; import from LibItsGeoNetworking_Pics all; import from LibItsGeoNetworking_Pixits all; // LibItsBtp import from LibItsBtp_TypesAndValues all; import from LibItsBtp_Templates all; // LibItsCam import from LibItsCam_Templates all; import from LibItsCam_Functions all; import from LibItsCam_Templates all; import from LibItsCam_Functions all; import from LibItsCam_TestSystem all; // LibItsDenm import from LibItsDenm_TypesAndValues all; import from LibItsDenm_Templates all; import from LibItsDenm_TestSystem all; // LibItsSecurity import from LibItsSecurity_TypesAndValues all; import from LibItsSecurity_Templates all; import from LibItsSecurity_Functions all; import from LibItsSecurity_Pixits all; import from LibItsSecurity_Pics all; // AtsSecurity import from ItsSecurity_TestSystem all; import from ItsSecurity_Functions all; import from ItsSecurity_Templates all; import from ItsSecurity_Pics all; /** * @desc Sending behaviour test cases * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2 Sending behaviour */ group sendingBehavior { /** * @desc Check that ITS-S sends a SecuredMessage containing protocol version set to 2 *
         * Pics Selection: PICS_GN_SECURITY
         * Config Id: CF01
         * Initial conditions:
         *   with
         *     the IUT being in the 'authorized' state
         * Expected results:
         *   ensure that
         *     when
         *       the IUT is requested to send a SecuredMessage
         *     then
         *       the IUT sends a SecuredMessage
         *         containing protocol_version
         *           indicating value '2'
         * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_MSG_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 5.1 */ testcase TC_SEC_ITSS_SND_MSG_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test control if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive(mw_geoNwInd(mw_geoNwSecPdu(mdw_securedMessage_dummy))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Security protocol version set to 2 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_MSG_01_01_BV /** * @desc Check that when IUT sends the message signed with the digest, then this digest points to the AT certificate *
         * Pics Selection: PICS_GN_SECURITY
         * Config Id: CF01
         * Initial conditions:
         *   with
         *     the IUT being in the 'authorized' state
         *     and the IUT is configured to send more than one CAM per second
         *     and the IUT having sent last CAM
         *       containing header_fields['signer_info'].signer.type
         *         indicating 'certificate'
         * Expected results:
         *   ensure that
         *     when
         *       the IUT is requested to send next CAM
         *     then
         *       the IUT sends a SecuredMessage
         *         containing header_fields ['signer_info']
         *           containing signer
         *             containing type
         *               indicating 'certificate_digest_with_sha256'
         *             and containing digest
         *               referencing the certificate
         *                 containing subject_info.subject_type
         *                   indicating 'authorization_ticket'
         * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_MSG_04_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_SND_MSG_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var SecuredMessage v_recv; var Certificate v_cert; var LongPosVector v_longPosVectorIut; var ItsCam v_component; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); v_component := f_setCamFrequencyGreatherThan1Hz(); // execution will be stopped if cert is not received during tc_ac log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (v_cert.subject_info.subject_type != e_authorization_ticket) { log("*** " & testcasename() & ": FAIL: received certificate is not an AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_prDone, e_error); } f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] a_securedMessageWithDigest (v_recv) { var SignerInfo v_si; tc_ac.stop; if (f_getMsgSignerInfo(v_recv, v_si) == true) { if (v_si.signerInfo.digest == f_calculateDigestFromCertificate(v_cert)) { log("*** " & testcasename() & ": PASS: Digest corresponds to the AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: Digest corresponds to unknown certificate ***"); log("f_calculateDigestFromCertificate(v_cert)=", f_calculateDigestFromCertificate(v_cert)); log("v_si.signerInfo.digest=", v_si.signerInfo.digest); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else { log("*** " & testcasename() & ": FAIL: Received message is not signed well ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_terminateCam(v_component); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_MSG_04_01_BV /** * @desc Check that IUT uses the AT certificate to sign messages *
         * Pics Selection: PICS_GN_SECURITY
         * Config Id: CF01
         * Initial conditions:
         *   with
         *     the IUT being in the 'authorized' state
         *     the IUT being requested to include certificate in the next CAM
         * Expected results:
         *   ensure that
         *     when
         *       the IUT is requested to send a next CAM
         *     then
         *       the IUT sends a SecuredMessage
         *         containing header_fields ['signer_info']
         *           containing signer
         *             containing type
         *               indicating 'certificate'
         *             and containing certificate
         *               containing subject_info.subject_type
         *                 indicating 'authorization_ticket'
         * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_MSG_04_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_SND_MSG_04_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var SecuredMessage v_recv; var Certificate v_cert; var LongPosVector v_longPosVectorIut; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] a_securedMessageWithCertificate(v_recv) { var SignerInfo v_si; if (f_getMsgSignerInfo(v_recv, v_si)) { v_cert := v_si.signerInfo.certificate; if (v_cert.subject_info.subject_type != e_authorization_ticket ) { log("*** " & testcasename() & ": FAIL: received certificate is not an AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: message signed with AT certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: received message is not signed well ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_MSG_04_02_BV /** * @desc Check that the SecuredMessage signature contains the ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only *
         * Pics Selection: PICS_GN_SECURITY
         * Config Id: CF01
         * Initial conditions:
         *   with
         *     the IUT being in the 'authorized' state
         * Expected results:
         *   ensure that
         *     when
         *       the IUT is requested to send a CAM
         *     then
         *       the IUT sends a SecuredMessage
         *         containing header_fields ['its_aid']
         *           containing its_aid
         *             indicating 'AID_CAM'
         *         and containing trailer_fields['signature']
         *           containing signature.ecdsa_signature
         *             containing R.type
         *               indicating 'compressed_lsb_y_0'
         *               or indicating 'compressed_lsb_y_1'
         *               or indicating 'x_coordinate_only'
         * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_MSG_05_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.9 */ testcase TC_SEC_ITSS_SND_MSG_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( ?, ?, { mw_trailer_field_signature( mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_y0_coordinate_only, ? ) ) ) } ), ? ))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to compressed_lsb_y_0 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( ?, ?, { mw_trailer_field_signature( mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_y1_coordinate_only, ? ) ) ) } ), ? ))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to compressed_lsb_y_1 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( ?, ?, { mw_trailer_field_signature( mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_x_coordinate_only ) ) ) } ), ? ))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Expected CAM message containing signature with the ECC point of type set to x_coordinate_only received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { tc_ac.stop; log("*** " & testcasename() & ": Failed: Expected CAM message received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_MSG_05_01_BV /** * @desc Sending behaviour test cases for CAM profile * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.4 CAM profile */ group sendCAMProfile { /** * @desc Check that the sent Secured CAM contains a HeaderField its_aid that is set to 'AID_CAM' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields ['its_aid']
             *           containing its_aid
             *             indicating 'AID_CAM'
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 5.4 and 7.1 */ testcase TC_SEC_ITSS_SND_CAM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var integer v_previousHeaderType; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( ?, ?, mw_header_field_its_aid_CAM ) ), ? ))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": PASS: 'its_aid' is set to 'AID_CAM'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_01_01_BV /** * @desc Check that the secured CAM contains exactly one element of these header fields: signer_info, generation_time, its_aid; * Check that the header fields are in the ascending order according to the numbering of the enumeration except of the signer_info, which is encoded first; * Check that generation_time_standard_deviation, expiration, encryption_parameters, recipient_info are not used *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *         and containing header_fields [1..N]
             *           indicating header_fields [n].type < header_fields [n+1].type
             *         and containing header_fields ['generation_time']
             *         and containing header_fields['its_aid']
             *         and not containing header_fields['generation_time_standard_deviation']
             *         and not containing header_fields['expiration']
             *         and not containing header_fields['encryption_parameters']
             *         and not containing header_fields['recipient_info']
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_02_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var integer v_previousHeaderType; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_signer_info ), mw_header_field(e_generation_time), mw_header_field_its_aid_CAM ) ), mw_geoNwPduWithPayload( ?, ?, mw_secCamPayload).packet ))) -> value v_geoNwInd { tc_ac.stop; // Process header fields manually v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields); // Check that signerInfo is first header if ((lengthof(v_headersFields) < 1) or v_headersFields[0].type_ != e_signer_info) { log("*** " & testcasename() & ": FAIL: SignerInfo is not first header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) { // Check forbidden header // FIXME: 'generation_time_with_confidence' does not exist. is it e_generation_time_standard_deviation ? if (v_headersFields[v_counter].type_ == e_generation_time_standard_deviation) { log("*** " & testcasename() & ": FAIL: Forbidden header present"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_headersFields[v_counter].type_ == e_signer_info) { log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_counter > 1 ) { // Check that headers are ordered //FIXME v_previousHeaderType is not initialized before use, it will cause dynamic test case error (DTE) if (enum2int(v_headersFields[v_counter].type_) <= v_previousHeaderType) { // Check that header is duplicated if (enum2int(v_headersFields[v_counter].type_) == v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: multiple instances of same header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); }else{ log("*** " & testcasename() & ": FAIL: headers not in correct order"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } v_previousHeaderType := enum2int(v_headersFields[v_counter].type_); } // End of 'for' statement log("*** " & testcasename() & ": PASS: correct secured packet received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_02_01_BV /** * @desc Check that the secured CAM contains the signer_info field of certificate when over the time of one second no other SecuredMessage contained a signer_info of type certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT is configured to send more than one CAM per second
             *     and the IUT having sent a CAM
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate'
             *       and contains header_fields['generation_time']
             *         indicating TIME_LAST
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is sending CAM
             *         containing header_fields['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *     then
             *       this message is
             *         containing header_fields['generation_time']
             *           indicating TIME (TIME >= TIME_LAST + 1sec)
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_05_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_cntTimeLimit := 10; const float c_certificateGenerationTime := 1.0; timer t_minTransInterval := c_certificateGenerationTime * 0.8; var integer v_cntTime := 0; var GeoNetworkingInd v_geoNwInd; var ItsCam v_component; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); geoNetworkingPort.clear; v_component := f_setCamFrequencyGreatherThan1Hz(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; // Removed in C2C t_minTransInterval.start; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { if(t_minTransInterval.running){ t_minTransInterval.stop; log("*** " & testcasename() & ": FAIL: CAM with certificate has been received inside 1 sec after previous one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_cntTime := v_cntTime + 1; if (v_cntTime == c_cntTimeLimit) { // Exit message loop log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // end of alt } else { log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); t_minTransInterval.start; repeat; } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_digest )))) { log("*** " & testcasename() & ": INFO: CAM retransmission with digest ***"); repeat; } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { log("*** " & testcasename() & ": FAIL: Neither Certificate not Digest in received CAM ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] t_minTransInterval.timeout { log("*** " & testcasename() & ": INFO: One of next CAMS must have a certificate ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_terminateCam(v_component); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_05_01_BV /** * @desc Check that the secured CAM contains the signer_info field of certificate when the timeout of one second has been expired after the previous CAM containing the certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT is configured to send more than one CAM per second
             *     and the IUT having sent a CAM
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate'
             *       at TIME_LAST
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is sending a CAM
             *         containing header_fields['generation_time']
             *           indicating TIME >= TIME_LAST + 1sec
             *     then
             *       this message is
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_05_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.9 */ testcase TC_SEC_ITSS_SND_CAM_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_cntTimeLimit := 10; const float c_certificateGenerationTime := 1.0; timer t_maxTransInterval := c_certificateGenerationTime * 1.15; var integer v_cntTime := 0; var GeoNetworkingInd v_geoNwInd; var ItsCam v_component; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); geoNetworkingPort.clear; v_component := f_setCamFrequencyGreatherThan1Hz(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { t_maxTransInterval.start; tc_ac.stop; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { t_maxTransInterval.stop; v_cntTime := v_cntTime + 1; if (v_cntTime == c_cntTimeLimit) { // Exit message loop log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // end of alt } else { t_maxTransInterval.start; log("*** " & testcasename() & ": INFO: CAM retransmission with certificate ***"); repeat; } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_digest )))) { log("*** " & testcasename() & ": INFO: CAM retransmission with digest ***"); repeat; } [] t_maxTransInterval.timeout { log("*** " & testcasename() & ": FAIL: CAM with certificate was not received in 1 sec after previous one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_terminateCam(v_component); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_05_02_BV /** * @desc Check that ITS-S sends a Secured CAM containing the signer_info of type certificate when the ITS-S received a CAM from an unknown ITS-S *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT is configured to send more than one CAM per second
             *     and the IUT having already sent CAM at TIME_1
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate'
             *     and the IUT having received a SecuredMessage
             *                 at TIME_2 (TIME_1 < TIME_2 < TIME_1+1sec)
             *       and containing header_fields['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate_digest_with_sha256'
             *           and containing digest
             *             indicating HashedId3 value
             *               referencing an unknown certificate
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send CAM
             *             at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
             *     then
             *       the IUT sends a SecuredMessage
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_06_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.1 */ testcase TC_SEC_ITSS_SND_CAM_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var ItsCam v_component; timer t_maxTransInterval := 0.5; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); v_component := f_setCamFrequencyGreatherThan1Hz(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); // Send secured message from unknown ITS-S geoNetworkingPort.clear; f_sendSecuredCam(cc_taCert_F, omit, e_certificate_digest_with_sha256); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // Test Body t_maxTransInterval.start; tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; t_maxTransInterval.stop; log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { repeat; } [] t_maxTransInterval.timeout { log("*** " & testcasename() & ": FAIL: CAM was transmited w/o unrecognized request header ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_terminateCam(v_component); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_06_01_BV /** * @desc Check that IUT restarts the certificate sending timer when the certificate has been sent *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT is configured to send more than one CAM per second
             *     and the IUT having already sent CAM at TIME_1
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate'
             *     and the IUT having received a CAM
             *                 at TIME_2 (TIME_1 +0.3sec)
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate_digest_with_ecdsap256'
             *       and containing header_fields['signer_info'].signer.digest
             *         referencing an unknown certificate
             *     and the IUT having sent CAM at TIME_3 (TIME_3 > TIME_2)
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate'
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is sending the next CAM at TIME_4
             *         containing header_fields['signer_info'].signer.type
             *           indicating 'certificate'
             *     then
             *       the difference between TIME_4 and TIME_3 is about 1sec
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_07_01_TI * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_07_01_TI() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const float c_certificateGenerationTime := 1.0; timer t_maxTransInterval := c_certificateGenerationTime * 0.9; var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; var ItsCam v_component; var boolean v_firstCertReceived := false; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); v_component := f_setCamFrequencyGreatherThan1Hz(); tc_ac.start; alt { [v_firstCertReceived == false] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { log("*** " & testcasename() & ": INFO: Initial conditions: The first CAM with certificate is received ***"); v_firstCertReceived := true; f_sleep(0.3); // Send secured message with request for unrecognized certificate f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerInfo); f_sendSecuredCam( cc_taCert_F, { m_header_field_unrecognised_certificate( f_HashedId3FromHashedId8( f_calculateDigestFromCertificate( v_signerInfo.signerInfo.certificate ) ) ) }, e_certificate_digest_with_sha256 ); repeat; } [v_firstCertReceived == true] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; // start a timeout of one second to check // that the next cert will be received after this timeout t_maxTransInterval.start; log("*** " & testcasename() & ": INFO: Initial conditions: The requested CAM with certificate is received ***"); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) { tc_ac.stop; t_maxTransInterval.stop; log("*** " & testcasename() & ": FAIL: CAM certificate inclusion time wasn't restarted ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); repeat; } [] t_maxTransInterval.timeout { tc_ac.stop; log("*** " & testcasename() & ": PASS: The CAM certificate inclusion timer has been restarted ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_terminateCam(v_component); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_07_01_TI /** * @desc Check that the IUT sends the Secured CAM containing the signer_info of type certificate when it received a CAM containing a request of unrecognized certificate that matches with the currently used AT certificate ID of the IUT *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT is configured to send more than one CAM per second
             *     and the IUT having already sent CAM at TIME_1
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate'
             *     and the IUT having received a SecuredMessage
             *               at TIME_2 (TIME_1 < TIME_2 < TIME_1+1sec)
             *       containing header_fields['request_unrecognized_certificate']
             *         containing digests
             *           containing HashedId3 value
             *             referencing to the AT certificate
             *           and not containing HashedId3 value
             *             referencing to the AA certificate
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *           at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+1sec)
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate
             *               referenced by the requested digest
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_08_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const float c_certificateGenerationTime := 1.0; timer t_maxTransInterval := c_certificateGenerationTime * 0.9; var GeoNetworkingInd v_geoNwInd; var ItsCam v_component; var SignerInfo v_si; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); geoNetworkingPort.clear; v_component := f_setCamFrequencyGreatherThan1Hz(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { tc_ac.stop; t_maxTransInterval.start; f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si); log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); // Send secured message with request for unrecognized certificate f_sendSecuredCam( cc_taCert_A, { m_header_field_unrecognised_certificate( // containing digests f_HashedId3FromHashedId8( // containing HashedId3 value f_calculateDigestFromCertificate( v_si.signerInfo.certificate // referencing to the AT certificate ) ) // and not containing HashedId3 value referencing to the AA certificate ) }, e_certificate ); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate( v_si.signerInfo.certificate ) )))) { tc_ac.stop; t_maxTransInterval.stop; log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); repeat; } [] t_maxTransInterval.timeout { tc_ac.stop; log("*** " & testcasename() & ": FAIL: Requested certificate was not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_terminateCam(v_component); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_08_01_BV /** * @desc Check that the sent secured CAM contains the signer_info of type certificate_chain when the ITS-S has received a CAM containing a request of unrecognized certificate that matches with the AA certificate ID that issued its currently used AT certificate ID of the IUT *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT is configured to send more than one CAM per second
             *     and the IUT having already sent a CAM
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate'
             *       at TIME_1
             *     and the IUT having received a SecuredMessage
             *       containing header_fields['request_unrecognized_certificate']
             *         containing digests
             *           containing HashedId3 value
             *             referencing to the AA certificate
             *       at TIME_2 (TIME_1 < TIME_2 < TIME_1+1sec)
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *         at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+1sec)
             *     then
             *       the IUT sends a SecuredMessage
             *         and containing header_fields['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate_chain'
             *             and containing certificates[last]
             *               indicating the AT certificate
             *             and containing certificates[last-1]
             *               indicating the AA certificate
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_09_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const float c_certificateGenerationTime := 1.0; timer t_maxTransInterval := c_certificateGenerationTime * 0.9; var GeoNetworkingInd v_geoNwInd; var ItsCam v_component; var SignerInfo v_si; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); geoNetworkingPort.clear; v_component := f_setCamFrequencyGreatherThan1Hz(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { tc_ac.stop; t_maxTransInterval.start; f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si); f_getCertificateSignerInfo(v_si.signerInfo.certificate, v_si); log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); // Send secured message with request for unrecognized certificate f_sendSecuredCam( cc_taCert_A, { m_header_field_unrecognised_certificate( // containing digests f_HashedId3FromHashedId8( // containing HashedId3 value v_si.signerInfo.digest // referencing to the AA certificate ) ) }); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate_chain )))) -> value v_geoNwInd { var SignerInfo v_signerInfo; var CertificateChain v_certificates; var integer v_certificateChainLength; tc_ac.stop; t_maxTransInterval.stop; // Extract certificate chain f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); v_certificates := v_signerInfo.signerInfo.certificates; v_certificateChainLength := lengthof(v_certificates); if (v_certificateChainLength >= 2) { // Check length if ( // Check Content not( (v_certificates[0].subject_info.subject_type == e_authorization_authority) and // Check the certificate chain contains certificates[last] indicating the AT certificate (v_certificates[1].subject_info.subject_type == e_authorization_ticket) // Check the certificate chain contains certificates[last-1] indicating the AA certificate )) { log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successful ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } else { log("*** " & testcasename() & ": FAIL: Unexpected certificate chain content length ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***"); repeat; } [] t_maxTransInterval.timeout { tc_ac.stop; log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_terminateCam(v_component); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_09_01_BV /** * @desc Check that the IUT doesn't send a secured CAM contains the signer_info of type certificate_chain when the AA certificate was previously requested and already received from another ITS-S *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT is configured to send more than one CAM per second
             *     and the IUT having already sent a CAM
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate'
             *       at TIME_1
             *     and the IUT having received a SecuredMessage
             *       containing header_fields['request_unrecognized_certificate']
             *         containing digests
             *           containing HashedId3 value (HASH1)
             *             referencing to the AA certificate
             *       at TIME_2 (TIME_1 < TIME_2 < TIME_1+1sec)
             *     and the IUT having received a SecuredMessage
             *       containing header_fields['signer_info'].signer.type
             *         indicating 'certificate_chain'
             *           containing AA certificate
             *             having HashedId3 value of HASH1
             *       at TIME_3 (TIME_2 < TIME_3 < TIME_2+0.1sec)
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *         at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1+1sec)
             *     then
             *       the IUT sends a SecuredMessage
             *         and containing header_fields['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'digest'
             *               or indicating 'certificate'
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_09_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const float c_certificateGenerationTime := 1.0; timer t_maxTransInterval := c_certificateGenerationTime * 1.1; var GeoNetworkingInd v_geoNwInd; var ItsCam v_component; var SignerInfo v_si; var boolean f_CamReceived := false; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } if (not(PICS_PLUGTEST_VERSION)) { log("*** " & testcasename() & ": ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // init IUT with CERT_IUT_A_AT signed with CERT_TS_A_AA // Test adapter configuration // Preamble f_prNeighbour(); geoNetworkingPort.clear; v_component := f_setCamFrequencyGreatherThan1Hz(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { tc_ac.stop; t_maxTransInterval.start; f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn),v_si); f_getCertificateSignerInfo(v_si.signerInfo.certificate, v_si); log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); // Send secured message with request for unrecognized certificate f_sendSecuredCam( cc_taCert_B1 , // certificate signed with CERT_TS_B_AA { m_header_field_unrecognised_certificate( // containing digests f_HashedId3FromHashedId8( // containing HashedId3 value v_si.signerInfo.digest // referencing to the CERT_TS_A_AA certificate ) ) }); // Send secured message signed with certificate_chain f_sendSecuredCam( cc_taCert_A, // sign message with CERT_TS_A_AT signed with CERT_TS_A_AA omit, e_certificate_chain // and send both certs in the chain ); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate_chain )))) { log("*** " & testcasename() & ": FAIL: CAM retransmition with unexpected certificate_chain ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate chain ***"); f_CamReceived := true; repeat; } [f_CamReceived] t_maxTransInterval.timeout { tc_ac.stop; log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate chain was successfully skipped ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] t_maxTransInterval.timeout { tc_ac.stop; log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_terminateCam(v_component); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_09_02_BV /** * @desc Check that Secured CAM generation time is inside the validity period of the signing certificate; * Check that message generation time value is realistic *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME (CUR_TIME - 5min <= GEN_TIME <= CUR_TIME + 5min)
             *         and containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate
             *               containing validity_restrictions['time_end']
             *                 containing end_validity
             *                   indicating value > GEN_TIME
             *               or containing validity_restrictions['time_start_and_end']
             *                 containing start_validity
             *                   indicating value <= GEN_TIME
             *                 and containing end_validity
             *                   indicating value > GEN_TIME
             *               or containing validity_restrictions['time_start_and_duration']
             *                 containing start_validity (X_START_VALIDITY)
             *                   indicating value <= GEN_TIME
             *                 and containing duration
             *                   indicating value > GEN_TIME - X_START_VALIDITY
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_10_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.1 */ testcase TC_SEC_ITSS_SND_CAM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_timeThreshold := 1000 * 60; /** Time threshold in milliseconds */ var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; var Certificate v_certificate; var HeaderField v_headerField; var Time64 v_generationTime; var ValidityRestriction v_validity; var integer v_currentTime, v_lowerBound, v_upperBound; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_generation_time, mw_header_field_signer_info_certificate, mw_header_field_its_aid_CAM ))))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM transmission with certificate ***"); v_currentTime := f_getCurrentTime(); log("v_currentTime (us)=", v_currentTime * 1000); v_lowerBound := (v_currentTime - c_timeThreshold) * 1000; v_upperBound := (v_currentTime + c_timeThreshold) * 1000; // Extract generation_time f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField); v_generationTime := v_headerField.headerField.generation_time; // Extract certificate f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); v_certificate := v_signerInfo.signerInfo.certificate; // Check current time if (match(v_generationTime, (v_lowerBound .. v_upperBound))) { log("*** " & testcasename() & ": PASS: Generation time matches current time ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: Generation time does not match current time " & int2str(v_currentTime-v_lowerBound) & " / " & int2str(v_upperBound - v_currentTime) & " . ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check generation_time validity if ( (f_getCertificateValidityRestriction(v_certificate, e_time_start_and_end, v_validity) == true) and (v_generationTime >= (v_validity.validity.time_start_and_end.start_validity * 1000000) and (v_generationTime < (v_validity.validity.time_start_and_end.end_validity * 1000000))) ) { log("*** " & testcasename() & ": PASS: Generation time within certificate validity/time_start_and_end ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else if ( (f_getCertificateValidityRestriction(v_certificate, e_time_end, v_validity) == true) and (v_generationTime < (v_validity.validity.end_validity * 1000000)) ) { log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else if (f_getCertificateValidityRestriction(v_certificate, e_time_start_and_duration, v_validity) == true) { if (PICS_PLUGTEST_VERSION) { log("*** " & testcasename() & ": FAIL: Usage of time_start_and_duration is forbidden in TS103097 v1.2.5 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ((v_generationTime >= (v_validity.validity.time_start_and_duration.start_validity * 1000000)) and (v_generationTime < (f_duration2time(v_validity.validity.time_start_and_duration.duration_) * 1000000)) ) { log("*** " & testcasename() & ": PASS: Generation time within certificate validity ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } else { log("*** " & testcasename() & ": FAIL: Generation time not within certificate validity ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { log("*** " & testcasename() & ": INFO: CAM retransmission w/o certificate ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_10_01_BV /** * @desc Check that the IUT sends certificate request when it receives a message from unknown station *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT has receiving a SecuredMessage
             *       containing header_fields['signer_info'].signer
             *         containing type
             *           indicating 'certificate_digest_with_sha256'
             *         and containing digest
             *           indicating HashedId3 value DIGEST_A
             *             referencing an unknown certificate
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['request_unrecognized_certificate']
             *           containing digests
             *             containing HashedId3 value
             *               indicating DIGEST_A
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_12_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_12_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var HashedId8 v_expectedHashedId8; var HashedId3 v_expectedHashedId3; var GeoNetworkingPdu v_securedGnPduToBeSent; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Send secured message from unknown ITS-S // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_getCertificateDigest( cc_taCert_F, v_expectedHashedId8 ); v_expectedHashedId3 := f_HashedId3FromHashedId8(v_expectedHashedId8); // preamble: waiting for CAM with certificate and send a CAM with unknown digest right after that v_securedGnPduToBeSent := f_prepareSecuredCam(cc_taCert_F); geoNetworkingPort.clear; tc_ac.start; alt { [] geoNetworkingPort.receive { f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPduToBeSent)); tc_ac.stop; log("*** " & testcasename() & ": INFO: Initial conditions: First CAM message with certificate received ***"); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Initial conditions: CAM message with certificate not received ***"); f_selfOrClientSyncAndVerdictPreamble("error", e_timeout); } } // End of preamble 'alt' statement // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_request_unrecognized_certificate( { v_expectedHashedId3 } ))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: CAM received with request for unrecognized certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs ))) { log("*** " & testcasename() & ": FAIL: CAM received without request for unrecognized certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_12_01_BV /** * @desc Check that the Secured CAM contains non-empty payload of type signed *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing not-empty data
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_14_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_14_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( ?, mw_payload( e_signed ))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: CAM received with exactly 1 signed payload"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_14_01_BV /** * @desc Check that the secured CAM contains only the trailer field of type signature and no other trailer fields *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *           and not containing any other items
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_15_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_15_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_nbVerification := 3; var integer v_nbVerification := 0; var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; var Certificate v_certificate; var boolean v_certificateReceived := false; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } if (not(PICS_PLUGTEST_VERSION)) { log("*** " & testcasename() & ":ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs(?, ?, superset(mw_trailer_field_signature, mw_trailer_field ))))){ tc_ac.stop; log("*** " & testcasename() & ": FAIL: CAM received with more then one trailer fields"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs(?, ?, { mw_trailer_field_signature } )))){ tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM message with signature trailer received ***"); v_nbVerification := v_nbVerification + 1; if (v_nbVerification < c_nbVerification) { tc_ac.start; repeat; } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: All CAMs received with correct trailer fields count"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_15_01_BV /** * @desc Check that the secured CAM contains only one TrailerField of type signature; * Check that the signature contained in the SecuredMessage is calculated over the right fields by cryptographically verifying the signature *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate_digest_with_ecdsap256'
             *             and containing digest
             *               referencing the certificate
             *                 containing subject_info.subject_type
             *                   indicating 'authorization_ticket'
             *                 and containing subject_attributes['verification key'] (KEY)
             *           or containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket' (2)
             *               and containing subject_attributes['verification key'] (KEY)
             *         containing trailer_fields
             *           containing single instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CAM_16_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_SND_CAM_16_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_nbVerification := 3; var integer v_nbVerification := 0; var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; var Certificate v_certificate; var boolean v_certificateReceived := false; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": INFO: CAM message with certificate received ***"); f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); v_certificate := v_signerInfo.signerInfo.certificate; v_certificateReceived := true; if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) { log("*** " & testcasename() & ": FAIL: CAM received with invalide signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_nbVerification := v_nbVerification + 1; if (v_nbVerification < c_nbVerification) { tc_ac.start; repeat; } } [v_certificateReceived == true] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_CAMs( mw_header_field_signer_info_digest )))) -> value v_geoNwInd { tc_ac.stop; if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_certificate) == false) { log("*** " & testcasename() & ": FAIL: CAM received with invalide signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_nbVerification := v_nbVerification + 1; if (v_nbVerification < c_nbVerification) { tc_ac.start; repeat; } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected CAM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: All CAMs received with correct signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CAM_16_01_BV } // End of group sendCAMProfile /** * @desc Sending behaviour test cases for DENM profile * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.5 DENM profile */ group sendDENMProfile { /** * @desc Check that the sent Secured DENM contains a HeaderField its_aid that is set to 'AID_DENM' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields ['its_aid']
             *           containing its_aid
             *             indicating 'AID_DENM'
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.2 */ testcase TC_SEC_ITSS_SND_DENM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var ItsDenm v_denmComponent; var integer v_previousHeaderType; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( ?, ?, ?, mw_header_field_its_aid_DENM ) ), ? ))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": PASS: 'its_aid' is set to 'AID_DENM'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // DENM without mandatory fields [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_its_aid_DENM ) )))) { log("*** " & testcasename() & ": FAIL: Secured DENM doesnt contain required headers"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_01_01_BV /** * @desc Check that the secured DENM contains exactly one element of these header fields: signer_info, generation_time, generation_location, message_type; * Check that the header fields are in the ascending order according to the numbering of the enumeration except of the signer_info, which is encoded first; * Check that generation_time_with_confidence (generation_time_standard_deviation) is not used *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *         and containing header_fields [n].type
             *           indicating value less than header_fields [n+1].type
             *         and containing header_fields ['generation_time']
             *         and containing header_fields ['generation_location']
             *         and containing header_fields ['its_aid']
             *         and not containing header_fields ['generation_time_with_confidence']
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_02_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var ItsDenm v_denmComponent; var integer v_previousHeaderType; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_signer_info ), mw_header_field( e_generation_time ), mw_header_field( e_generation_location ), mw_header_field_its_aid_DENM ) ), mw_geoNwAnyPacket_withPayload( ? )))) -> value v_geoNwInd { tc_ac.stop; // Process header fields manually v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields); // Check that signerInfo is first header if (lengthof(v_headersFields) < 1 or (v_headersFields[0].type_ != e_signer_info)) { log("*** " & testcasename() & ": FAIL: SignerInfo is not first header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_previousHeaderType := enum2int(v_headersFields[0].type_); for (var integer v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) { // Check forbidden header if (v_headersFields[v_counter].type_ == e_generation_time_standard_deviation) { log("*** " & testcasename() & ": FAIL: Forbidden header present"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_headersFields[v_counter].type_ == e_signer_info) { log("*** " & testcasename() & ": FAIL: multiple instances of signer_info header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_counter > 1 ) { // Check that no header is duplicated if (enum2int(v_headersFields[v_counter].type_) == v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: multiple instances of the same header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that headers are ordered if (enum2int(v_headersFields[v_counter].type_) <= v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: headers are not in the correct order"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } v_previousHeaderType := enum2int(v_headersFields[v_counter].type_); } // End of 'for' statement log("*** " & testcasename() & ": PASS: correct secured packet received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // DENM without mandatory fields [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_its_aid_DENM ) )))) { log("*** " & testcasename() & ": FAIL: Secured DENM doesnt contain required headers"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_02_01_BV /** * @desc Check that secured DENM contains the certificate as a signer_info *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_03_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var HeaderFieldType v_previousHeaderType; var integer v_counter; var ItsDenm v_denmComponent; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); v_denmComponent := f_triggerDenmEvent(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_counter := 0; tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_signer_info_certificate ), mw_geoNwAnyPacket_withPayload( ? )))) { if (v_counter < 3) { f_cancelDenmEvent(v_denmComponent); v_counter := v_counter + 1; v_denmComponent := f_triggerDenmEvent(); repeat; } else { tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM signed with certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( )))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: DENM signed with not a certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_03_01_BV /** * @desc Check that Secured DENM generation time is inside the validity period of the signing certificate; * Check that generation time value is realistic *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_fields['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME (CUR_TIME - 10min <= GEN_TIME < CUR_TIME + 10min)
             *         containing header_fields['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate
             *               containing validity_restrictions['time_end']
             *                 and containing end_validity
             *                   indicating value > GEN_TIME
             *               or containing validity_restrictions['time_start_and_end']
             *                 containing start_validity
             *                   indicating value <= GEN_TIME
             *                 and containing end_validity
             *                   indicating value > GEN_TIME
             *               or containing validity_restrictions['time_start_and_duration']
             *                 containing start_validity (X_START_VALIDITY)
             *                   indicating value <= GEN_TIME
             *                 and containing duration
             *                   indicating value > GEN_TIME - X_START_VALIDITY
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_04_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.2 */ testcase TC_SEC_ITSS_SND_DENM_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_timeLimit := 10 * 60 * 1000000; // us var GeoNetworkingInd v_geoNwInd; var HeaderField v_headerField; var Time64 v_generationTime; var Time64 v_curTime; var Time64 v_startTime, v_endTime, v_duration; var Certificate v_cert; var ItsDenm v_denmComponent; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_time ), mw_header_field_signer_info_certificate, mw_header_field_its_aid_DENM ) ), mw_geoNwAnyPacket_withPayload( ? )))) -> value v_geoNwInd { tc_ac.stop; v_curTime := f_getCurrentTime(); v_curTime := v_curTime * 1000; // Time64 is in microseconds log("v_curTime (us)=", v_curTime); if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField)) { v_generationTime := v_headerField.headerField.generation_time; log("v_generationTime (us) = ", v_generationTime); if (not match(v_generationTime, Time64:(v_curTime-c_timeLimit, v_curTime+c_timeLimit))) { log("*** " & testcasename() & ": FAIL: DENM generation time is not in 10 min range"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that generation time is inside the certificate validation period if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_signer_info, v_headerField)) { v_cert := v_headerField.headerField.signer.signerInfo.certificate; for (var integer v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) { if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) { v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000; if (not match(v_generationTime, Time64:(0 .. v_endTime))){ log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) { v_endTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000; v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000; if (not match(v_generationTime, Time64:(v_startTime .. v_endTime))){ log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_duration) { if (PICS_PLUGTEST_VERSION){ log("*** " & testcasename() & ": FAIL: Usage of time_start_and_duration is not allowed in TS103097 v1.2.5"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000; v_duration := f_duration2time(v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000; if (not match(v_generationTime, Time64:(v_startTime .. v_duration))){ log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else { log("*** " & testcasename() & ": FAIL: Mal-formed the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement log("*** " & testcasename() & ": PASS: DENM generation time is inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( )))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: Invalid DENM received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_04_01_BV /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location when AT certificate does not contain any region restrictions *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_IUT_A_AT)
             *       not containing validity_restrictions['region']
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_field ['generation_location']
             *           containing generation_location
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_05_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var ItsDenm v_denmComponent; // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION' required for executing the TC ***"); stop; } // Test component configuration // CERT_IUT_A is the default one f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, superset( mw_validity_restriction_any_valid_region ))))))) { log("*** " & testcasename() & ": INFO: Skip DENM containing region restrictions ***"); repeat; } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_location ), mw_header_field_signer_info_certificate, mw_header_field_its_aid_DENM ))))) { // The certificate doesn't contain region restrictions because such messages was catched before tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM contains generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_signer_info_certificate )))) { // the message does not contain generation location tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM contains generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( )))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble // Cancel DENM events f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_01_BV function f_TC_SEC_ITSS_SND_DENM_05_BV( in template (present) GeographicRegion p_region := ? ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingInd v_geoNwInd; var ItsDenm v_denmComponent; // Trigger DENM v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { // DENM contains generation location and certificate with region restrictions [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_location ), mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, superset( mw_validity_restriction_region( p_region ) ) ) ), mw_header_field_its_aid_DENM ))))) -> value v_geoNwInd { var ValidityRestriction v_vr; var HeaderField v_hf; tc_ac.stop; // check that generation location is inside the circular region of the certificate if (f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf) and f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr) ) { if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) { log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); }else{ log("*** " & testcasename() & ": FAIL: DENM contains generation location outside the certificate validity region ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else { log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // DENM signing certificate doesn't contains region restriction [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_its_aid_DENM, mw_header_field(e_generation_location), mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, { } // DENM signing certificate doesn't 'contains region restriction ) ) ))))) { tc_ac.stop; log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( )))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement f_cancelDenmEvent(v_denmComponent); } // End of function f_TC_SEC_ITSS_SND_DENM_05_BV /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location which is inside the circular region defined by the validity restriction of the certificate pointed by the signer_info field *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_IUT_B_AT)
             *       containing validity_restrictions ['region']
             *         containing region
             *           containing region_type
             *             indicating 'circle'
             *           containing circular_region
             *             indicating REGION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_field ['generation_location']
             *           containing generation_location
             *             indicating value inside the REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_05_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_B; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_circle); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_02_BV /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location which is inside the rectangular region defined by the validity restriction of the certificate pointed by the signer_info field *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_IUT_C_AT)
             *       containing validity_restrictions ['region']
             *         containing region
             *           containing region_type
             *             indicating 'rectangle'
             *           containing rectangular_region
             *             containing instance of RectangularRegion
             *               indicating REGION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_field ['generation_location']
             *           containing generation_location
             *             indicating value inside the REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_05_03_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_03_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_C; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_rectangular); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_03_BV /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location which is inside the polygonal region defined by the validity restriction of the certificate pointed by the signer_info field *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_IUT_D_AT)
             *       containing validity_restrictions ['region']
             *         containing region
             *           containing region_type
             *             indicating 'polygon'
             *           containing polygonal_region
             *             indicating REGION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_field ['generation_location']
             *           containing generation_location
             *             indicating value inside the REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_05_04_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_04_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variablesl // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_D; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_polygonal); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_04_BV /** * @desc Check that the secured DENM contains exactly one HeaderField generation_location which is inside the identified region defined by the validity restriction of the certificate pointed by the signer_info field *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_IUT_E_AT)
             *       containing validity_restrictions ['region']
             *         containing region
             *           containing region_type
             *             indicating 'id_region'
             *           containing identified_region
             *             indicating REGION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields
             *           containing exactly one instance of HeaderField
             *             containing type
             *               indicating 'generation_location'
             *             containing generation_location
             *               indicating value inside the REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_05_05_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_05_05_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_E; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_DENM_05_BV(mw_geographicRegion_identified); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_05_05_BV /** * @desc Check that the Secured DENM contains non-empty payload of type signed *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing not-empty data
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_08_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var ItsDenm v_denmComponent; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_denmComponent := f_triggerDenmEvent(); tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( ?, mw_payload(e_signed) )))) { log("*** " & testcasename() & ": PASS: DENM payload is 'signed'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( ?, mw_payload() )))) { log("*** " & testcasename() & ": FAIL: DENM payload is not 'signed'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs ))) { log("*** " & testcasename() & ": FAIL: DENM payload is not exist"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_08_01_BV /** * @desc Check that the secured DENM contains only the trailer field of type signature and no other trailer fields *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *           and not containing other items
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_09_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables const integer c_nbVerification := 3; var integer v_nbVerification := 0; var ItsDenm v_denmComponent; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } if (not(PICS_PLUGTEST_VERSION)) { log("*** " & testcasename() & ":ERROR: 'PICS_PLUGTEST_VERSION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); v_denmComponent := f_triggerDenmEvent(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs(?, ?, { mw_trailer_field_signature }) ))){ tc_ac.stop; log("*** " & testcasename() & ": INFO: DENM message with signature trailer received ***"); v_nbVerification := v_nbVerification + 1; if (v_nbVerification < c_nbVerification) { tc_ac.start; repeat; } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs(?, ?, {}) ))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: DENM message with NO trailer fields received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs(?, ?, superset( mw_trailer_field, ? ) )))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: DENM message with more than one trailer field received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: DENM received with correct signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_09_01_BV /** * @desc Check that the secured DENM contains only one TrailerField of type signature; * Check that the signature contained in the SecuredMessage is calculated over the right fields by cryptographically verifying the signature *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send DENM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_field ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket' (2)
             *               and containing subject_attributes['verification key'] (KEY)
             *         and containing trailer_fields
             *           containing single instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_DENM_10_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_SND_DENM_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; var Certificate v_certificate; var ItsDenm v_denmComponent; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Preamble f_prNeighbour(); v_denmComponent := f_triggerDenmEvent(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": INFO: DENM message with certificate received ***"); f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) { log("*** " & testcasename() & ": FAIL: DENM received with invalide signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_DENMs ))) { log("*** " & testcasename() & ": FAIL: DENM doesn't contain signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: DENM received with correct signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_cancelDenmEvent(v_denmComponent); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_10_01_BV } // End of group sendDENMProfile /** * @desc Sending behaviour test cases for DENM profile * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.6 Generic signed message profile */ group sendOtherProfile { /** * @desc Check that the sent Secured Message contains HeaderField its_aid that is set to other value then AID_CAM and AID_DENM *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields ['its_aid']
             *           containing its_aid
             *             indicating 'AID_BEACON'
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 5.4 */ testcase TC_SEC_ITSS_SND_GENMSG_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( ?, ?, mw_header_field_its_aid_Other ) ), ? ))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: 'its_aid' is neither set to 'AID_CAM' nor 'AID_DENM'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected Message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_01_01_BV /** * @desc Check that the generic secured message contains exactly one element of these header fields: signer_info, generation_time, generation_location; * Check that the header fields are in the ascending order according to the numbering of the enumeration except of the signer_info, which is encoded first *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields [0].type
             *           indicating 'signer_info'
             *         and containing header_fields [1..n]
             *           where header_fields [i].type < header_fields [i+1].type
             *         and containing header_fields ['generation_time']
             *         and containing header_fields ['generation_location']
             *         and containing header_fields ['its_aid']
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_02_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var GeoNetworkingInd v_geoNwInd; var HeaderFields v_headersFields; var HeaderFieldType v_previousHeaderType; var integer v_counter; // Test control if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field(e_generation_time), mw_header_field(e_generation_location), mw_header_field_its_aid_Other ) ), mw_geoNwBeaconPacket( ? )))) -> value v_geoNwInd { tc_ac.stop; // Process header fields manually v_headersFields := valueof(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields); // Check that signerInfo is first header if (lengthof(v_headersFields) < 1 or (v_headersFields[0].type_ != e_signer_info)) { log("*** " & testcasename() & ": FAIL: SignerInfo is not first header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (v_counter := 1; v_counter < lengthof(v_headersFields); v_counter := v_counter + 1) { // Check that no header is duplicated if (v_headersFields[v_counter].type_ == e_signer_info) { log("*** " & testcasename() & ": FAIL: multiple instances of signer_info"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_counter > 1) { // Check that headers are ordered //FIXME v_previousHeaderType is not initialized before use, it will cause dynamic test case error (DTE) if (v_headersFields[v_counter].type_ == v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: multiple instances of same Header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_headersFields[v_counter].type_ < v_previousHeaderType) { log("*** " & testcasename() & ": FAIL: headers not in correct order"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } v_previousHeaderType := v_headersFields[v_counter].type_; } // End of 'for' statement log("*** " & testcasename() & ": PASS: correct secured packet received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_02_01_BV /** * @desc Check that generic secured message contains the certificate as a signer_info *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_03_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test control if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate ), mw_geoNwBeaconPacket( ? )))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Beacon signed with certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field( e_signer_info ) ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": INFO: Beacon signed with digest ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_03_01_BV /** * @desc Check that message generation time is inside the validity period of the signing certificate; * Check that message generation time value is realistic *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_fields['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME (CUR_TIME - 10min <= GEN_TIME < CUR_TIME + 10min)
             *         and containing header_fields['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate
             *               containing validity_restrictions['time_end']
             *                 and containing end_validity
             *                   indicating value > GEN_TIME
             *               or containing validity_restrictions['time_start_and_end']
             *                 containing start_validity
             *                   indicating value <= GEN_TIME
             *                 and containing end_validity
             *                   indicating value > GEN_TIME
             *               or containing validity_restrictions['time_start_and_duration']
             *                 containing start_validity (X_START_VALIDITY)
             *                   indicating value <= GEN_TIME
             *                 and containing duration
             *                   indicating value > GEN_TIME - X_START_VALIDITY
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_04_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var GeoNetworkingInd v_geoNwInd; var HeaderField v_headerField; var Time64 v_generationTime; var Time64 v_curTime; var Time64 v_startTime, v_endTime, v_duration; var Certificate v_cert; var integer v_counter; // Test control if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_time ), mw_header_field_signer_info_certificate, mw_header_field_its_aid_Other ) ), mw_geoNwBeaconPacket( ? ) ) )) -> value v_geoNwInd { const integer c_deltaTime := 2 * 3600 * 1000000; // Two hours, in microsecoonds tc_ac.stop; v_curTime := f_getCurrentTime(); v_curTime := v_curTime * 1000; // Clause 4.2.16 Time64: is in microseconds if ( f_getMsgHeaderField( v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_time, v_headerField )) { v_generationTime := v_headerField.headerField.generation_time; log("v_generationTime=", v_generationTime); log("v_curTime=", v_curTime); log("v_curTime - c_deltaTime=", v_curTime - c_deltaTime); if (v_generationTime < (v_curTime - c_deltaTime)) { log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the past"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_generationTime > (v_curTime + c_deltaTime)) { log("*** " & testcasename() & ": FAIL: Beacon generation time is too far in the future"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that generation time is inside the certificate validation period if ( f_getMsgHeaderField( v_geoNwInd.msgIn.gnPacket.securedMsg, e_signer_info, v_headerField )) { v_cert := v_headerField.headerField.signer.signerInfo.certificate; for (v_counter := 0; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) { if (v_cert.validity_restrictions[v_counter].type_ == e_time_end) { v_endTime := v_cert.validity_restrictions[v_counter].validity.end_validity * 1000000; if (v_generationTime > v_endTime ) { log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_end) { v_endTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000; v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000; if (v_generationTime < v_startTime or v_generationTime > v_endTime ) { log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else if (v_cert.validity_restrictions[v_counter].type_ == e_time_start_and_duration) { if (PICS_PLUGTEST_VERSION){ log("*** " & testcasename() & ": FAIL: Usage of time_start_and_duration is not allowed in TS103097 v1.2.5"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_startTime := v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000; v_duration := f_duration2time(v_cert.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000; if (v_generationTime < v_startTime or (v_startTime + v_duration) > v_endTime ) { log("*** " & testcasename() & ": FAIL: Beacon generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else { log("*** " & testcasename() & ": FAIL: Mal-formed the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement log("*** " & testcasename() & ": PASS: Beacon generation time is inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": INCONC: DENM signer info is not available"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected Beacon not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_04_01_BV /** * @desc Check that the secured GeoNetworking message contains exactly one HeaderField generation_location when AT certificate does not contain any region restrictions *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero AND PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_AT_A)
             *       not containing validity_restrictions['region']
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_fields['generation_location']
             *           containing generation_location
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_05_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test control if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_CERTIFICATE_SELECTION' required for executing the TC ***"); stop; } // Test component configuration // CERT_IUT_A is the default one f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd(mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, superset( mw_validity_restriction_any_valid_region ))))))) { log("*** " & testcasename() & ": INFO: Skip DENM containing region restrictions ***"); repeat; } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field( e_generation_location ), mw_header_field_signer_info_certificate, complement( mw_header_field_its_aid_CAM, mw_header_field_its_aid_DENM ) ))))) { // The certificate doesn't contain region restrictions because such messages was catched before tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM contains generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate )))) { // The message does not contain generation location tc_ac.stop; log("*** " & testcasename() & ": PASS: DENM contains generation location ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_01_BV /** * @desc Check that the secured GeoNetworking message contains exactly one HeaderField generation_location which is inside the circular region containing in the validity restriction of the certificate pointed by the signer_info field *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero AND PICS_CERTIFICATE_SELECTION AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_AT_B)
             *       containing validity_restrictions ['region']
             *         containing region
             *           containing region_type
             *             indicating 'circle'
             *           and containing circular_region
             *             indicating REGION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_fields['generation_location']
             *           containing generation_location
             *             indicating value inside the REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_05_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test control if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_B; f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_circle); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_02_BV /** * @desc Check that the secured GeoNetworking message contains exactly one HeaderField generation_location which is inside the rectangular region containing in the validity restriction of the certificate pointed by the signer_info field *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero AND PICS_CERTIFICATE_SELECTION AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_AT_C)
             *       containing validity_restrictions ['region']
             *         containing region
             *           containing region_type
             *             indicating 'rectangle'
             *           containing rectangular_region
             *             containing instance of RectangularRegion
             *               indicating REGION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_fields['generation_location']
             *           containing generation_location
             *             indicating value inside the REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_05_03_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_05_03_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_C; // Load IUT certificate CERT_IUT_C f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_rectangular); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_03_BV /** * @desc Check that the secured GeoNetworking message contains exactly one HeaderField generation_location which is inside the polygonal region containing in the validity restriction of the certificate pointed by the signer_info field *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero AND PICS_CERTIFICATE_SELECTION AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_AT_D)
             *       containing validity_restrictions ['region']
             *         containing region
             *           containing region_type
             *             indicating 'polygon'
             *           containing polygonal_region
             *             indicating REGION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing exactly one header_fields['generation_location']
             *           containing generation_location
             *             indicating value inside the REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_05_04_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_05_04_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_D; // Load IUT certificate CERT_IUT_D f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_polygonal); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_04_BV /** * @desc Check that the secured GeoNetworking message contains exactly one HeaderField generation_location which is inside the identified region containing in the validity restriction of the certificate pointed by the signer_info field *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero AND PICS_CERTIFICATE_SELECTION AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT has been authorized with the AT certificate (CERT_AT_E)
             *       containing validity_restrictions ['region']
             *         containing region
             *           containing region_type
             *             indicating 'id_region'
             *           containing identified_region
             *             indicating REGION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields ['its_aid']
             *           indicating 'AID_BEACON'
             *         containing exactly one header_fields['generation_location']
             *           containing generation_location
             *             indicating value inside the REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_05_05_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_05_05_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_E; // Load IUT certificate CERT_IUT_E f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05_BV(mw_geographicRegion_identified); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_05_BV /** * @desc Check that the secured GeoNetworking message contains exactly one HeaderField generation_location and this location is inside the certificate validation restriction *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero AND NOT PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signed_info'].certificate
             *           containing validity_restrictions ['region']
             *             containing region.region_type
             *               indicating 'none'
             *           or containing region.region_type
             *               indicating 'circle'
             *             containing region.circular_region
             *               indicating REGION
             *           or containing region.region_type
             *               indicating 'rectangle'
             *             containing region.rectangular_region
             *               containing array of rectangles
             *                 indicating REGION
             *           or containing region.region_type
             *               indicating 'polygonal'
             *             containing region.polygonal_region
             *               indicating REGION
             *           or containing region.region_type
             *               indicating 'id_region'
             *             containing region.circular_region
             *               indicating REGION
             *         and containing exactly one header_fields['generation_location']
             *           containing generation_location
             *             indicating location inside the REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_05_06_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_05_06_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE) or PICS_CERTIFICATE_SELECTION) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE and not PICS_CERTIFICATE_SELECTION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_B; // Load IUT certificate CERT_IUT_B f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_TC_SEC_ITSS_SND_GENMSG_05_BV(); // any type of regions // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_06_BV group f_TC_SEC_ITSS_SND_GENMSG_05_xx { function f_TC_SEC_ITSS_SND_GENMSG_05_BV( in template (present) GeographicRegion p_region := ? ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingInd v_geoNwInd; tc_ac.start; alt { // GN message must contain generation location and the certificate with region restrictions [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field(e_generation_location), mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, superset( mw_validity_restriction_region( p_region ))))))))) -> value v_geoNwInd { var ValidityRestriction v_vr; var HeaderField v_hf; tc_ac.stop; // Check that generation location if ( f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf) and f_getCertificateValidityRestriction(v_geoNwInd.msgIn.gnPacket.securedMsg.header_fields[0].headerField.signer.signerInfo.certificate, e_region, v_vr) ) { if (f_isLocationInsideRegion(v_vr.validity.region, v_hf.headerField.generation_location)) { log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("v_vr.validity.region=", v_vr.validity.region); log("v_hf.headerField.generation_location=", v_hf.headerField.generation_location); log("*** " & testcasename() & ": FAIL: Invalid location"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else { log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // GN message doesn't contain generation location [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others ))) -> value v_geoNwInd { var HeaderField v_hf; tc_ac.stop; // Check that generation location is not present f_getMsgHeaderField(v_geoNwInd.msgIn.gnPacket.securedMsg, e_generation_location, v_hf); if (not isbound(v_hf)) { log("*** " & testcasename() & ": FAIL: DENM doesn't contain generation location header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // GN signing certificate doesn't contains region restriction [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate( mw_certificate( ?, ?, ?, { } // GN signing certificate doesn't contains region restriction )))))) { tc_ac.stop; log("*** " & testcasename() & ": INCONC: DENM certificate doesn't contain region restriction"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected DENM not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement } // End of function f_TC_SEC_ITSS_SND_GENMSG_05_BV } // End of group f_TC_SEC_ITSS_SND_GENMSG_05_xx /** * @desc Check that the secured message contains the Payload element of type signed, signed_external or signed_and_encrypted *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing payload_field
             *           containing type
             *             indicating 'signed' or 'signed_external' or 'signed_and_encrypted'
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_06_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( ?, mw_payload( e_signed ) ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": PASS: Beacon payload is 'signed'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( ?, mw_payload( e_signed_external ) ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_external'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( ?, mw_payload( e_signed_and_encrypted ) ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": PASS: Beacon payload is 'e_signed_and_encrypted'"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( ?, mw_payload ), mw_geoNwBeaconPacket( ? )))) { log("*** " & testcasename() & ": FAIL: Beacon payload is not signed, signed_external or signed_and_encrypted"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected Message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_GENMSG_06_01_BV /** * @desc Check that the secured message contains only one TrailerField of type signature; * Check that the signature contained in the SecuredMessage is calculated over the right fields by cryptographically verifying the signature *
             * Pics Selection: PICS_GN_SECURITY AND PICS_ITS_AID_OTHER_PROFILE = non-zero
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a Beacon
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate
             *               indicating CERT
             *         and containing trailer_fields ['signature']
             *           containing signature
             *             verifiable using CERT.subject_attributes['verification_key']
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_GENMSG_07_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_SND_GENMSG_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var LongPosVector v_longPosVectorIut; var GeoNetworkingInd v_geoNwInd; var SignerInfo v_signerInfo; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_ITS_AID_OTHER_PROFILE)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_ITS_AID_OTHER_PROFILE' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); v_longPosVectorIut := f_getPosition(c_compIut); // Test adapter configuration // Preamble f_prNeighbour(); f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others( mw_header_field_signer_info_certificate )))) -> value v_geoNwInd { tc_ac.stop; log("*** " & testcasename() & ": INFO: Beacon message with certificate received ***"); f_getMsgSignerInfo(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo); if (f_verifyGnSecuredMessageSignatureWithCertificate(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerInfo.signerInfo.certificate) == false) { log("*** " & testcasename() & ": FAIL: Beacon received with invalide signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_Others ))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: Beacon message without certificate received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected GN Message not received"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement log("*** " & testcasename() & ": PASS: GN Message received with correct signature"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_acTriggerEvent(m_stopPassBeaconing); f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_DENM_07_01_BV } // End of group sendOtherProfile /** * @desc Sending behaviour test cases for certificates profile * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7 Profiles for certificates */ group sendCertificatesProfile { /** * @desc Check that AT certificate has version 2 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate in the SecuredMessage
             * Expected results:
             *   ensure that
             *      when
             *       the IUT is requested to send a SecuredMessage
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating certificate
             *           containing certificate
             *             containing version
             *               indicating '2'
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_certificate( ))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT Certificate version set to " & int2char(c_certificate_version) & " ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( ? )))))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: AT Certificate version mismatch ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_01_01_BV /** * @desc Check that AA certificate has version 2 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *      when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates
             *             indicating length N > 0
             *             and containing certificates [n] (0..N)
             *               containing version
             *                 indicating '2'
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_01_02_BV * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var SecuredMessage v_recv; var Certificate v_cert; var SignerInfo v_si; var HashedId8 v_digest; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); // Wait for the message with the certificate to retrieve the AA digest. // Ask for the chain, containing AT and AA certificate // Check AA Certificate log("*** " & testcasename() & ": INFO: Wait for certificate and ask for certificate chain ***"); tc_ac.start; f_askForCertificateChain(f_generateDefaultCam()); tc_ac.stop; f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain( superset( mw_aa_certificate ))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AA certificate version set to " & int2char(c_certificate_version) & " ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain ))))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: AA certificate version mismatch or no AA cert received***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_01_02_BV /** * @desc Check that the references in the certificate chain are valid * Check that signer_info type of all certificates in the chain are 'certificate_digest_with_sha256', 'certificate_digest_with_other_algorithm'or 'self' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates
             *             indicating length N > 1
             *             and containing certificates[0]
             *               containing signer_info
             *                 containing type
             *                   indicating 'certificate_digest_with_sha256'
             *                   or indicating 'certificate_digest_with_other_algorythm'
             *                 and containing digest
             *                   referencing the trusted certificate
             *               or containing signer_info
             *                 containing type
             *                   indicating 'self'
             *             and containing certificates[n] (1..N)
             *               containing signer_info
             *                 containing type
             *                   indicating 'certificate_digest_with_sha256'
             *                   or indicating 'certificate_digest_with_other_algorythm'
             *                 and containing digest
             *                   referencing the certificates[n-1]
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_02_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.10, 6.1 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var CertificateChain v_chain; var SignerInfo v_si; var HashedId8 v_digest; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; // Test Body for (var integer v_counter := lengthof(v_chain) - 1; v_counter > 1; v_counter := v_counter - 1) { // Loop on []N-1..1] if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) { log("*** " & testcasename() & ": FAIL: Certificate[ " & int2str(v_counter) & "] doesn't contain signer info ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_si.type_ != e_certificate_digest_with_sha256) { if (v_si.type_ != e_certificate_digest_with_other_algorithm or PICS_PLUGTEST_VERSION) { log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // signer_info.type indicates 'certificate_digest_with_sha256' or 'certificate_digest_with_other_algorythm' v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]); if (not match (v_si.signerInfo.digest, v_digest)) { log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement // Process certificate[0] if (not f_getCertificateSignerInfo(v_chain[0], v_si)) { log("*** " & testcasename() & ": FAIL: Certificate[0] doesn't contain signer info ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Process certificate[0] if (v_si.type_ != e_certificate_digest_with_sha256) { log("*** " & testcasename() & ": FAIL: Certificate[0] is not signed with digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // signer_info.type indicates 'certificate_digest_with_sha256' only log("*** " & testcasename() & ": PASS: Certificate chain is well signed ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_02_01_BV /** * @desc Check that the rectangular region validity restriction of the message signing certificate contains not more than six valid rectangles; * Check that the rectangular region validity restriction of the message signing certificate is continuous and does not contain any holes *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate'
             *           containing certificate
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'rectangle'
             *                 and containing rectangular_region
             *                   indicating length <= 6
             *                   and containing elements of type RectangularRegion
             *                     indicating continuous region without holes
             *                     and containing northwest and southeast
             *                       indicating northwest is on the north from southeast
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_04_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.20 and 4.2.23 */ testcase TC_SEC_ITSS_SND_CERT_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var Certificate v_cert; var ValidityRestriction v_vr; var integer v_counter; // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_C; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test body tc_ac.start; if (not f_waitForCertificate(v_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { if (v_vr.validity.region.region_type == e_rectangle) { var RectangularRegions v_rects := v_vr.validity.region.region.rectangular_region; if (lengthof(v_rects) > 6) { log("*** " & testcasename() & ": FAIL: Rectangular regions count is greather than 6 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (v_counter := 0; v_counter 1) { if (true != f_isContinuousRectangularRegions(v_rects)) { // FIXME Not implemented log("*** " & testcasename() & ": FAIL: Rectangular regions are not connected all together ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } } else { log("*** " & testcasename() & ": INCONC: Certificate has other region type ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc } } else { log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_04_01_BV /** * @desc Check that the rectangular region validity restriction of all certificates contains not more than six valid rectangles; * Check that the rectangular region validity restriction of the AT certificate is continuous and does not contain any holes * Check that the rectangular certificate validity region of the subordinate certificate is well formed and inside the validity region of the issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           containing certificates
             *             indicating length N > 0
             *             and containing certificates [n] (0..N)
             *               containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'rectangle'
             *                   and containing rectangular_region
             *                     indicating length <= 6
             *                     and containing elements of type RectangularRegion
             *                       containing northwest and southeast
             *                         indicating northwest  on the north from southeast
             *                     and indicating continuous region without holes
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_04_02_BV * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.20 and 4.2.23 */ testcase TC_SEC_ITSS_SND_CERT_04_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var CertificateChain v_chain; var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown); // current and issuing cert validity restrictions var boolean f_vr := false, f_vri := false; // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_C; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } else { f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } // Test Body tc_ac.stop; for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) { v_vri := v_vr; f_vri := f_vr; f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr); log("v_chain[v_counter]=", v_chain[v_counter]); if (f_vr) { var RectangularRegions v_rects; if (v_vr.validity.region.region_type != e_rectangle) { log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not rectangular ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_rects := v_vr.validity.region.region.rectangular_region; log("v_rects=", v_rects); if (lengthof(v_rects) > 6) { log("*** " & testcasename() & ": FAIL: Rectangular regions count is greather than 6 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (var integer j:=0; j * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_POLYGONAL_REGION * Config Id: CF01 * Initial conditions: * with * the IUT being in the 'authorized' state * the IUT being requested to include certificate in the next CAM * Expected results: * ensure that * when * the IUT is requested to send a CAM * then * the IUT sends a SecuredMessage * containing header_fields['signer_info'].signer * containing type * indicating 'certificate' * containing certificate * containing validity_restrictions['region'] * containing region * containing region_type * indicating 'polygon' * and containing polygonal_region * indicating length >=3 and <=12 * and indicating continuous region without holes and intersections * * @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_05_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.24 */ testcase TC_SEC_ITSS_SND_CERT_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_cert; var ValidityRestriction v_vr; var integer v_counter; // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_D; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test body tc_ac.start; if (not f_waitForCertificate(v_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { if (v_vr.validity.region.region_type == e_polygon) { var PolygonalRegion v_pr := v_vr.validity.region.region.polygonal_region; var integer v_length := lengthof(v_pr); if (v_length < 3) { log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_length > 12) { log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (true != f_isValidPolygonalRegion(v_pr)) { log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Certificate has a valid rectangular region restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // FIXME Check holes } else { log("*** " & testcasename() & ": INCONC: Certificate has other region type ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); // to be inconc } } else { log("*** " & testcasename() & ": PASS: Certificate doesn't have any location restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_05_01_BV /** * @desc Check that the polygonal certificate validity region is inside the validity region of the issuing certificate; * Check that the issuing polygonal certificate validity region contains at least three and no more than 12 points; * Check that the issuing polygonal certificate validity region does not contain intersections and holes *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates
             *             indicating length N > 0
             *             and containing certificates [n] (0..N)
             *               containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     indicating length >=3 and <=12
             *                     and indicating continuous region without holes and intersections
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_05_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.24 */ testcase TC_SEC_ITSS_SND_CERT_05_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var CertificateChain v_chain; var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown); // current and issuing cert validity restrictions var boolean f_vr := false, f_vri := false; // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_D; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } else { f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } // Test Body f_vr := false; tc_ac.stop; for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) { v_vri := v_vr; f_vri := f_vr; f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr); if (f_vr) { var PolygonalRegion v_pr; var integer v_length; if (v_vr.validity.region.region_type != e_polygon) { log("*** " & testcasename() & ": INCONC: Certificate validity restriction region is not polygonal ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_pr := v_vr.validity.region.region.polygonal_region; v_length := lengthof(v_pr); if (v_length < 3) { log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too small in cert " & int2str(v_counter) & " ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_length > 12) { log("*** " & testcasename() & ": FAIL: Count of points in polygonal region is too big in cert " & int2str(v_counter) & "***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (true != f_isValidPolygonalRegion(v_pr)) { log("*** " & testcasename() & ": FAIL: Polygonal region is not valid (self-intersected) in cert " & int2str(v_counter) & " ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (f_vri) { // current restrictions must be inside of the parent one if (true != f_isPolygonalRegionInside(v_vri.validity.region.region.polygonal_region, v_pr)) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction region in cert " & int2str(v_counter) & " is not inside the issuing one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // FIXME Check holes } } else { // Region validity restriction is not exist if (f_vri) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction region must be set in the certificate " & int2str(v_counter) & "because this restriction exists in the issuing certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } // End of 'for' statement log("*** " & testcasename() & ": PASS: All certificates has a valid polygonal region restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_05_02_BV /** * @desc Check that the identified certificate validity region contains values that correspond to numeric country codes as defined in ISO 3166-1 or defined by United Nations Statistics Division *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'id'
             *                 and containing id_region
             *                   containing region_dictionary
             *                     indicating 'iso_3166_1'
             *                   and containing region_identifier
             *                     indicating valid value according to ISO-2166-1
             *                   and containing local_region
             *                 or containing id_region
             *                   containing region_dictionary
             *                     indicating 'un_stats'
             *                   and containing region_identifier
             *                     indicating valid value according to UN STATS
             *                   and containing local_region
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_06_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_cert; var ValidityRestriction v_vr; var integer v_counter; // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_E; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test body tc_ac.start; if (not f_waitForCertificate(v_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (f_getCertificateValidityRestriction(v_cert, e_region, v_vr)) { if (v_vr.validity.region.region_type == e_id) { if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) { log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) { log("*** " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } log("*** " & testcasename() & ": PASS: Certificate has a valid region ID restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": FAIL: Certificate doesn't have any location restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_06_01_BV /** * @desc Check that the identified certificate validity region contains values that correspond to numeric country codes as defined in ISO 3166-1 or defined by United Nations Statistics Division; * Check that the identified certificate validity region contains values defining the region which is inside the validity region of the issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates
             *             indicating length N > 1
             *             and containing certificates[n](0..N)
             *               containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'id'
             *                   and containing id_region
             *                     containing region_dictionary
             *                       indicating 'iso_3166_1'
             *                     and containing region_identifier
             *                       indicating valid value according to ISO_3166-1 dictionary
             *                   and containing local_region
             *                 or containing region
             *                   containing region_type
             *                     indicating 'id'
             *                   and containing id_region
             *                     containing region_dictionary
             *                       indicating 'un_stats'
             *                     and containing region_identifier
             *                       indicating valid value according to UN STATS dictionary
             *                   and containing local_region
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_06_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_06_02_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var ValidityRestriction v_vr := valueof(m_validity_restriction_unknown), v_vri := valueof(m_validity_restriction_unknown); // current and issuing cert validity restrictions var boolean f_vr := false, f_vri := false; // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration vc_hashedId8ToBeUsed := cc_iutCert_E; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } else { f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } // Test Body f_vr := false; tc_ac.stop; for (var integer v_counter := 0; v_counter < lengthof(v_chain); v_counter := v_counter + 1) { v_vri := v_vr; f_vri := f_vr; f_vr := f_getCertificateValidityRestriction(v_chain[v_counter], e_region, v_vr); if (f_vr) { if (v_vr.validity.region.region_type == e_id) { if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) { log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (not match (v_vr.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) { log("*** " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } if (f_vri) { // the region code must be the same if (v_vr.validity.region.region.id_region.region_identifier != v_vri.validity.region.region.id_region.region_identifier) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( v_vri.validity.region.region.id_region.local_region != 0 and v_vri.validity.region.region.id_region.local_region != v_vr.validity.region.region.id_region.local_region ) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction local identified region in cert " & int2str(v_counter) & " is not the same as in the issuing one ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } else { // Region validity restriction is not exist if (f_vri) { log("*** " & testcasename() & ": FAIL: Certificate validity restriction identified region must be set in the certificate " & int2str(v_counter) & "because this restriction exists in the issuing certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } log("*** " & testcasename() & ": PASS: All certificates has a valid identified regionrestrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_06_02_BV /** * @desc Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates
             *             indicating length N > 1
             *             and containing certificates[n](0..N)
             *               indicating certificate
             *                 not containing validity_restrictions['region']
             *                 and containing signer_info
             *                   containing digest
             *                     referencing the certificate
             *                       not containing validity_restrictions['region']
             *               or indicating certificate
             *                 containing validity_restrictions['region']
             *                   containing region.region_type
             *                     indicating 'none'
             *                 and containing signer_info
             *                   containing digest
             *                     referencing the certificate
             *                       not containing validity_restrictions['region']
             *                       or containing validity_restrictions['region']
             *                         containing region.region_type
             *                           indicating 'none'
             *               or indicating certificate
             *                 containing validity_restrictions['region']
             *                   containing region.region_type
             *                     indicated 'circle'
             *                     or indicated 'rectangle'
             *                     or indicated 'polygon'
             *                     or indicated 'id'
             *                   and containing region (X_CERT__REGION)
             *                 and containing signer_info
             *                   containing digest
             *                     referencing the certificate
             *                       not containing validity_restrictions['region']
             *                       or containing validity_restrictions['region']
             *                         containing region.region_type
             *                           indicating 'none'
             *                       or containing validity_restrictions['region']
             *                         containing region
             *                           indicating region fully covering the X_CERT_REGION
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_07_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_cert, v_cert_issuer; var SignerInfo v_si; var UInt8 v_counter; var HashedId8 v_digest; var CertificatesCaching v_certificatesCaching; var FncRetCode v_result_status := e_success; // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION' required for executing the TC ***"); stop; } // Test component configuration // vc_hashedId8ToBeUsed := cc_iutCert_E; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } else { f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } // Test Body // 1. Create a cache of certificates f_createCertificatesCaching(v_chain, v_certificatesCaching); // 2. Process the certificates v_counter := f_getCertificatesCachingItemSize(v_certificatesCaching) - 1; while (v_counter != 0) { // Get the first certificate if (f_getCertificatesCachingItem(v_certificatesCaching, v_counter, v_cert) == false) { v_result_status := e_error; break; } // Retrive SigneInfo field if (not f_getCertificateSignerInfo(v_cert, v_si)) { log("*** " & testcasename() & ": FAIL: Certificate " & int2str(v_counter) & " doesn't have a signer info ***"); v_result_status := e_error; break; } if (v_si.type_ != e_certificate_digest_with_sha256) { log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***"); v_result_status := e_error; break; } // Get issuer if (f_getCertificateFromCaching(v_certificatesCaching, v_si.signerInfo.digest, v_cert_issuer) == false) { log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***"); v_result_status := e_error; break; } // Check that cert is signed by issuing cert v_digest := f_calculateDigestFromCertificate(v_cert_issuer); if (not match (v_si.signerInfo.digest, v_si.signerInfo.digest)) { log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***"); v_result_status := e_error; break; } // Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction if (f_checkRegionValidityRestiction(v_cert, v_cert_issuer) == false) { v_result_status := e_error; break; } // Prepare next loop v_counter := v_counter - 1; } // End of 'while' statement if (v_result_status == e_success) { log("*** " & testcasename() & ": PASS: All certificates has a valid identified region restrictions ***"); } f_selfOrClientSyncAndVerdictTestBody(c_tbDone, v_result_status); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_07_01_BV /** * @desc Check that the identified region validity restriction of the subordinate certificate is included in the identified region validity restriction of the issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_CERTIFICATE_SELECTION AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT is using both AA and AT certificates with identified region validity restriction
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           containing certificates
             *             indicating length > 1
             *             and containing certificates [n] (0..N)
             *               containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'id'
             *                   containing id_region
             *                     containing region_dictionary
             *                       indicating 'iso_3166_1'
             *                       or indicating 'un_stats'
             *                     containing region_identifier (X_CERT_REGION_ID)
             *                       indicating valid value according to ISO_3166-1 or UN STATS dictionary
             *                     containing local_region (X_CERT_LOCAL_REGION)
             *               and containing signer_info
             *                 containing digest
             *                   referencing the certificate
             *                     containing validity_restrictions['region']
             *                       containing region
             *                         containing region_type
             *                           indicating 'id'
             *                         containing id_region
             *                           containing region_dictionary
             *                             indicating 'iso_3166_1'
             *                             or indicating 'un_stats'
             *                           and containing region_identifier
             *                             indicating value == X_CERT_REGION_ID
             *                           and containing local_region
             *                             indicating value == X_CERT_LOCAL_REGION
             *                             or indicating 0
             *                         or containing id_region
             *                           containing region_dictionary
             *                             indicating 'un_stats'
             *                           and containing region_identifier
             *                             indicating value fully covering the X_CERT_REGION_ID
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_07_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_07_02_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_cert, v_cert_issuer; var SignerInfo v_si; var UInt8 v_counter; var HashedId8 v_digest; var CertificatesCaching v_certificatesCaching; var FncRetCode v_result_status := e_success; // Test control if (not(PICS_GN_SECURITY) or not(PICS_CERTIFICATE_SELECTION) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_CERTIFICATE_SELECTION and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration // vc_hashedId8ToBeUsed := cc_iutCert_E; f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } else { f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); } // Test Body // 1. Create a cache of certificates f_createCertificatesCaching(v_chain, v_certificatesCaching); // 2. Process the certificates v_counter := f_getCertificatesCachingItemSize(v_certificatesCaching) - 1; while (v_counter != 0) { // Get the first certificate if (f_getCertificatesCachingItem(v_certificatesCaching, v_counter, v_cert) == false) { v_result_status := e_error; break; } // Retrive SigneInfo field if (not f_getCertificateSignerInfo(v_cert, v_si)) { log("*** " & testcasename() & ": FAIL: Certificate " & int2str(v_counter) & " doesn't have a signer info ***"); v_result_status := e_error; break; } if (v_si.type_ != e_certificate_digest_with_sha256) { log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***"); v_result_status := e_error; break; } // Get issuer if (f_getCertificateFromCaching(v_certificatesCaching, v_si.signerInfo.digest, v_cert_issuer) == false) { log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***"); v_result_status := e_error; break; } // Check that cert is signed by issuing cert v_digest := f_calculateDigestFromCertificate(v_cert_issuer); if (not match (v_si.signerInfo.digest, v_si.signerInfo.digest)) { log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***"); v_result_status := e_error; break; } // Check that the region of the subordinate certificate validity restriction is inside the region of the issuing certificate validity restriction if (f_checkRegionValidityRestiction(v_cert, v_cert_issuer) == false) { v_result_status := e_error; break; } // Prepare next loop v_counter := v_counter - 1; } // End of 'while' statement if (v_result_status == e_success) { log("*** " & testcasename() & ": PASS: All certificates has a valid identified region restrictions ***"); } f_selfOrClientSyncAndVerdictTestBody(c_tbDone, v_result_status); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_02_01_BV /** * @desc Check the certificate chain to ensure that the time validity restriction of the subordinate certificate is inside the time validity restriction of the issuing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           containing certificates
             *             indicating length N > 1
             *             and containing certificates[n] (0..N)
             *               containing validity_restrictions
             *                 containing validity_restrictions['time_end']
             *                   containing end_validity
             *                     indicating X_END_VALIDITY_AT
             *                 or containing validity_restrictions['time_start_and_end']
             *                   containing start_validity
             *                     indicating X_START_VALIDITY_AT
             *                   and containing end_validity
             *                     indicating X_END_VALIDITY_AT >X_START_VALIDITY_AT
             *                 or containing validity_restrictions['time_start_and_duration']
             *                   containing start_validity
             *                     indicating X_START_VALIDITY_AT
             *                   and containing end_validity
             *                     indicating X_DURATION_AT > 0
             *               and containing signer_info
             *                 containing digest
             *                   referencing the certificate
             *                     containing validity_restrictions['time_end']
             *                       containing end_validity
             *                         indicating value >= X_END_VALIDITY_AT if defined
             *                         or indicating value >= X_START_VALIDITY_AT + X_DURATION_AT
             *                     or containing validity_restrictions['time_start_and_end']
             *                       containing start_validity
             *                         indicating value <= X_START_VALIDITY_AT if defined
             *                         or indicating value <= CURRENT_TIME
             *                       and containing end_validity
             *                         indicating value >= X_END_VALIDITY_AT if defined
             *                         or indicating value >= X_START_VALIDITY_AT + X_DURATION_AT
             *                     or containing validity_restrictions['time_start_and_duration']
             *                       containing start_validity
             *                         indicating X_START_VALIDITY_AA <= X_START_VALIDITY_AT if defined
             *                         or indicating X_START_VALIDITY_AA <= CURRENT_TIME
             *                       and containing duration
             *                         indicating value >= X_END_VALIDITY_AT - X_START_VALIDITY_AA if defined
             *                         or indicating value >= X_START_VALIDITY_AT + X_DURATION_AT -
             *                               X_START_VALIDITY_AA
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_08_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 7.4.4 */ testcase TC_SEC_ITSS_SND_CERT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert; var ValidityRestriction v_vr; var SignerInfo v_si; var Time64 v_generationTime; var Time64 v_curTime; var Time64 v_startTime, v_endTime, v_duration; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 1]; if (match (v_aa_cert.validity_restrictions, superset(mw_validity_restriction_time_end, mw_validity_restriction_time_start_and_duration)) ) { log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) { log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) { log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Process signerInfo field if ( true != f_getCertificateSignerInfo(v_aa_cert, v_si)) { log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo fields ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_si.type_ == e_certificate) { log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo field containing a certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (var integer v_counter := 0; v_counter < lengthof(v_si.signerInfo.certificate.validity_restrictions); v_counter := v_counter + 1) { if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_end) { v_endTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.end_validity * 1000000; if (not match(v_generationTime, Time64:(0 .. v_endTime))){ log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_start_and_end) { v_endTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_end.end_validity * 1000000; v_startTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_end.start_validity * 1000000; if (not match(v_generationTime, Time64:(v_startTime .. v_endTime))){ log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else if (v_si.signerInfo.certificate.validity_restrictions[v_counter].type_ == e_time_start_and_duration) { v_startTime := v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_duration.start_validity * 1000000; v_duration := f_duration2time(v_si.signerInfo.certificate.validity_restrictions[v_counter].validity.time_start_and_duration.duration_) * 1000000; if (not match(v_generationTime, Time64:(v_startTime .. v_duration))){ log("*** " & testcasename() & ": FAIL: DENM generation time is not inside the validity of the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else { log("*** " & testcasename() & ": FAIL: Mal-formed the certificate"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_08_01_BV /** * @desc Check that the certificate signature contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate'
             *           containing certificate
             *             containing signature.ecdsa_signature
             *               containing R.type
             *                 indicating compressed_lsb_y_0
             *                 or indicating compressed_lsb_y_1
             *                 or indicating x_coordinate_only
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_09_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.9 */ testcase TC_SEC_ITSS_SND_CERT_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate( ?, ?, ?, mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_y0_coordinate_only ))))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_0 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate( ?, ?, ?, mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_y1_coordinate_only ))))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to compressed_lsb_y_1 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate( ?, ?, ?, mw_signature( mw_ecdsaSignature( mw_eccPointecdsa_nistp256_with_sha256_x_coordinate_only ))))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT certificate contains signature with the ECC point of type set to x_coordinate_only received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate )))))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: AT certificate signature mismatch ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_09_01_BV /** * @desc Check that the all certificates in a chain have signatures contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           containing certificates
             *             indicating length N > 1
             *             and containing certificates[n](0..N)
             *               containing signature.ecdsa_signature
             *                 containing R.type
             *                   indicating compressed_lsb_y_0
             *                   or indicating compressed_lsb_y_1
             *                   or indicating x_coordinate_only
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_09_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.9 */ testcase TC_SEC_ITSS_SND_CERT_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var SignerInfo v_si; var CertificateChain v_chain; var integer v_counter; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain ))))) -> value v_geoNwInd { tc_ac.stop; // Check certificate chain if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) { v_chain := v_si.signerInfo.certificates; for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) { if (v_chain[v_counter].signature_.algorithm != e_ecdsa_nistp256_with_sha256) { log("*** " & testcasename() & ": FAIL: Wrong signature algorithm ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } else if ( (v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_x_coordinate_only) and (v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_compressed_lsb_y_0) and (v_chain[v_counter].signature_.signature_.ecdsa_signature.r.type_ != e_compressed_lsb_y_1) ) { log("*** " & testcasename() & ": FAIL: Wrong ECDSA R type ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } } // End of 'for' statement } log("*** " & testcasename() & ": PASS: All certificates in a chain have the correct signature type ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_09_02_BV /** * @desc Check that the certificate verification key contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate
             *             containing subject_attributes['verification_key']
             *               containing key.public_key.type
             *                 indicating compressed_lsb_y_0
             *                 or indicating compressed_lsb_y_1
             *                 or indicating uncompressed
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_10_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.4 */ testcase TC_SEC_ITSS_SND_CERT_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate( ?, superset( mw_subject_attribute_verification_key( mw_publicKey_eccPoint_compressed_lsb_y_0 ) ), ?, mw_signature ))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to compressed_lsb_y_0 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate( ?, superset( mw_subject_attribute_verification_key( mw_publicKey_eccPoint_compressed_lsb_y_1 ) ), ?, mw_signature ))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to compressed_lsb_y_1 received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate( ?, superset( mw_subject_attribute_verification_key( mw_publicKey_eccPoint_uncompressed ) ), ?, mw_signature ))))))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: AT certificate contains verification key with the ECC point of type set to uncompressed received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate( mw_at_certificate )))))) { tc_ac.stop; log("*** " & testcasename() & ": FAIL: AT certificate signature mismatch ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_10_01_BV /** * @desc Check that all certificate in a chain have verification keys contains ECC point of type set to either compressed_lsb_y_0, compressed_lsb_y_1 or uncompressed *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates
             *             indicating length N > 0
             *             containing certificates [n] (0..N)
             *               containing subject_attributes['verification_key']
             *                 containing key.public_key.type
             *                   indicating compressed_lsb_y_0
             *                   or indicating compressed_lsb_y_1
             *                   or indicating uncompressed
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_10_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 4.2.4 */ testcase TC_SEC_ITSS_SND_CERT_10_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var GeoNetworkingInd v_geoNwInd; var SignerInfo v_si; var CertificateChain v_chain; var integer v_counter; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain ))))) { tc_ac.stop; // Check certificate chain if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) { v_chain := v_si.signerInfo.certificates; for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) { if ( (not match(v_chain[v_counter], mw_certificate(?, ?, superset(mw_subject_attribute_verification_key(mw_publicKey_eccPoint_compressed_lsb_y_0))))) and (not match(v_chain[v_counter], mw_certificate(?, ?, superset(mw_subject_attribute_verification_key(mw_publicKey_eccPoint_compressed_lsb_y_1))))) and (not match(v_chain[v_counter], mw_certificate(?, ?, superset(mw_subject_attribute_verification_key(mw_publicKey_eccPoint_uncompressed))))) ) { log("*** " & testcasename() & ": FAIL: Wrong verification key algorithm ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } } // End of 'for' statement } log("*** " & testcasename() & ": PASS: All certificates in a chain have the correct verification key ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_10_02_BV /** * @desc Check the certificate signature *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate
             *             containing signer_info
             *               containing type
             *                 indicating 'certificate_digest_with_sha256'
             *               and containing digest
             *                 referencing the certificate CERT
             *             and containing signature
             *               verifiable using CERT.subject_attributes['verification_key'].key
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_11_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_11_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var GeoNetworkingInd v_geoNwInd; var Certificate v_at_cert; var Certificate v_aa_cert; var HashedId8 v_aa_digest; var SignerInfo v_si; var integer v_counter; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Wait for the message with the certificate to get the AA cert digest. // Ask for the chain, containing AT and AA certificate // Check that the AT cert in the first message is signed with the AA cert log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (true != f_getCertificateSignerInfo(v_at_cert, v_si)) { log("*** " & testcasename() & ": FAIL: AT Certificate signer info is unknown ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } if (v_si.type_ != e_certificate_digest_with_sha256) { log("*** " & testcasename() & ": FAIL: AT Certificate is not signed well ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_digest := v_si.signerInfo.digest; // Send a certificate request to the IUT f_sendCertificateRequest(v_aa_digest, f_generateDefaultCam()); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain ))))) -> value v_geoNwInd { var SecuredMessage v_secMsg; var integer v_chainLength; tc_ac.stop; // Check certificate chain if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) { v_chainLength := lengthof(v_si.signerInfo.certificates); if (v_chainLength < 2 ) { log("*** " & testcasename() & ": FAIL: Certificate chain doesn't contain the AA cert ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // get aa cert v_aa_cert := v_si.signerInfo.certificates[v_chainLength-2]; if (not match (v_aa_digest, f_calculateDigestFromCertificate(v_aa_cert))) { log("*** " & testcasename() & ": FAIL: AT certificate was not signed with the given AA cert ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that at cert is signed with aa cert if (false == f_verifyCertificateSignatureWithIssuingCertificate(v_at_cert, v_aa_cert)) { log("*** " & testcasename() & ": FAIL: AT certificate signature error ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AT certificate was well signed with AA certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: The message signer info is unknown ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_11_01_BV /** * @desc Check the validity of signatures of all certificates in the chain *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates
             *             indicating length N > 1
             *             and containing certificates[0]
             *               containing signer_info
             *                 containing type
             *                   indicating 'certificate_digest_with_sha256'
             *                 and containing digest
             *                   referencing the trusted certificate (CERT_ROOT)
             *               and containing signature
             *                 verifiable using CERT_ROOT
             *                     .subject_attributes['verification_key'].key
             *             and containing certificates[n] (1..N)
             *               containing signer_info
             *                 containing type
             *                   indicating 'certificate_digest_with_sha256'
             *                 and containing digest
             *                   referencing the certificates[n-1]
             *               and containing signature
             *                 verifiable using certificates[n-1]
             *                     .subject_attributes['verification_key'].key
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_11_02_BV * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_11_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local declarations var GeoNetworkingInd v_geoNwInd; var Certificate v_cert; var CertificateChain v_chain; var SignerInfo v_si; var HashedId8 v_digest; var integer v_counter; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Wait for the message with the certificate to get the AA cert digest. // Ask for the chain, containing AT and AA certificate // Check that the AT cert in the first message is signed with the AA cert log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate and ask for a certificate chain ***"); tc_ac.start; f_askForCertificateChain(f_generateDefaultCam()); tc_ac.stop; // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage( superset( mw_header_field_signer_info_certificate_chain ))))) -> value v_geoNwInd { var SecuredMessage v_secMsg; var integer v_chainLength; tc_ac.stop; // Check certificate chain if (f_getMsgSignerInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_si)) { v_chain := v_si.signerInfo.certificates; for (v_counter := lengthof(v_chain) - 1; v_counter > 0; v_counter := v_counter - 1 ) { if (not f_getCertificateSignerInfo(v_chain[v_counter], v_si)) { log("*** " & testcasename() & ": FAIL: Certificate "&int2str(v_counter) & " doesn't have a signer info ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_si.type_ != e_certificate_digest_with_sha256) { log("*** " & testcasename() & ": FAIL: Certificate is not signed with digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that cert is signed by issuing cert v_digest := f_calculateDigestFromCertificate(v_chain[v_counter - 1]); if (not match (v_si.signerInfo.digest, v_digest)) { log("*** " & testcasename() & ": FAIL: Certificate chain is not valid ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Check that the signature is valid if (false == f_verifyCertificateSignatureWithIssuingCertificate(v_chain[v_counter], v_chain[v_counter - 1])) { log("*** " & testcasename() & ": FAIL: AT certificate signature error ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement log("*** " & testcasename() & ": PASS: All certificates in the chain signed by it's issuing certs ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: The message signer info is unknown ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); } } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_11_02_BV /** * @desc Check that the assurance level of the subordinate certificate is equal to or less than the assurance level of the issuing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     the IUT being requested to include certificate chain in the next CAM
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is requested to send a CAM
             *     then
             *       the IUT sends a SecuredMessage
             *         containing header_fields['signer_info'].signer
             *           containing type
             *             indicating 'certificate_chain'
             *           containing certificates
             *             indicating length N > 1
             *             and containing certificates[n](0..N)
             *               containing subject_attributes ['assurance_level']
             *                 containing assurance_level
             *                   containing bits [5-7]
             *                     indicating assurance level CERT_AL
             *               and containing signer_info
             *                 containing digest
             *                   referencing the certificate
             *                     containing subject_attributes ['assurance_level']
             *                       containing assurance_level
             *                         containing bits [5-7]
             *                           indicating value <= CERT_AL
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_12_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_12_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert, v_at_cert; var SubjectAttribute v_sa; var SubjectAssurance v_aa_assurance_level, v_at_assurance_level; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; v_at_cert := v_chain[lengthof(v_chain) - 1]; if (not f_getCertificateSubjectAttribute(v_aa_cert, e_assurance_level, v_sa)) { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_aa_assurance_level := v_sa.attribute.assurance_level; if (not f_getCertificateSubjectAttribute(v_at_cert, e_assurance_level, v_sa)) { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_at_assurance_level := v_sa.attribute.assurance_level; if (bit2int(v_aa_assurance_level.levels) < bit2int(v_at_assurance_level.levels)) { log("*** " & testcasename() & ": FAIL: The assurence levels mismatch ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: The assurence levels match ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_12_01_BV /** * @desc Sending behaviour test cases for AA certificate profil * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7.7 AA certificate profile */ group AA_Certificates { /** * @desc Check that the subject_type of the AA certificate is set to authorization_authority *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate_chain'
                 *           and containing certificates
                 *             containing certificates[last-1]
                 *               containing subject_info.subject_type
                 *                 indicating 'authorization_authority'
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AA_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.4 */ testcase TC_SEC_ITSS_SND_CERT_AA_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } if (not match(v_chain[lengthof(v_chain) - 2], mw_aa_certificate)) { log("*** " & testcasename() & ": FAIL: AA certificate not found in the chain[last-1] ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AA certificate was found in the chain ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AA_01_01_BV /** * @desc Check that the AA certificsate subject_name variable-length vector contains 32 bytes maximum *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate_chain'
                 *           and containing certificates
                 *             containing certificates[last-1]
                 *               containing subject_info.subject_name
                 *                 indicating length <= 32 bytes
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AA_02_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 6.2 */ testcase TC_SEC_ITSS_SND_CERT_AA_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } // Verified automatically on decoding if (lengthof(v_chain[lengthof(v_chain) - 2].subject_info.subject_name) > 32 ) { log("*** " & testcasename() & ": FAIL: Subject name of the AA certificate is too long ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Subject name of the AA certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AA_02_01_BV /** * @desc Check that signer_info type of AA certificates is set to 'certificate_digest_with_sha256' *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate_chain'
                 *           and containing certificates
                 *             containing certificates[last-1]
                 *               containing signer_info
                 *                 containing type
                 *                   indicating 'certificate_digest_with_sha256'
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AA_03_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.4 */ testcase TC_SEC_ITSS_SND_CERT_AA_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; if (not match(v_aa_cert, mw_aa_certificate(mw_signerInfo_digest))) { log("*** " & testcasename() & ": FAIL: AA certificate not signed by digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AA certificate is signed by digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AA_03_01_BV /** * @desc Check that AA certificate is signed by Root CA or other authority * NOTE: there is no clear specification that AA cert shall be signed by the Root CA only *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate_chain'
                 *           and containing certificates
                 *             containing certificates[last-1]
                 *               containing signer_info
                 *                 containing type
                 *                   indicating 'certificate_digest_with_ecdsap256'
                 *                 and containing digest
                 *                   referencing to the trusted certificate
                 *                     containing subject_info.subject_type
                 *                       indicating 'root_ca'
                 *                       or indicating 'authorisation_authority'
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AA_04_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 6.3 */ testcase TC_SEC_ITSS_SND_CERT_AA_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert, v_ca_cert; var SignerInfo v_si; var HashedId8 v_ca_digest; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; v_aa_cert := v_chain[lengthof(v_chain) - 2]; // Process signerInfo field if ( true != f_getCertificateSignerInfo(v_aa_cert, v_si)) { log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo fields ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_si.type_ == e_certificate_digest_with_sha256) { log("*** " & testcasename() & ": FAIL: AA certificate must contain SignerInfo field containing a certificate_digest_with_ecdsap256 ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } f_readCertificate(cc_taCert_CA, v_ca_cert); v_ca_digest := f_calculateDigestFromCertificate(v_ca_cert); if (not match(v_aa_cert, mw_aa_certificate(mw_signerInfo_digest(v_ca_digest)))) { log("*** " & testcasename() & ": FAIL: AA certificate signer info doesn't reference the CA certificate from the chain ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (not f_verifyCertificateSignatureWithIssuingCertificate(v_aa_cert, v_ca_cert)) { log("*** " & testcasename() & ": FAIL: AT certificate signature verification failed ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AA certificate was signed by the CA certificate from the given chain ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AA_04_01_BV /** * @desc Check that all necessary subject attributes are present and arranged in ascending order *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate_chain'
                 *           and containing certificates
                 *             containing certificates[last-1]
                 *               containing subject_attributes [0..N]
                 *                 indicating subject_attributes[n].type
                 *                     < subject_attributes[n+1].type
                 *                 and containing subject_attributes['verification_key']
                 *                 and containing subject_attributes['assurance_level']
                 *                 and containing subject_attributes['its_aid_list']
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AA_05_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 6.1, 7.4.1 and 7.4.4 */ testcase TC_SEC_ITSS_SND_CERT_AA_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var SubjectAttributes v_attrs; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } if (not match(v_chain[lengthof(v_chain) - 2], mw_aa_certificate(?, superset(mw_subject_attribute_verification_key, mw_subject_attribute_assurance_level, mw_subject_attribute_its_aid_list))) ) { log("*** " & testcasename() & ": FAIL: Required subject attribute of AA certificate is not found ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_attrs := v_chain[lengthof(v_chain) - 2].subject_attributes; for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) { if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) { log("*** " & testcasename() & ": FAIL: AA certificate subject attributes are not arranged in accening order ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } log("*** " & testcasename() & ": PASS: All required AA certificate subject attributes are presents ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AA_05_01_BV /** * @desc Check that all AIDs containing in the its_aid_list in AA certificate are unique * Check that AID list contains not more than 31 items *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate_chain'
                 *           and containing certificates
                 *             containing certificates[last-1]
                 *               containing subject_attributes['its_aid_list']
                 *                 containing its_aid_list
                 *                   containing not more than 31 unique items
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AA_08_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 7.4.4 */ testcase TC_SEC_ITSS_SND_CERT_AA_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert; var SubjectAttribute v_sa; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; if (f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) { if (lengthof(v_sa.attribute.its_aid_list) > 31) { log("*** " & testcasename() & ": FAIL: ITS-AID list contains " & int2str(lengthof(v_sa.attribute.its_aid_list)) & " items (>31) ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (var integer v_counter :=0; v_counter < lengthof(v_sa.attribute.its_aid_list); v_counter := v_counter + 1) { for (var integer j :=0; j < lengthof(v_sa.attribute.its_aid_list); j := j + 1) { if (v_counter != j and v_sa.attribute.its_aid_list[v_counter] == v_sa.attribute.its_aid_list[j]) { log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_sa.attribute.its_aid_list[j]) & " is duplicated in AA certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } // End of 'for' statement } else { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AA_08_01_BV /** * @desc Check that all mandatory validity restrictions are present and arranged in ascending order *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate_chain'
                 *           and containing certificates
                 *             containing certificates[last-1]
                 *               containing validity_restrictions[0..N]
                 *                 indicating validity_restrictions[n].type
                 *                     < validity_restrictions[n+1].type
                 *                 and containing validity_restrictions['time_start_and_end']
                 *                 and not containing validity_restrictions['time_end']
                 *                 and not containing validity_restrictions['time_start_and_duration']
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AA_10_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 6.1, 6.7 and 7.4.1 */ testcase TC_SEC_ITSS_SND_CERT_AA_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var CertificateChain v_chain; var Certificate v_cert; var integer v_previousValidityRestrictionType; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; // Test Body // Process certificate[last - 1] v_cert := v_chain[lengthof(v_chain) - 2]; if (match( v_cert.validity_restrictions, superset( mw_validity_restriction_time_end, mw_validity_restriction_time_start_and_duration ) )) { log("*** " & testcasename() & ": FAIL: certificate[last-2] must not contain time_end and time_start_and_duration restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } for (var integer v_counter := 1; v_counter < lengthof(v_cert.validity_restrictions); v_counter := v_counter + 1) { // Check forbidden header if (v_cert.validity_restrictions[v_counter].type_ != e_time_start_and_end) { // FIXME To be reviewed log("*** " & testcasename() & ": FAIL: Forbidden header present"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_counter > 1 ) { // Check that headers are ordered if (enum2int(v_cert.validity_restrictions[v_counter].type_) <= v_previousValidityRestrictionType) { // Check that header is duplicated if (enum2int(v_cert.validity_restrictions[v_counter].type_) == v_previousValidityRestrictionType) { log("*** " & testcasename() & ": FAIL: multiple instances of same header"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": FAIL: headers not in correct order"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } } v_previousValidityRestrictionType := enum2int(v_cert.validity_restrictions[v_counter].type_); } // End of 'for' statement log("*** " & testcasename() & ": PASS: Time validity restriction of the certificate[last-2] is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AA_10_01_BV /** * @desc Check that time_start_and_end is included in the AA certificate validation restrictions; * Check that end_validity is greater than start_validity; * Check that validity restriction of AA certificate is inside the validity restriction of its issuing certificate *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate_chain'
                 *           containing certificates
                 *             containing certificates[last-1]
                 *               containing validity_restrictions
                 *                 containing validity_restrictions['time_start_and_end']
                 *                   containing start_validity
                 *                     indicating START_VALIDITY_AA
                 *                   containing end_validity
                 *                     indicating END_VALIDITY_AA >=START_VALIDITY_AA
                 *               and containing signer_info
                 *                 containing digest
                 *                   referencing the trusted certificate
                 *                     containing validity_restrictions['time_end']
                 *                       containing end_validity
                 *                         indicating value > END_VALIDITY_AA
                 *                     or containing validity_restrictions['time_start_and_end']
                 *                       containing start_validity
                 *                         indicating value <= START_VALIDITY_AA
                 *                       and containing end_validity
                 *                         indicating value > END_VALIDITY_AA
                 *                     or containing validity_restrictions['time_start_and_duration']
                 *                       containing start_validity
                 *                         indicating X_START_VALIDITY <= START_VALIDITY_AA
                 *                       and containing duration
                 *                         indicating value > END_VALIDITY_AA - X_START_VALIDITY
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AA_11_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 7.4.4 */ testcase TC_SEC_ITSS_SND_CERT_AA_11_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert; var ValidityRestriction v_vr; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; if (match (v_aa_cert.validity_restrictions, superset(mw_validity_restriction_time_end, mw_validity_restriction_time_start_and_duration)) ) { log("*** " & testcasename() & ": FAIL: AA certificate must not contain time_end and time_start_and_duration restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( true != f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_vr)) { log("*** " & testcasename() & ": FAIL: AA certificate must contain time_start_and_end restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) { log("*** " & testcasename() & ": FAIL: start validity mus not be greater then end validity in the validity restrictions of AA certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Time validity restriction of the AA certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AA_11_01_BV } // End of group AA_Certificates /** * @desc Sending behaviour test cases for AT certificate profil * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.7.8 AT certificate profile */ group AT_Certificates { /** * @desc Check that the subject_type of the AT certificate is set to 'authorization_ticket' *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate'
                 *           and containing certificate
                 *             containing subject_info.subject_type
                 *               indicating 'authorization_ticket'
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AT_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_SND_CERT_AT_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_at_cert; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (not match(v_at_cert, mw_at_certificate)) { log("*** " & testcasename() & ": FAIL: Message wasn't signed by AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AT certificate has the 'authorization_ticket' subject_type ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AT_01_01_BV /** * @desc Check that the subject_name variable-length vector is empty for AT certificates *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate'
                 *           and containing certificate
                 *             containing subject_info.subject_name
                 *               indicating length = 0
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AT_02_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_SND_CERT_AT_02_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_at_cert; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (0 != lengthof(v_at_cert.subject_info.subject_name)) { log("*** " & testcasename() & ": FAIL: Subject name of the AT certificate is not empty ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Subject name of the AT certificate is empty ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AT_02_01_BV /** * @desc Check that signer_info type of AT certificates is set to 'certificate_digest_with_sha256' *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate'
                 *           and containing certificate
                 *             containing signer_info.
                 *               containing type
                 *                 indicating 'certificate_digest_with_sha256'
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AT_03_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 7.4.2 */ testcase TC_SEC_ITSS_SND_CERT_AT_03_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_at_cert; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if ( not match(v_at_cert, mw_certificate(mw_signerInfo_digest)) ) { log("*** " & testcasename() & ": FAIL: AT certificate doesn't contain a digest of issuing cert ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: The signer info of AT certificate is a digest ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AT_03_01_BV /** * @desc Check that subject attributes are present and arranged in ascending order *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate'
                 *           containing certificate
                 *             containing subject_attributes [0..N]
                 *               indicating subject_attributes[n].type
                 *                     < subject_attributes[n+1].type
                 *               containing subject_attributes['verification_key']
                 *               containing subject_attributes['assurance_level']
                 *               containing subject_attributes['its_aid_ssp_list']
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AT_04_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 7.4.1 and 7.4.2 */ testcase TC_SEC_ITSS_SND_CERT_AT_04_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_at_cert; var SubjectAttributes v_attrs; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (not match( v_at_cert, mw_at_certificate( ?, superset( mw_subject_attribute_verification_key, mw_subject_attribute_assurance_level, mw_subject_attribute_its_aid_ssp_list )))) { log("*** " & testcasename() & ": FAIL: Required subject attribute of AT certificate is not found ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_attrs := v_at_cert.subject_attributes; for (var integer v_counter := 1; v_counter < lengthof(v_attrs); v_counter := v_counter + 1 ) { if (v_attrs[v_counter].type_ <= v_attrs[v_counter-1].type_) { log("*** " & testcasename() & ": FAIL: AT certificate subject attributes are not arranged in ascending order ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement log("*** " & testcasename() & ": PASS: All required AT certificate subject attributes are presents and arranged in ascending order ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AT_04_01_BV /** * @desc Check that time_start_and_end is included in the AT certificate validation restrictions; * Check that time_start_and_end is inside the AA certificate time restrictions * Check that validity restriction of AT certificate is inside the validity restriction of its issuing certificate *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating certificate_chain
                 *           containing certificates[last]
                 *             containing subject_info.subject_type
                 *               indicating 'authorization_ticket'
                 *              not containing validity_restrictions['time_end']
                 *                and not containing validity_restrictions['time_start_and_duration']
                 *             and containing validity_restrictions['time_start_and_end']
                 *               containing start_validity
                 *                 indicating START_VALIDITY_AT
                 *               containing end_validity
                 *                 indicating END_VALIDITY_AT
                 *           containing certificates[last-1]
                 *             containing validity_restrictions['time_end']
                 *               containing end_validity
                 *                 indicating value > END_VALIDITY_AT
                 *             or containing validity_restrictions['time_start_and_end']
                 *               containing start_validity
                 *                 indicating value <= START_VALIDITY_AT
                 *               and containing end_validity
                 *                 indicating value > END_VALIDITY_AT
                 *             or containing validity_restrictions['time_start_and_duration']
                 *               containing start_validity
                 *                 indicating X_START_VALIDITY <= START_VALIDITY_AT
                 *               and containing duration
                 *                 indicating value > END_VALIDITY_AT - X_START_VALIDITY
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AT_05_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_SND_CERT_AT_05_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert, v_at_cert; var ValidityRestriction v_vr, v_aa_vr; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; v_at_cert := v_chain[lengthof(v_chain) - 1]; if (match ( v_at_cert.validity_restrictions, superset( mw_validity_restriction_time_end, mw_validity_restriction_time_start_and_duration ) )) { log("*** " & testcasename() & ": FAIL: AT certificate must not contain time_end and time_start_and_duration restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if ( true != f_getCertificateValidityRestriction(v_at_cert, e_time_start_and_end, v_vr)) { log("*** " & testcasename() & ": FAIL: AT certificate must contain time_start_and_end restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (v_vr.validity.time_start_and_end.start_validity > v_vr.validity.time_start_and_end.end_validity ) { log("*** " & testcasename() & ": FAIL: start validity must not be greater then end validity in the validity restrictions of AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (true == f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_end, v_aa_vr)) { if ( (v_vr.validity.time_start_and_end.start_validity < v_aa_vr.validity.time_start_and_end.start_validity) or (v_vr.validity.time_start_and_end.end_validity > v_aa_vr.validity.time_start_and_end.end_validity) ) { log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else if (true == f_getCertificateValidityRestriction(v_aa_cert, e_time_end, v_aa_vr)) { if (v_vr.validity.time_start_and_end.end_validity > v_aa_vr.validity.end_validity) { log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else if (true == f_getCertificateValidityRestriction(v_aa_cert, e_time_start_and_duration, v_aa_vr)) { var Time64 v_end := v_aa_vr.validity.time_start_and_duration.start_validity + f_duration2time(v_aa_vr.validity.time_start_and_duration.duration_); if ( (v_vr.validity.time_start_and_end.start_validity < v_aa_vr.validity.time_start_and_duration.start_validity) or (v_vr.validity.time_start_and_end.end_validity > v_end) ) { log("*** " & testcasename() & ": FAIL: AT certificate time validity restriction must be inside the AA certificate time validity restriction ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } else { log("*** " & testcasename() & ": FAIL: Wrong AA certificate time restrictions ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: Time validity restriction of the AT certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AT_05_01_BV /** * @desc Check that all AIDs containing in the its_aid_ssp_list in AT certificate are unique; * Check that all AIDs containing in the its_aid_ssp_list in AT certificate are also containing in the its_aid_list in the correspondent AA certificate; * Check that the length of SSP of each AID is 31 octets maximum *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating certificate_chain
                 *           containing certificates[last-1]
                 *             containing subject_info.subject_type
                 *               indicating 'authorization_authority'
                 *             and containing subject_attributes['its_aid_list']
                 *               containing its_aid_list[0..N]
                 *                 indicating ITS_AID_LIST_AA
                 *           and containing certificates[last]
                 *             containing subject_info.subject_type
                 *               indicating 'authorization_ticket'
                 *             and containing subject_attributes['its_aid_ssp_list']
                 *               containing its_aid_ssp_list[0..N]
                 *                 containing its_aid_ssp_list[n]
                 *                   containing its_aid
                 *                     indicating unique value containing in the  ITS_AID_LIST_AA
                 *                   and containing service_specific_permissions
                 *                     indicating length <= 31 octet
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AT_07_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 6.9 and 7.4.2 */ testcase TC_SEC_ITSS_SND_CERT_AT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert, v_at_cert; var SubjectAttribute v_sa; var IntXs v_aid_list; var ItsAidSsps v_aid_ssp_list; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_aa_cert := v_chain[lengthof(v_chain) - 2]; v_at_cert := v_chain[lengthof(v_chain) - 1]; if (not f_getCertificateSubjectAttribute(v_aa_cert, e_its_aid_list, v_sa)) { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_aid_list := v_sa.attribute.its_aid_list; if (not f_getCertificateSubjectAttribute(v_at_cert, e_its_aid_ssp_list, v_sa)) { log("*** " & testcasename() & ": FAIL: AA certificate does not contain its_aid_list subject attribute ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_aid_ssp_list := v_sa.attribute.its_aid_ssp_list; for (var integer v_counter :=0; v_counter < lengthof(v_aid_ssp_list); v_counter := v_counter + 1) { // Check unique for (var integer j :=0; j < lengthof(v_aid_ssp_list); j := j + 1) { if (v_counter != j and v_aid_ssp_list[v_counter].its_aid == v_aid_ssp_list[j].its_aid) { log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is duplicated in AT certificate ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement // if (not match(v_aid_ssp_list[v_counter], (all from v_aid_list))) { // log("*** " & testcasename() & ": FAIL: ITS-AID " & int2str(v_aid_ssp_list[v_counter].its_aid) & " is not exist in AA certificate ***"); // f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); // } } // End of 'for' statement log("*** " & testcasename() & ": PASS: The ITS_AID_SSP list of the AT certificate is good ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AT_07_01_BV /** * @desc Check that AT certificate is signed by AA cert *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate chain in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating certificate_chain
                 *           containing certificates[last-1] (CERT_AA)
                 *             containing subject_info.subject_type
                 *               indicating 'authorization_authority'
                 *             and containing subject_attributes['verification key'] (KEY)
                 *           containing certificates[last]
                 *             containing subject_info.subject_type
                 *               indicating 'authorization_ticket'
                 *             and containing signer_info
                 *               containing type
                 *                 indicating 'certificate_digest_with_ecdsap256'
                 *               and containing digest
                 *                 referencing to CERT_AA
                 *             and containing signature
                 *               verifiable using KEY
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AT_08_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_SND_CERT_AT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var CertificateChain v_chain; var Certificate v_aa_cert, v_at_cert; var HashedId8 v_aa_digest; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Request and waiting for the message containing certificate chain ***"); tc_ac.start; if (not f_askAndWaitForCertificateChain(v_chain, f_generateDefaultCam())) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (lengthof(v_chain) < 2) { log("*** " & testcasename() & ": FAIL: Certificate chain is too short ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error); } v_at_cert := v_chain[lengthof(v_chain) - 1]; v_aa_cert := v_chain[lengthof(v_chain) - 2]; v_aa_digest := f_calculateDigestFromCertificate(v_aa_cert); if (not match(v_at_cert, mw_at_certificate(mw_signerInfo_digest(v_aa_digest)))) { log("*** " & testcasename() & ": FAIL: AT certificate signer info doesn't reference the AA certificate from the chain ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } if (not f_verifyCertificateSignatureWithIssuingCertificate(v_at_cert, v_aa_cert)) { log("*** " & testcasename() & ": FAIL: AT certificate signature verification failed ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } log("*** " & testcasename() & ": PASS: AT certificate was signed by the AA certificate from the given chain ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AT_08_01_BV /** * @desc Check that all necessary validity restrictions are present and arranged in ascending order *
                 * Pics Selection: PICS_GN_SECURITY
                 * Config Id: CF01
                 * Initial conditions:
                 *   with
                 *     the IUT being in the 'authorized' state
                 *     the IUT being requested to include certificate in the next CAM
                 * Expected results:
                 *   ensure that
                 *     when
                 *       the IUT is requested to send a CAM
                 *     then
                 *       the IUT sends a SecuredMessage
                 *         containing header_fields['signer_info'].signer
                 *           containing type
                 *             indicating 'certificate'
                 *           containing certificate
                 *             containing validity_restrictions
                 *               indicating validity_restrictions[n].type < validity_restrictions[n+1].type
                 *               and containing validity_restrictions['time_start_and_end']
                 *               and not containing validity_restrictions['time_end']
                 *               and not containing validity_restrictions['time_start_and_duration']
                 * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_SND_CERT_AT_10_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 */ testcase TC_SEC_ITSS_SND_CERT_AT_10_01_BV() runs on ItsGeoNetworking system ItsSecSystem { var Certificate v_at_cert; var ValidityRestriction v_vr; var ValidityRestrictions v_vrs; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body log("*** " & testcasename() & ": INFO: Waiting for the message containing certificate ***"); tc_ac.start; if (not f_waitForCertificate(v_at_cert)) { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); } tc_ac.stop; if (not match( v_at_cert, mw_at_certificate( mw_signerInfo_certificate ))) { } if (true != f_getCertificateValidityRestriction(v_at_cert.signer_info.signerInfo.certificate, e_time_start_and_end, v_vr)) { log("*** " & testcasename() & ": FAIL: Required 'time_start_and_end' validity_restriction attribute of AT certificate is not found ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } v_vrs := v_at_cert.signer_info.signerInfo.certificate.validity_restrictions; for (var integer v_counter := 1; v_counter < lengthof(v_vrs); v_counter := v_counter + 1 ) { if (v_vrs[v_counter].type_ <= v_vrs[v_counter-1].type_) { log("*** " & testcasename() & ": FAIL: AT certificate subject attributes are not arranged in ascending order ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } } // End of 'for' statement log("*** " & testcasename() & ": PASS: All required AT certificate subject attributes are presents and arranged in ascending order ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_SND_CERT_AT_10_01_BV } // End of group AT_Certificates } // End of group sendCertificatesProfile } // End of group sendingBehavior /** * @desc Receiver behaviour test cases * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3 Receiver behaviour */ group receiverBehavior { /** * @desc Receiving behaviour test cases for CAM profile * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3.2 CAM Profile */ group recvCamProfile { /** * @desc Check that IUT accepts a well-formed Secured CAM containing certificate in signer_info *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_A_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_CAM'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *             containing CAM payload
             *         and containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *             containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_01_01_BV /** * @desc Check that IUT accepts a well-formed Secured CAM containing certificate digest of the known certificate in signer_info *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             *     and the IUT already received a Secured message containing certificate (CERT_TS_A_AT)
             *       containing subject_info.subject_type
             *         indicating 'authorization_ticket'
             *       and containing subject_attributes['verification key'] (KEY)
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate_digest_with_sha256'
             *             and containing digest
             *               referencing to certificate (CERT_TS_A_AT)
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_CAM'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *             containing CAM payload
             *         and containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *             containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_01_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, omit, e_certificate_digest_with_sha256); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_01_02_BV /** * @desc Check that IUT accepts a well-formed Secured CAM containing certificate chain in signer_info *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate_chain'
             *             and containing certificates
             *               containing certificates[0] (CERT_TS_A_AA)
             *                 containing subject_info.subject_type
             *                   indicating 'authorization_authority'
             *                 and containing subject_attributes['verification key'] (KEY_TS_AA)
             *               and containing certificates[1] (CERT_TS_A_AT)
             *                 containing subject_info.subject_type
             *                   indicating 'authorization_ticket'
             *                 and containing signer_info
             *                   containing type
             *                     indicating 'certificate_digest_with_sha256'
             *                   and containing digest
             *                     referencing to the CERT_TS_A_AA
             *                 and containing signature
             *                   verifiable using KEY_TS_AA
             *                 and containing subject_attributes['verification key'] (KEY_TS_AT)
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_CAM'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *             containing CAM payload
             *         and containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY_TC_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_01_03_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_01_03_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert_A, -, e_certificate_chain); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_01_03_BV /** * @desc Check that IUT discards a Secured CAM containing protocol version set to a value less than 2 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing protocol_version
             *           indicating 1
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_02_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 5.1 */ testcase TC_SEC_ITSS_RCV_CAM_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_02_01_BO /** * @desc Check that IUT discards a Secured CAM containing protocol version set to a value greater than 2 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing protocol_version
             *           indicating 3
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_02_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 5.1 */ testcase TC_SEC_ITSS_RCV_CAM_02_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION); // Change PX_WRONG_PROTOCOL_VERSION to 3 f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_02_02_BO /** * @desc Check that IUT discards a secured CAM if the header_fields contains more than header field 'signer_info' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'signer_info'
             *         and containing header_fields[2].type
             *           indicating 'generation_time'
             *         and containing header_fields[3].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_signer_info( m_signerInfo_certificate( vc_atCertificate )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_01_BO /** * @desc Check that IUT discards a secured CAM if the header_fields does not contain the header 'signer_info' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'generation_time'
             *         and containing header_fields[1].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); if (PICS_DEBUG_ADDON) { f_sendCertificateAndWaitForCertificateChainRequest(cc_taCert_F, f_generateDefaultCam()); } f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_02_BO /** * @desc Check that IUT is able to receive a secured CAM where the header fields 'signer_info' is not encoded first *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             *     and the IUT is sending CAMs
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'generation_time'
             *         and containing header_fields[1].type
             *           indicating 'its_aid'
             *         and containing header_fields[2].type
             *           indicating 'signer_info'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM, m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_03_BO /** * @desc Check that IUT discards a secured CAM if the header_fields contains more than one header field 'generation_time' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'generation_time'
             *         and containing header_fields[3].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_04_BO /** * @desc Check that IUT discards a secured CAM if the header_fields does not contain the header field 'generation_time' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_05_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_05_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_05_BO /** * @desc Check that IUT discards a secured CAM if the header_fields contain more than one element of header field 'its_aid' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_CAM'
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_DENM'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM, m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_06_BO /** * @desc Check that IUT discards a secured CAM if the header_fields does not contain the header field 'its_aid' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_06a_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_06a_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()) // In us }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_06a_BO /** * @desc Check that IUT discards a secured CAM if the header fields are not in the ascending order according to the numbering of the enumeration. *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'its_aid'
             *         and containing header_fields[2].type
             *           indicating 'generation_time'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_07_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_07_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_its_aid_CAM, m_header_field_generation_time(1000 * f_getCurrentTime()) // In us }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_07_BO /** * @desc Check that IUT discards the Secured CAM containing the header field 'generation_time_standard_deviation' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating GEN_TIME inside the validity period of the signer certificate
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'generation_time_with_standard_deviation'
             *           and containing generation_time_with_standard_deviation
             *             indicating GEN_TIME inside the validity period of the signer certificate
             *         and containing header_fields[3].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_08_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_08_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_time_with_standard_deviation( m_time64WithStandardDeviation( 1000, // In us 0 )), m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_08_BO testcase TC_SEC_ITSS_RCV_CAM_04_09_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_time_with_standard_deviation( m_time64WithStandardDeviation( 1000 * f_getCurrentTime(), // In us 0 )), m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_09_BO /** * @desc Check that IUT discards the Secured CAM containing the header field 'expiry_time' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1]
             *           containing type
             *             indicating 'generation_time'
             *           containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'expiration'
             *           and containing expiry_time
             *             indicating CURRENT_TIME + 1h
             *         and containing header_fields[3].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_10_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_10_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time( 1000 * f_getCurrentTime() ), // In us m_header_field_expiry_time( f_getCurrentTime() - 3600/*1h*/ ), m_header_field_its_aid_CAM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_10_BO /** * @desc Check that IUT discards the Secured CAM containing the header field 'generation_location' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating certificate
             *             and containing certificate (CERT_TS_B_AT)
             *               containing validity_restrictions['region']
             *                 containing region (X_CERT_REGION)
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating position outside of the validity restriction of X_CERT_REGION
             *         and containing header_fields[3].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_11_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_11_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_B, { m_header_field_generation_time(1000 * (f_getCurrentTime())), // In us m_header_field_generation_location( m_threeDLocation( PX_WGSLONGITUDE, PX_WGSLATITUDE, int2oct(0, 2) ) ), m_header_field_its_aid_CAM }, e_certificate, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_11_BO /** * @desc Check that IUT accepts the Secured CAM containing additional non-standard HeaderField *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'its_aid'
             *         and containing header_fields[3]
             *           containing type
             *             indicating non-standard header field type (1000)
             *           and containing other_header
             *             indicating non-empty data
             *         and not containing other header fields
             *     then
             *       the IUT accepts the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_12_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_12_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_B, { m_header_field_generation_time(1000 * (f_getCurrentTime())), // In us m_header_field_generation_location( m_threeDLocation( PX_WGSLONGITUDE, PX_WGSLATITUDE, int2oct(0, 2) ) ), m_header_field_its_aid_CAM, m_header_field_unspecify }, e_certificate_digest_with_sha256, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_12_BV /** * @desc Check that IUT discards the Secured CAM containing the header field 'encryption_parameter' and 'recipient_info' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state with CERT_IUT_A_AT
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'its_aid'
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'encryption_parameters'
             *           and containing enc_params
             *             containing symm_algorithm
             *               indicating 'aes_128_ccm'
             *             and containing nonce
             *         and containing header_fields[4]
             *           containing type
             *             indicating 'recipient_info'
             *           and containing recipients
             *             containing recipients[0]
             *               containing cert_id
             *                 referencing to CERT_IUT_A_AT
             *               and containing pk_encryption
             *                 indicating 'ecies_nistp256'
             *               and containing enc_key
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_04_13_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_04_13_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var Certificate v_iutATCertificate; var SubjectAttribute v_encryption_key; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body if ( (f_readCertificate(cc_iutCert_A, v_iutATCertificate) == false) or (f_getCertificateSubjectAttribute(v_iutATCertificate, e_encryption_key, v_encryption_key) == false) ) { f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); // Set verdict to inconc } else { v_securedGnPdu := f_prepareSecuredCam( cc_taCert_B, { m_header_field_generation_time(1000 * (f_getCurrentTime())), // In us m_header_field_generation_location( m_threeDLocation( PX_WGSLONGITUDE, PX_WGSLATITUDE, int2oct(0, 2) ) ), m_header_field_its_aid_CAM, // containing header_fields[2].type // indicating 'its_aid' m_header_field_enc_params( // containing header_fields[3].type.enc_params m_encryptionParameters_aes_128_ccm( // indicating 'aes_128_ccm' PX_ENCRYPTIONPARAMETERS_AES_128_CCM_NONCE // and containing nonce ) ), m_header_field_multiple_recipients( // containing header_fields[4].type { // indicating 'encryption_parameters' m_recipientInfo_ecies_enc_key( v_iutATCertificate.signer_info.signerInfo.digest, e_ecies_nistp256, // containing symm_algorithm // indicating 'aes_128_ccm' m_eciesEncryptedKey_aesccm( v_encryption_key.attribute.rv, '00000000000000000000000000000000'O, // FIXME Where to find these values '00000000000000000000000000000000'O ) ) } ) }, e_certificate_digest_with_sha256, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_04_13_BO /** * @desc Check that IUT discards a secured CAM if the header_fields contains a signer of type 'self' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating 'self'
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_05_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_05_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); if (PICS_DEBUG_ADDON) { f_sendCertificate(cc_taCert_F, f_generateDefaultCam()); } f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_self ), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_self, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_05_01_BO /** * @desc Check that IUT discards a secured CAM if the header_fields contains a signer of type certificate_digest_with_other_algorithm *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_02)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating 'certificate_digest_with_other_algorithm'
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_05_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_05_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); if (PICS_DEBUG_ADDON) { f_sendCertificate(cc_taCert_F, f_generateDefaultCam()); } f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_other_certificates( m_certificateWithAlgo_ecdsa( PX_OTHER_CERT_DIGEST ))), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate_digest_with_other_algorithm, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_05_02_BO /** * @desc Check that IUT discards a secured CAM if the header_fields contains a signer of type certificate_chain and the chain is empty *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_03)
             *         containing header_fields['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate_chain'
             *             and containing certificates
             *               indicating length = 0
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_05_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_05_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); if (PICS_DEBUG_ADDON) { f_sendCertificate(cc_taCert_F, f_generateDefaultCam()); } f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_certificates( { } )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate_chain, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_05_03_BO /** * @desc Check that IUT discards a secured CAM if the header_fields contains a signer of type certificate_chain and the chain contains only one certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_03))
             *         containing header_fields['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate_chain'
             *             and containing certificates
             *               indicating length = 1
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_05_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_05_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_certificates( { vc_atCertificate } )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate_chain, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_05_04_BO /** * @desc Check that IUT discards a secured CAM if the header_fields contains a signer info of unknown or reserved type *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_02)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating X_UNKNOWN_SIGNERINFO_TYPE
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_05_05_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_05_05_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_unknown( 'CAFFEEDECA'O )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_unknown, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_05_05_BO /** * @desc Check that IUT discards message containing generation_time before the certificate validity period *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_06_01_BO_AT)
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AT
             *               and containing end_validity
             *                 indicating END_VALIDITY_AT
             *         and containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME < START_VALIDITY_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_06_01_BO * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_06_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var ValidityRestriction v_timeValidity; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_timeValidity); v_securedGnPdu := f_prepareSecuredCam( cc_taCert0601_BO, { m_header_field_generation_time( (v_timeValidity.validity.time_start_and_end.start_validity - 3600) * 1000 ) // In us }, e_certificate ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_06_01_BO /** * @desc Check that IUT discards message containing generation_time after the certificate validity period *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_06_02_BO_AT)
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AT
             *               and containing end_validity
             *                 indicating END_VALIDITY_AT
             *         and containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME > END_VALIDITY_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_06_02_BO * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_06_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var ValidityRestriction v_timeValidity; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_timeValidity); v_securedGnPdu := f_prepareSecuredCam( cc_taCert0602_BO, { m_header_field_generation_time( (v_timeValidity.validity.time_start_and_end.end_validity + 3600) * 1000 ) // In us }, e_certificate ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_06_02_BO /** * @desc Check that IUT discards Secured CAM if the generation_time is more than 5 minute in the past (C2C only) *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME ( CURRENT_TIME - 302sec )
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_06_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_06_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_generation_time( (1000 * f_getCurrentTime() - 302) * 1000 ) // In us }, e_certificate_digest_with_sha256 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_06_03_BO /** * @desc Check that IUT discards Secured CAM if the generation_time is more than 5 minute in the future(C2C only) *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage  (MSG_SEC_RCV_CAM_01)
             *         containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME ( CURRENT_TIME + 302sec )
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_06_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_06_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_generation_time( (1000 * f_getCurrentTime() + 302) * 1000 ) // In us }, e_certificate_digest_with_sha256 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_06_04_BO /** * @desc Check that IUT discards secured CAM when its_aid value is defined but not the AID_CAM *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['its_aid']
             *           indicating 'AID_DENM'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             containing CAM payload
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_07_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_07_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_07_01_BO /** * @desc Check that IUT discards secured CAM when its_aid value is undefined *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['its_aid']
             *           indicating 'AID_UNDEFINED'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             containing CAM payload
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_07_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_07_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, { m_header_field_its_aid_Other }, e_certificate_digest_with_sha256 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_07_02_BO /** * @desc Check that IUT discards the Secured CAM containing empty payload of type 'signed' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_09_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_camReq( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition )))))); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_signed( ''O ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_02_BO /** * @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'unsecured' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing payload_field
             *           containing type
             *             indicating 'unsecured'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_09_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_camReq( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition )))))); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_unsecured( v_gnPayload ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_03_BO /** * @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'encrypted' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing payload_field
             *           containing type
             *             indicating 'encrypted'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_09_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_camReq( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition )))))); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_encrypted( v_gnPayload ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_04_BO /** * @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'signed_external' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing payload_field
             *           containing type
             *             indicating 'signed_external'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_09_05_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_05_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_camReq( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition )))))); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_signed_external( v_gnPayload ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_05_BO /** * @desc Check that IUT discards the Secured CAM containing non-empty payload of type 'signed_and_encrypted' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing payload_field
             *           containing type
             *             indicating 'signed_and_encrypted'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_09_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_camReq( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition )))))); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_signed_and_encrypted( v_gnPayload ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_06_BO /** * @desc Check that IUT discards the Secured CAM containing non-empty payload of unknown type *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing payload_field
             *           containing type
             *             indicating X_UNKNOWN_PAYLOAD_TYPE
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_09_07_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_09_07_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof(m_geoNwShbPacket(f_getPosition(c_compNodeC))); v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_camReq( m_camMsg_vehicle_HF_BV( f_getTsStationId(), f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime LibItsCam_Templates.m_tsPosition )))))); v_gnPayload := bit2oct(encvalue(v_gnNonSecuredPacket)); f_buildGnSecuredCam( v_securedMessage, m_payload_unknown( v_gnPayload ) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_09_07_BO /** * @desc Check that IUT discards the Secured CAM if the message does not contain the trailer field of type 'signature' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing trailer_fields
             *           not containing any instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_10_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_10_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam_Bo(cc_taCert_A, -, 0); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if(i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_10_01_BO /** * @desc Check that IUT discards the Secured CAM containing more than one instance of TrailerField of type 'signature' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing trailer_fields[0]
             *           containing type
             *             indicating 'signature'
             *         and containing trailer_fields[1]
             *           containing type
             *             indicating 'signature'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_10_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_10_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam_Bo(cc_taCert_A, -, 2); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if(i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_10_02_BO /** * @desc Check that the IUT discards Secured message containing signature that is not verified using the verification key from the certificate contained in the message's signer info *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields ['signer_info'].signer
             *           containing certificate
             *             containing subject_attributes['verification key']
             *               containing key (KEY)
             *         and containing trailer_fields[0]
             *           containing type
             *             indicating 'signature'
             *           and containing signature
             *             NOT verifiable using KEY
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_11_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_11_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam_Bo( cc_taCert_A, -, 1, -, e_certificate ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if(i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_11_01_BO /** * @desc Check that the IUT discards Secured message containing signature that is not verified using the verification key from the certificate, referenced by the digest contained in the message's signer info *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_02)
             *         containing header_fields ['signer_info'].signer
             *           containing digest
             *             referencing to the certificate (CERT_TS_A_AT)
             *               containing subject_attributes['verification key']
             *                 containing key (KEY)
             *         and containing trailer_fields[0]
             *           containing type
             *             indicating 'signature'
             *           and containing signature
             *             NOT verifiable using KEY
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_11_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_11_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_A, omit, e_certificate_digest_with_sha256 ); v_securedGnPdu.gnPacket.securedMsg.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s := not4b(v_securedGnPdu.gnPacket.securedMsg.trailer_fields[0].trailerField.signature_.signature_.ecdsa_signature.s); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if(i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_11_02_BO /** * @desc Check that IUT discards the Secured CAM if the message contains trailer field of type 'signature' with reserved public key algorythms *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing trailer_fields
             *           containing an instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature.algorithm
             *               indicating X_RESERVED_PK_ALGORYTHM
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_11_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_11_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam_Bo( cc_taCert_A, -, 3 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if(i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_11_03_BO /** * @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type 'enrolment_credential' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_A_EC)
             *               containing subject_info.subject_type
             *                 indicating 'enrolment_credentials'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_12_01_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.3 */ testcase TC_SEC_ITSS_RCV_CAM_12_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_EC, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_12_01_BO /** * @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type 'authorization_authority' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_A_AA)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_authority'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_12_02_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.3 */ testcase TC_SEC_ITSS_RCV_CAM_12_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_AA, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_12_02_BO /** * @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type 'enrolment_authority' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_A_EA)
             *               containing subject_info.subject_type
             *                 indicating 'enrolment_authority'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_12_03_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.3 */ testcase TC_SEC_ITSS_RCV_CAM_12_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_EA, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_12_03_BO /** * @desc Check that IUT discards a Secured CAM if the signer certificate of the message contains the subject type 'root_ca' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_ROOT)
             *               containing subject_info.subject_type
             *                 indicating 'root_ca'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_12_04_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.3 */ testcase TC_SEC_ITSS_RCV_CAM_12_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam( cc_taCert_CA, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_CAM }, e_certificate, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_12_04_BO /** * @desc Check that IUT discards secured CAM signed with the not yet valid certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is before the time validity period of CERT_TS_MSG_13_01_BO_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_01_BO_AT)
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AT > CURRENT_TIME
             *               and containing end_validity
             *                 indicating END_VALIDITY_AT > START_VALIDITY_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_13_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_13_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1301_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_13_01_BO /** * @desc Check that IUT discards secured CAM signed with the expired certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is before the time validity period of CERT_TS_MSG_13_02_BO_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_02_BO_AT)
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AT < CURRENT_TIME
             *               and containing end_validity
             *                 indicating END_VALIDITY_AT < CURRENT_TIME
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_13_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_13_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1302_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_13_02_BO /** * @desc Check that IUT discards secured CAM when IUT location is outside the circular validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_03_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_03_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'circle'
             *                 and containing circular_region
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_13_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_13_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1303_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_13_03_BO /** * @desc Check that IUT discards secured CAM when IUT location is outside the rectangular validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_04_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_04_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'rectangle'
             *                 and containing rectangular_regions
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_13_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_13_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1304_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_13_04_BO /** * @desc Check that IUT discards secured CAM when IUT location is outside the polygonal validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_05_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_05_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'polygon'
             *                 and containing polygonal_region
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_13_05_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_13_05_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1305_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_13_05_BO /** * @desc Check that IUT discards secured CAM when IUT location is outside the identified validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_06_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_CAM_01)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_06_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'id'
             *                 and containing id_region
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CAM_13_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.1 */ testcase TC_SEC_ITSS_RCV_CAM_13_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCertMsg1306_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CAM_13_06_BO } // End of group recvCamProfile /** * @desc Receiving behaviour test cases for DENM profile * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3.3 DENM Profile */ group recvDenmProfile { /** * @desc Check that IUT accepts a well-formed Secured DENM signed with the certificate without region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_A_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key']
             *                 containing key (KEY)
             *               and not containing validity_restrictions['region']
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_DENM'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *             and containing DENM payload
             *         and containing trailer_fields
             *           containing single instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert_A, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_01_BV /** * @desc Check that IUT accepts a well-formed Secured DENM signed with the certificate with a circular region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_B_AT
             *     and the IUT current location is inside the region validity period of CERT_TS_B_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_B_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *               and containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     indicating REGION
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating position inside the REGION
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_DENM'
             *         and not containing any other header_fields
             *         and containing payload_fields
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *             and containing DENM payload
             *         and containing trailer_fields
             *           containing single instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_01_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert_B, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_02_BV /** * @desc Check that IUT accepts a well-formed Secured DENM signed with the certificate with a rectangular region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_C_AT
             *     and the IUT current location is inside the region validity period of CERT_TS_C_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_C_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *               and containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'rectangle'
             *                   and containing rectangular_regions
             *                     indicating REGIONS
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating position inside the REGION
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_DENM'
             *         and not containing any other header_fields
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *             and containing DENM payload
             *         and containing trailer_fields
             *           containing single instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_01_03_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_03_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert_C, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_03_BV /** * @desc Check that IUT accepts a well-formed Secured DENM signed with the certificate with a polygonal region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_D_AT
             *     and the IUT current location is inside the region validity period of CERT_TS_D_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_D_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *               and containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     indicating REGION
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating position inside the REGION
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_DENM'
             *         and not containing any other header_fields
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *             and containing DENM payload
             *         and containing trailer_fields
             *           containing single instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_01_04_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_04_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert_D, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_04_BV /** * @desc Check that IUT accepts a well-formed Secured DENM signed with the certificate with a identified region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_E_AT
             *     and the IUT current location is inside the region validity period of CERT_TS_E_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_E_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *               and containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'id_region'
             *                   and containing identified_region
             *                     indicating REGION
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating position inside the REGION
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_DENM'
             *         and not containing any other header_fields
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *             and containing DENM payload
             *         and containing trailer_fields
             *           containing single instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_01_05_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_01_05_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert_D, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_01_05_BV /** * @desc Check that IUT discards a Secured DENM containing protocol version set to a value less than 2 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing protocol_version
             *           indicating 1
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_02_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 5.1 */ testcase TC_SEC_ITSS_RCV_DENM_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_02_01_BO /** * @desc Check that IUT discards a Secured DENM containing protocol version set to a value greater than 2 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing protocol_version
             *           indicating 3
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_02_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 5.1 */ testcase TC_SEC_ITSS_RCV_DENM_02_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm_Bo(cc_taCert_A, PX_WRONG_PROTOCOL_VERSION); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_02_02_BO /** * @desc Check that IUT discards a secured DENM if the message contains more than one header field of type 'signer_info' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'signer_info'
             *         and containing header_fields[2].type
             *           indicating 'generation_time'
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *         and containing header_fields[4].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_signer_info( m_signerInfo_certificate( vc_aaCertificate )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_01_BO /** * @desc Check that IUT discards a secured DENM if the message does not contain the header field of type 'signer_info' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'generation_time'
             *         and containing header_fields[1].type
             *           indicating 'generation_location'
             *         and containing header_fields[2].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_02_BO /** * @desc Check that IUT discards the Secured DENM if the signer_info header field is not encoded first. *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'generation_time'
             *         and containing header_fields[1].type
             *           indicating 'generation_location'
             *         and containing header_fields[2].type
             *           indicating 'its_aid'
             *         and containing header_fields[3].type
             *           indicating 'signer_info'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM, m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_03_BO /** * @desc Check that IUT discards a secured DENM if the message contains more than one header field of type 'generation_time' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'generation_time'
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *         and containing header_fields[4].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_time(1000 * f_getCurrentTime() - 1), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_04_BO /** * @desc Check that IUT discards a secured DENM if the message does not contain the header field of type 'generation_time' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         containing header_fields[1].type
             *           indicating 'generation_location'
             *         and containing header_fields[2].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_05_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_05_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_05_BO /** * @desc Check that IUT discards a secured DENM if the message contains more than one header field of type 'its_aid' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'generation_location'
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           containing its_aid
             *             indicating 'AID_DENM'
             *         and containing header_fields[4]
             *           containing type
             *             indicating 'its_aid'
             *           containing its_aid
             *             indicating 'AID_DENM'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM, m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_06_BO /** * @desc Check that IUT discards a secured DENM if the message does not contain the header field of type 'its_aid' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'generation_location'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_06a_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_06a_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_06a_BO /** * @desc Check that IUT discards a secured DENM if the message contains more than one header field of type 'generation_location' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating X_LOCATION
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating X_LOCATION
             *         and containing header_fields[4].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_07_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_07_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0100'O )) ), m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_07_BO /** * @desc Check that IUT discards a secured DENM if the message does not contain the header field of type 'generation_location' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_08_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_08_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_08_BO /** * @desc Check that IUT discards a Secured DENM if the header fields are not in the ascending order according to the numbering of the enumeration. *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'its_aid'
             *         and containing header_fields[2].type
             *           indicating 'generation_time'
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_09_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_09_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_its_aid_DENM, m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_09_BO /** * @desc Check that IUT discards a Secured DENM containing header field of type 'generation_time_standard_deviation' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'generation_time_standard_deviation'
             *           and containing generation_time_with_standard_deviation
             *             containing time
             *               indicating CURRENT_TIME
             *             and containing log_std_dev
             *               indicating 255
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *         and containing header_fields[4].type
             *           indicating 'its_aid'
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_10_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_10_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_time_with_standard_deviation( m_time64WithStandardDeviation( 1000 * f_getCurrentTime(), 255 ) ), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_10_BO /** * @desc Check that IUT discards the Secured DENM containing the header fields of type 'expiry_time' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1]
             *           containing type
             *             indicating 'generation_time'
             *           containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'expiration'
             *           and containing expiry_time
             *             indicating CURRENT_TIME + 1 h
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *         and containing header_fields[4].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_11_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_11_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_expiry_time( 1000 * (3600 + f_getCurrentTime()) // In us ), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_11_BO testcase TC_SEC_ITSS_RCV_DENM_04_12_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM, m_header_field_unspecify }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_12_BO /** * @desc Check that IUT discards the Secured CAM containing the header field 'encryption_parameter' and 'recipient_info' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state with CERT_IUT_A_AT
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'generation_location'
             *         and containing header_fields[3].type
             *           indicating 'its_aid'
             *         and containing header_fields[4]
             *           containing type
             *             indicating 'encryption_parameters'
             *           and containing enc_params
             *             containing symm_algorithm
             *               indicating 'aes_128_ccm'
             *             and containing nonce
             *         and containing header_fields[5]
             *           containing type
             *             indicating 'recipient_info'
             *           and containing recipients
             *             containing recipients[0]
             *               containing cert_id
             *                 referencing to CERT_IUT_A_AT
             *               and containing pk_encryption
             *                 indicating 'ecies_nistp256'
             *               and containing enc_key
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_13_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_13_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var Certificate v_iutATCertificate; var SubjectAttribute v_encryption_key; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body if ( (f_readCertificate(cc_iutCert_A, v_iutATCertificate) == false) or (f_getCertificateSubjectAttribute(v_iutATCertificate, e_encryption_key, v_encryption_key) == false) ) { f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); // Set verdict to inconc } else { v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM, m_header_field_enc_params( // containing header_fields[3].type.enc_params m_encryptionParameters_aes_128_ccm( // indicating 'aes_128_ccm' PX_ENCRYPTIONPARAMETERS_AES_128_CCM_NONCE // and containing nonce ) ), m_header_field_multiple_recipients( // containing header_fields[4].type { // indicating 'encryption_parameters' m_recipientInfo_ecies_enc_key( v_iutATCertificate.signer_info.signerInfo.digest, e_ecies_nistp256, // containing symm_algorithm // indicating 'aes_128_ccm' m_eciesEncryptedKey_aesccm( v_encryption_key.attribute.rv, '00000000000000000000000000000000'O, // FIXME Where to find these values '00000000000000000000000000000000'O ) ) } ) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_13_BO /** * @desc Check that IUT discards the Secured DENM containing the header fields of type 'request_unrecognized_certificate' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state with X_IUT_AT_CERT
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1]
             *           containing type
             *             indicating 'generation_time'
             *           containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields[2]
             *           containing type
             *             indicating 'request_unrecognized_certificate'
             *           and containing digests[0]
             *             indicating the digest of X_IUT_AT_CERT
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *         and containing header_fields[4].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_04_14_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_04_14_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var Certificate v_iutATCertificate; var SignerInfo v_signerInfo; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body if ( (f_readCertificate(cc_iutCert_A, v_iutATCertificate) == false) or (f_getCertificateSignerInfo(v_iutATCertificate, v_signerInfo) == false) ) { f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); // Set verdict to inconc } else { v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_unrecognised_certificate( f_HashedId3FromHashedId8( f_calculateDigestFromCertificate( v_signerInfo.signerInfo.certificate ) ) ), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_04_14_BO /** * @desc Check that IUT discards a Secured DENM if the header_fields contains a signer of type 'self' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating 'self'
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_05_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_05_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_self ), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_self, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_05_01_BO /** * @desc Check that IUT discards a Secured DENM if the header_fields contains a signer of type 'certificate_digest_with_other_algorithm' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating 'certificate_digest_with_other_algorithm'
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_05_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_05_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_other_certificates( m_certificateWithAlgo_ecdsa( PX_OTHER_CERT_DIGEST ))), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_certificate_digest_with_other_algorithm, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_05_02_BO /** * @desc Check that IUT discards a Secured DENM if the header_fields contains a signer of type certificate_chain *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating 'certificate_chain'
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_05_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_05_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_certificates( { vc_aaCertificate, vc_atCertificate } )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_certificate_chain, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_05_03_BO /** * @desc Check that IUT discards a secured DENM if the header_fields contains a signer info of unknown or reserved type *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating X_UNKNOWN_SIGNERINFO_TYPE
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_05_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_05_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_unknown( 'CAFFEEDECA'O )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_DENM }, e_unknown, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_05_04_BO /** * @desc Check that IUT discards a Secured DENM containing generation_time before the certificate validity period *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['signer_info']
             *             containing certificate (CERT_TS_MSG_06_01_BO_AT)
             *               containing validity_restrictions['time_start_and_end']
             *                 containing start_validity
             *                   indicating START_VALIDITY_AT
             *                 and containing end_validity
             *                   indicating END_VALIDITY_AT
             *         and containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME < START_VALIDITY_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_06_01_BO * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_06_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var ValidityRestriction v_timeValidity; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_timeValidity); v_securedGnPdu := f_prepareSecuredDenm( cc_taCert0601_BO, { m_header_field_generation_time( (v_timeValidity.validity.time_start_and_end.start_validity - 3600) * 1000 ) // In us }, e_certificate ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_06_01_BO /** * @desc Check that IUT discards a Secured DENM containing generation_time after the certificate validity period *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['signer_info']
             *             containing certificate (CERT_TS_MSG_06_02_BO_AT)
             *               containing validity_restrictions['time_start_and_end']
             *                 containing start_validity
             *                   indicating START_VALIDITY_AT
             *                 and containing end_validity
             *                   indicating END_VALIDITY_AT
             *         and containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME > END_VALIDITY_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_06_02_BO * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_06_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var ValidityRestriction v_validity; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_validity); v_securedGnPdu := f_prepareSecuredDenm( cc_taCert0602_BO, { m_header_field_generation_time( (v_validity.validity.time_start_and_end.end_validity + 3600) * 1000 ) // In us }, e_certificate ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_06_02_BO /** * @desc Check that IUT discards a Secured DENM if the generation_time is more than 10 minute in the past (C2C only) *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating CURRENT_TIME - 11min
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_06_03_BO * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_06_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_generation_time( (1000 * f_getCurrentTime() - 660) * 1000 ) // In us }, e_certificate ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_06_03_BO /** * @desc Check that IUT discards a Secured DENM if the generation_time is more than 10 minute in the future(C2C only) *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating CURRENT_TIME + 11min
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_06_04_BO * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_06_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_generation_time( (1000 * f_getCurrentTime() + 660) * 1000 ) // In us }, e_certificate ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_06_04_BO /** * @desc Check that IUT discards a Secured DENM when its_aid value is not AID_DENM *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['its_aid']
             *           indicating 'AID_CAM'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             containing DENM payload
             *     then
             *       the IUT discards the DENM message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_07_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_07_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_its_aid_CAM } ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_07_01_BO /** * @desc Check that IUT discards a Secured DENM when its_aid value is undefined *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['its_aid']
             *           indicating 'AID_UNDEFINED'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             containing DENM payload
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_07_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_07_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_its_aid_Other } ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_07_02_BO /** * @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the circular validity region of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         and containing header_fields ['signer_info'].type
             *           indicating certificate
             *         and containing header_fields ['signer_info'].certificate (CERT_TS_AT_B)
             *           containing validity_restrictions ['region']
             *             containing region
             *               containing region_type
             *                 indicating 'circle'
             *               and containing circular_region
             *                 indicating REGION
             *         and containing header_fields ['generation_location']
             *           containing generation_location
             *             indicating value outside of the REGION
             *         and containing header_fields['its_aid']
             *           indicating 'AID_DENM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_08_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert_B_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_01_BO /** * @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the rectangular validity region of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields ['signer_info'].type
             *           indicating certificate
             *         and containing header_fields ['signer_info'].certificate (CERT_TS_AT_C)
             *           containing validity_restrictions ['region']
             *             containing region
             *               containing region_type
             *                 indicating 'rectangle'
             *               and containing rectangular_regions
             *                 indicating REGION
             *         and containing header_fields ['generation_location']
             *           containing generation_location
             *             indicating value outside of the REGION
             *         and containing header_fields['its_aid']
             *           indicating 'AID_DENM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_08_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert_C_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_02_BO /** * @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the polygonal validity region of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields ['signer_info'].type
             *           indicating certificate
             *         and containing header_fields ['signer_info'].certificate (CERT_TS_AT_D)
             *           containing validity_restrictions ['region']
             *             containing region
             *               containing region_type
             *                 indicating 'polygon'
             *               and containing polygonal_region
             *                 indicating REGION
             *         and containing header_fields ['generation_location']
             *           containing generation_location
             *             indicating value outside of the REGION
             *         and containing header_fields['its_aid']
             *           indicating 'AID_DENM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_08_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert_D_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_03_BO /** * @desc Check that IUT discards Secured DENM if the HeaderField generation_location is outside of the identified validity region of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields ['signer_info'].type
             *           indicating certificate
             *         and containing header_fields ['signer_info'].certificate (CERT_TS_AT_E)
             *           containing validity_restrictions ['region']
             *             containing region
             *               containing region_type
             *                 indicating 'id_region'
             *               and and containing identified_region
             *                 indicating REGION
             *         and containing header_fields ['generation_location']
             *           containing generation_location
             *             indicating value outside of the REGION
             *         and containing header_fields['its_aid']
             *           indicating 'AID_DENM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_08_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert_E_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_04_BO /** * @desc Check that IUT accepts a Secured DENM if the distance between the current position of IUT and the value of optional HeaderField generation_location is 29.9 km (C2C only) *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields ['generation_location']
             *           containing generation_location
             *             indicating position in 29.9 km from the current position of IUT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_08_05_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_05_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var Int32 v_latitude; var Int32 v_longitude; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body fx_computePositionUsingDistance( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, 29900.0, 0, v_latitude, v_longitude ); v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_generation_location( valueof(m_threeDLocation( v_latitude, v_longitude, '0000'O )) ) }, e_certificate_digest_with_sha256 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: DENM was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: DENM was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_05_BV /** * @desc Check that IUT discards Secured DENM if the distance between the current position of IUT and the value of optional HeaderField generation_location is more than 30 km *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         and containing header_fields ['generation_location']
             *           containing generation_location
             *             indicating position in 31 km from the current position of IUT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_08_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_08_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var Int32 v_latitude; var Int32 v_longitude; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body fx_computePositionUsingDistance( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, 31000.0, 0, v_latitude, v_longitude ); v_securedGnPdu := f_prepareSecuredDenm( cc_taCert_A, { m_header_field_generation_location( valueof(m_threeDLocation( v_latitude, v_longitude, '0000'O )) ) }, e_certificate_digest_with_sha256 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_08_06_BO /** * @desc Check that IUT discards the Secured DENM containing empty payload of type 'signed' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_09_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_09_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_); // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Add the DENM payload v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_denmReq( m_denmPdu( m_denm( m_denmMgmtCon( m_tsActionId ), v_situation, m_denmLocation_zeroDelta ))))))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredDenm( v_securedMessage, m_payload_signed( ''O ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_09_02_BO /** * @desc Check that IUT discards the Secured DENM containing payload of type 'unsecured' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing payload_field
             *           containing type
             *             indicating 'unsecured'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_09_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_09_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_); // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Add the DENM payload v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_denmReq( m_denmPdu( m_denm( m_denmMgmtCon( m_tsActionId ), v_situation, m_denmLocation_zeroDelta ))))))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredDenm( v_securedMessage, m_payload_unsecured( v_gnPayload ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_09_03_BO /** * @desc Check that IUT discards the Secured DENM containing payload of type 'encrypted' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing payload_field
             *           containing type
             *             indicating 'encrypted'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_09_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_09_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_); // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Add the DENM payload v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_denmReq( m_denmPdu( m_denm( m_denmMgmtCon( m_tsActionId ), v_situation, m_denmLocation_zeroDelta ))))))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredDenm( v_securedMessage, m_payload_encrypted( v_gnPayload ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_09_04_BO /** * @desc Check that IUT discards the Secured DENM containing payload of type 'signed_external' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing payload_field
             *           containing type
             *             indicating 'signed_external'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_09_05_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_09_05_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_); // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Add the DENM payload v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_denmReq( m_denmPdu( m_denm( m_denmMgmtCon( m_tsActionId ), v_situation, m_denmLocation_zeroDelta ))))))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredDenm( v_securedMessage, m_payload_signed_external( v_gnPayload ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_09_05_BO /** * @desc Check that IUT discards the Secured DENM containing exactly one non-empty payload of type 'signed_and_encrypted' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing payload_field
             *           containing type
             *             indicating 'signed_and_encrypted'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_09_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_09_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SituationContainer v_situation := m_situation(CauseCodeType_vehicleBreakdown_, VehicleBreakdownSubCauseCode_unavailable_); // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Add the DENM payload v_gnNonSecuredPacket.payload := valueof( f_adaptPayload_m( bit2oct( encvalue( m_denmReq( m_denmPdu( m_denm( m_denmMgmtCon( m_tsActionId ), v_situation, m_denmLocation_zeroDelta ))))))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredDenm( v_securedMessage, m_payload_signed_and_encrypted( v_gnPayload ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } // End of 'for' statement if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_09_06_BO /** * @desc Check that IUT discards the Secured DENM if the message does not contain the trailer field of type signature *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing trailer_fields
             *           not containing trailer_fields['signature']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_10_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_10_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm_Bo(cc_taCert_A, -, 0); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_10_01_BO /** * @desc Check that IUT discards the Secured DENM containing more than one instance of TrailerField of type 'signature' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing trailer_fields[0]
             *           containing type
             *             indicating 'signature'
             *         and containing trailer_fields[1]
             *           containing type
             *             indicating 'signature'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_10_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_10_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm_Bo(cc_taCert_A, -, 2); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_10_02_BO /** * @desc Check that the IUT discards Secured DENM containing signature that is not verified using the verification key from the certificate contained in the message's signer info *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing certificate (CERT_TS_A_AT)
             *               containing subject_attributes['verification key']
             *                 containing key (KEY)
             *         and containing trailer_fields[0]
             *           containing type
             *             indicating 'signature'
             *           containing signature
             *             NOT verifiable using KEY
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_11_01_BO * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.2 & 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_11_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm_Bo( cc_taCert_A, -, 1, -, e_certificate ); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_11_01_BO /** * @desc Check that IUT discards the Secured DENM if the message contains trailer field of type 'signature' with reserved public key algorythms *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing trailer_fields
             *           containing an instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature.algorithm
             *               indicating X_RESERVED_PK_ALGORYTHM
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_11_02_BO * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.2 & 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_11_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm_Bo( cc_taCert_A, -, 3 ); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_11_02_BO /** * @desc Check that IUT discards a Secured DENM if the signer certificate of the message contains the subject type 'enrolment_credential' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields ['signer_info']
             *           containing signer.type
             *             indicating 'certificate'
             *           containing signer.certificate (CERT_TS_EA_A)
             *             containing subject_info.subject_type
             *               indicating 'enrolment_credentials'
             *         containing header_fields['its_aid']
             *           indicating 'AID_DENM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_12_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_DENM_12_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm( cc_taCert_EC, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_DENM }, e_certificate ); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_12_01_BO /** * @desc Check that IUT discards a Secured DENM if the signer certificate of the message contains the subject type "authorization_authority" *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields ['signer_info']
             *           containing signer.type
             *             indicating 'certificate'
             *           containing signer.certificate (CERT_TS_AA_A)
             *             containing subject_info.subject_type
             *               indicating 'authorization_authority'
             *         containing header_fields['its_aid']
             *           indicating 'AID_DENM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_12_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_DENM_12_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm( cc_taCert_AA, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_DENM }, e_certificate ); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_12_02_BO /** * @desc Check that IUT discards a Secured DENM if the signer certificate of the message contains the subject type 'enrolment_authority' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_A_EA)
             *               containing subject_info.subject_type
             *                 indicating 'enrolment_authority'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_12_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_DENM_12_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm( cc_taCert_EA, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_DENM }, e_certificate ); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_12_03_BO /** * @desc Check that IUT discards a Secured DENM if the signer certificate of the message contains the subject type 'root_ca' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_ROOT)
             *               containing subject_info.subject_type
             *                 indicating 'root_ca'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_12_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_DENM_12_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm( cc_taCert_CA, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_DENM }, e_certificate ); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_12_04_BO /** * @desc Check that IUT discards secured DENM signed with the not yet valid certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is before the time validity period of CERT_TS_MSG_13_01_BO_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_01_BO_AT)
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AT > CURRENT_TIME
             *               and containing end_validity
             *                 indicating END_VALIDITY_AT > START_VALIDITY_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_13_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_13_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1301_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_13_01_BO /** * @desc Check that IUT discards secured DENM signed with the expired certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is before the time validity period of CERT_TS_MSG_13_02_BO_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_02_BO_AT)
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AT < CURRENT_TIME
             *               and containing end_validity
             *                 indicating END_VALIDITY_AT < CURRENT_TIME
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_13_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_13_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1302_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_13_02_BO /** * @desc Check that IUT discards secured DENM when IUT location is outside the circular validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_03_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_B)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_03_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'circle'
             *                 and containing circular_region
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_13_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_13_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1303_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_13_03_BO /** * @desc Check that IUT discards secured DENM when IUT location is outside the rectangular validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_04_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_C)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_04_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'rectangle'
             *                 and containing rectangular_regions
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_13_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_13_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1304_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_13_04_BO /** * @desc Check that IUT discards secured DENM when IUT location is outside the polygonal validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_05_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_D)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_05_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'polygon'
             *                 and containing polygonal_region
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_13_05_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_13_05_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1305_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_13_05_BO /** * @desc Check that IUT discards secured DENM when IUT location is outside the identified validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_06_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_E)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_06_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'id'
             *                 and containing id_region
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_DENM_13_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_DENM_13_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test control if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCertMsg1306_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_DENM_13_06_BO } // End of group recvDenmProfile /** * @desc Receiving behaviour test cases for Other profile * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3.4 Generic Signed Message Profile */ group recvOtherProfile { /** * @desc Function used to verify the IUT has forwarded or discarded the received secured message sent by the TA */ group commonFunctions { /** * @desc Behavior function for NodeD in case of forwarding is expected * @see TC_GEONW_PON_GBC_BV_01 */ function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD() runs on ItsGeoNetworking { // Local variables var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body tc_ac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_dummy, mw_geoNwBroadcastPacketWithArea( mw_longPosVectorPosition( v_longPosVectorNodeB ), ?, f_getGeoBroadcastArea(c_area1) )))) { tc_ac.stop; log("*** " & testcasename() & ": PASS: Beacon message was forwarded ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_dummy ))) { // Do not restart tc_ac timer log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); repeat; } [] tc_ac.timeout { log("*** " & testcasename() & ": FAIL: GBC message not received ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } } // Postamble f_poNeighbour(); } // End of function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD /** * @desc Behavior function for NodeD in case of forwarding is not expected * @see TC_GEONW_PON_GBC_BV_01 */ function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD() runs on ItsGeoNetworking { // Local variables var LongPosVector v_longPosVectorIut := f_getPosition(c_compIut); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body tc_noac.start; alt { [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_dummy, mw_geoNwBroadcastPacketWithArea( mw_longPosVectorPosition( v_longPosVectorIut ), ?, f_getGeoBroadcastArea(c_area1) )))) { tc_noac.stop; log("*** " & testcasename() & ": FAIL: Beacon message shall ot be forwarded ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } [] geoNetworkingPort.receive( mw_geoNwInd( mw_geoNwSecPdu( mdw_securedMessage_dummy ))) { // Do not restart tc_ac timer log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); repeat; } [] tc_noac.timeout { log("*** " & testcasename() & ": PASS: Secured message was discarded ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_success); } } // Postamble f_poNeighbour(); } // End of function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD } // End of goup commonFunctions /** * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate without region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_A_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *               and containing validity_restrictions['time_start_and_end']
             *                 indicating CERT_TS_AT_TIME_VALIDITY
             *               and not containing validity_restrictions['region']
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *               inside CERT_TS_AT_TIME_VALIDITY
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_BEACON'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *         and containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_01_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_01_01_BV() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_A)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_01_BV /** * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a circular region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_B_AT
             *     and the IUT current location is inside the region validity period of CERT_TS_B_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_B_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *               and containing validity_restrictions['time_start_and_end']
             *                 indicating CERT_TS_AT_TIME_VALIDITY
             *               and containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     indicating REGION
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating position inside the REGION
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_BEACON'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *         and containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_01_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_01_02_BV() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_B)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_02_BV /** * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_C_AT
             *     and the IUT current location is inside the region validity period of CERT_TS_C_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_C_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *               and containing validity_restrictions['time_start_and_end']
             *                 indicating CERT_TS_AT_TIME_VALIDITY
             *               and containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'rectangle'
             *                   and containing rectangular_regions
             *                     indicating REGIONS
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating position inside the REGION
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_BEACON'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *         and containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *             containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_01_03_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_01_03_BV() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_C)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_03_BV /** * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a polygonal region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_D_AT
             *     and the IUT current location is inside the region validity period of CERT_TS_D_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_D_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *               and containing validity_restrictions['time_start_and_end']
             *                 indicating CERT_TS_AT_TIME_VALIDITY
             *               and containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     indicating REGION
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating position inside the REGION
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_BEACON'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *         and containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_01_04_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_01_04_BV() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_D)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_04_BV /** * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with an identified region validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_E_AT
             *     and the IUT current location is inside the region validity period of CERT_TS_E_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing protocol_version
             *           indicating value '2'
             *         and containing header_fields[0]
             *           containing type
             *             indicating 'signer_info'
             *           and containing signer
             *             containing type
             *               indicating 'certificate'
             *             and containing certificate (CERT_TS_E_AT)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *               and containing subject_attributes['verification key'] (KEY)
             *               and containing validity_restrictions['time_start_and_end']
             *                 indicating CERT_TS_AT_TIME_VALIDITY
             *               and containing validity_restrictions['region']
             *                 containing region
             *                   containing region_type
             *                     indicating 'id_region'
             *                   and containing identified_region
             *                     indicating REGION
             *         and containing header_fields [1]
             *           containing type
             *             indicating 'generation_time'
             *           and containing generation_time
             *             indicating CURRENT_TIME
             *         and containing header_fields [2]
             *           containing type
             *             indicating 'generation_location'
             *           and containing generation_location
             *             indicating position inside the REGION
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           and containing its_aid
             *             indicating 'AID_BEACON'
             *         and containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length > 0
             *         and containing trailer_fields
             *           containing trailer_fields[0]
             *             containing type
             *               indicating 'signature'
             *             and containing signature
             *               verifiable using KEY
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_01_05_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_01_05_BV() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_E)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_05_BV group g_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB( in charstring p_taCert ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredBeacon(p_taCert, omit, e_certificate); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of function f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB } // End of group g_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV /** * @desc Check that IUT discards a Secured GN Message containing protocol version set to a value less than 2 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing protocol_version
             *           indicating 1
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_02_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 5.1 */ testcase TC_SEC_ITSS_RCV_GENMSG_02_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB(PX_WRONG_PROTOCOL_VERSION)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_02_01_BO /** * @desc Check that IUT discards a Secured GN Message containing protocol version set to a value greater than 2 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing protocol_version
             *           indicating 3
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_02_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 5.1 */ testcase TC_SEC_ITSS_RCV_GENMSG_02_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB(PX_WRONG_PROTOCOL_VERSION)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_02_02_BO group g_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB( in UInt8 p_protocolVersion ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredBeacon_Bo(cc_taCert_A, p_protocolVersion); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of function f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB } // End of group g_TC_SEC_ITSS_RCV_GENMSG_02_0x_BV /** * @desc Check that IUT discards a secured GN Message if the header_fields contains more than one header field of type 'signer_info' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'signer_info'
             *         and containing header_fields[2].type
             *           indicating 'generation_time'
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *         and containing header_fields[4].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_01_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_01_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_signer_info( m_signerInfo_certificate( vc_aaCertificate )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_01_BO /** * @desc Check that IUT discards a secured GN Message if the header_fields does not contain the header field of type 'signer_info' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'generation_time'
             *         and containing header_fields[1].type
             *           indicating 'generation_location'
             *         and containing header_fields[2].type
             *           indicating 'its_aid
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_02_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_02_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_02_BO /** * @desc Check that IUT is able to receive a secured GN Message if the signer_info header field is not encoded first. *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'generation_time'
             *         and containing header_fields[1].type
             *           indicating 'generation_location'
             *         and containing header_fields[2].type
             *           indicating 'its_aid'
             *         and containing header_fields[3].type
             *           indicating 'signer_info'
             *         and not containing other header fields
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_03_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_03_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_03_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other, m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_03_BO /** * @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_time' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'generation_time'
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *         and containing header_fields[4].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_04_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_04_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_04_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_time(1000 * f_getCurrentTime() - 1), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_04_BO /** * @desc Check that IUT discards a secured GN Message if the message does not contain the header field of type 'generation_time' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_location'
             *         and containing header_fields[2].type
             *           indicating 'its_aid'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_05_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_05_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_05_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_05_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_05_BO /** * @desc Check that IUT discards a Secured GN Message if the message contains more than one header field of type 'its_aid' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'generation_location'
             *         and containing header_fields[3]
             *           containing type
             *             indicating 'its_aid'
             *           containing its_aid
             *             indicating 'AID_BEACON'
             *         and containing header_fields[4]
             *           containing type
             *             indicating 'its_aid'
             *           containing its_aid
             *             indicating 'AID_BEACON'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_06_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_06_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_06_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other, m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_06_BO /** * @desc Check that IUT discards a secured GN Message if the message does not contain the header field of type 'its_aid' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'generation_location'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_06a_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_06a_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_06a_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO /** * @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_location' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields[2].type
             *           indicating 'generation_location'
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *         and containing header_fields['its_aid']
             *           indicating 'AID_BEACON'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_07_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_07_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_07_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_07_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0100'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_07_BO /** * @desc Check that IUT discards a secured GN Message if the header_fields contains no element of header field of type 'generation_location' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'generation_time'
             *         and containing header_fields['its_aid']
             *           indicating 'AID_BEACON'
             *         and not containing other header fields
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_08_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_08_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_08_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_08_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_08_BO /** * @desc Check that IUT is able to receive a Secured GN Beacon if the header fields are not in the ascending order according to the numbering of the enumeration. *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields[0].type
             *           indicating 'signer_info'
             *         and containing header_fields[1].type
             *           indicating 'its_aid'
             *         and containing header_fields[2].type
             *           indicating 'generation_time'
             *         and containing header_fields[3].type
             *           indicating 'generation_location'
             *     then
             *       the IUT discards the SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_04_09_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_04_09_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_09_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_09_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_its_aid_Other, m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_09_BO testcase TC_SEC_ITSS_RCV_GENMSG_04_11_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_11_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_11_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_expiry_time( 1000 * (3600 + f_getCurrentTime()) // In us ), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_11_BO testcase TC_SEC_ITSS_RCV_GENMSG_04_12_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_12_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_12_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_expiry_time( 1000 * (3600 + f_getCurrentTime()) // In us ), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other, m_header_field_unspecify }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_12_BO testcase TC_SEC_ITSS_RCV_GENMSG_04_13_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_13_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_13_BO group g_TC_SEC_ITSS_RCV_GENMSG_04_13_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_04_13_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var Certificate v_iutATCertificate; var SubjectAttribute v_encryption_key; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body if ( (f_readCertificate(cc_iutCert_A, v_iutATCertificate) == false) or (f_getCertificateSubjectAttribute(v_iutATCertificate, e_encryption_key, v_encryption_key) == false) ) { f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout); // Set verdict to inconc } else { v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_expiry_time( 1000 * (3600 + f_getCurrentTime()) // In us ), m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other, m_header_field_enc_params( // containing header_fields[3].type.enc_params m_encryptionParameters_aes_128_ccm( // indicating 'aes_128_ccm' PX_ENCRYPTIONPARAMETERS_AES_128_CCM_NONCE // and containing nonce ) ), m_header_field_multiple_recipients( // containing header_fields[4].type { // indicating 'encryption_parameters' m_recipientInfo_ecies_enc_key( v_iutATCertificate.signer_info.signerInfo.digest, e_ecies_nistp256, // containing symm_algorithm // indicating 'aes_128_ccm' m_eciesEncryptedKey_aesccm( v_encryption_key.attribute.rv, '00000000000000000000000000000000'O, // FIXME Where to find these values '00000000000000000000000000000000'O ) ) } ) }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_13_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_13_BO /** * @desc Check that IUT discards a secured GN Beacon if the header_fields contains a signer of type 'self' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating 'self'
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_05_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_05_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_05_01_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_05_01_BO group g_TC_SEC_ITSS_RCV_GENMSG_05_01_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_05_01_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_self ), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_self, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_05_01_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_05_01_BO /** * @desc Check that IUT discards a secured GN Beacon if the header_fields contains a signer of type 'certificate_digest_with_other_algorithm' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating 'certificate_digest_with_other_algorithm'
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_05_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_05_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_05_02_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_05_02_BO group g_TC_SEC_ITSS_RCV_GENMSG_05_02_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_05_02_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_other_certificates( m_certificateWithAlgo_ecdsa( PX_OTHER_CERT_DIGEST ))), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_other_algorithm, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_05_02_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_05_02_BO /** * @desc Check that IUT discards a secured GN Beacon if the header_fields contains a signer of type 'certificate_chain' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating 'certificate_chain'
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_05_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_05_03_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_05_03_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_05_03_BO group g_TC_SEC_ITSS_RCV_GENMSG_05_03_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_05_03_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_certificates( { vc_atCertificate } )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_chain, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_05_03_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_05_03_BO /** * @desc Check that IUT discards a Secured Messageif the header_fields contains a signer info of unknown or reserved type *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields['signer_info']
             *           containing signer.type
             *             indicating X_UNKNOWN_SIGNERINFO_TYPE
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_05_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_05_04_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_05_04_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_05_04_BO group g_TC_SEC_ITSS_RCV_GENMSG_05_04_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_05_04_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_signer_info( m_signerInfo_unknown( 'CAFFEEDECA'O )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_unknown, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_05_04_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_05_04_BO /** * @desc Check that IUT discards a secured GN Message containing generation_time before the message signing certificate validity period *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields['signer_info']
             *             containing certificate (CERT_TS_MSG_06_01_BO_AT)
             *               containing validity_restrictions['time_start_and_end']
             *                 containing start_validity
             *                   indicating START_VALIDITY_AT
             *                 and containing end_validity
             *                   indicating END_VALIDITY_AT
             *         and containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME < START_VALIDITY_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_06_01_BO * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 and 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_06_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_06_01_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_06_01_BO group g_TC_SEC_ITSS_RCV_GENMSG_06_01_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_06_01_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var ValidityRestriction v_validity; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_validity); v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert0601_BO, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time( (v_validity.validity.time_start_and_end.start_validity - 3600) * 1000 ), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_06_01_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_06_01_BO /** * @desc Check that IUT discards the secured GN Message containing generation_time after the message signing certificate validity period *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields['signer_info']
             *             containing certificate (CERT_TS_MSG_06_02_BO_AT)
             *               containing validity_restrictions['time_start_and_end']
             *                 containing start_validity
             *                   indicating START_VALIDITY_AT
             *                 and containing end_validity
             *                   indicating END_VALIDITY_AT
             *         and containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating GEN_TIME > END_VALIDITY_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_06_02_BO * @reference ETSI TS 103 097 v1.2.1, clauses 5.4 & 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_06_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_06_02_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_06_02_BO group g_TC_SEC_ITSS_RCV_GENMSG_06_02_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_06_02_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var ValidityRestriction v_validity; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body f_getCertificateValidityRestriction(vc_atCertificate, e_time_start_and_end, v_validity); v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert0602_BO, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time( (v_validity.validity.time_start_and_end.end_validity + 3600) * 1000 ), // In us m_header_field_generation_location( valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_06_02_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_06_02_BO /** * @desc Check that IUT discards Secured GN Message if the generation_time is more than 10 minute in the past (C2C only) *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating TIME_1 (TIME_1 < CUR_TIME - 10min)
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_06_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_06_03_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_06_03_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_06_03_BO group g_TC_SEC_ITSS_RCV_GENMSG_06_03_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_06_03_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_generation_time( (1000 * f_getCurrentTime() - 600) * 1000 ) // In us }, e_certificate ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_06_03_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_06_03_BO /** * @desc Check that IUT discards Secured GN Message if the generation_time is more than 10 minute in the future(C2C only) *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields ['generation_time']
             *           containing generation_time
             *             indicating TIME_1 (TIME_1 > CUR_TIME + 10min)
             *     then
             *       the IUT discards a SecuredMessage
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_06_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_06_04_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_06_04_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_06_04_BO group g_TC_SEC_ITSS_RCV_GENMSG_06_04_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_06_04_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_generation_time( (1000 * f_getCurrentTime() + 600) * 1000 ) // In us }, e_certificate ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_06_04_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_06_04_BO /** * @desc Check that IUT discards SecuredMessage when its_aid value is undefined *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields['its_aid']
             *           indicating 'AID_UNDEFINED'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_07_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_07_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_07_01_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_07_01_BO group g_TC_SEC_ITSS_RCV_GENMSG_07_01_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_07_01_BO() runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_its_aid_Other }, e_certificate_digest_with_sha256 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_07_01_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_07_01_BO /** * @desc Check that IUT discards Secured GN Message if the HeaderField generation_location is outside of the circular validity region of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_B_AT
             *     and the IUT current location is inside the validiti region of CERT_TS_B_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_B)
             *         containing header_fields ['signer_info']
             *           containing certificate (CERT_TS_B_AT)
             *             containing validity_restrictions ['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'circle'
             *                 and containing circular_region
             *                   indicating REGION
             *         and containing header_fields ['generation_location']
             *           indicating location outside of the REGION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_08_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_08_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO(cc_taCert_B)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_01_BO /** * @desc Check that IUT discards Secured GN Message if the HeaderField generation_location is outside of the rectangular validity region of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_C_AT
             *     and the IUT current location is inside the validiti region of CERT_TS_C_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_C)
             *         containing header_fields ['signer_info']
             *           containing certificate (CERT_TS_C_AT)
             *             containing validity_restrictions ['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'rectangle'
             *                 and containing rectangular_regions
             *                   indicating REGION
             *         and containing header_fields ['generation_location']
             *           indicating locatoin outside of the REGION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_08_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_08_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO(cc_taCert_C)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_02_BO /** * @desc Check that IUT discards Secured GN Message if the optional HeaderField generation_location is outside of the polygonal validity region of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_D_AT
             *     and the IUT current location is inside the validiti region of CERT_TS_D_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_D)
             *         containing header_fields ['signer_info']
             *           containing certificate (CERT_TS_D_AT)
             *             containing validity_restrictions ['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'polygon'
             *                 and containing polygonal_region
             *                   indicating REGION
             *         and containing header_fields ['generation_location']
             *           indicating location outside of the REGION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_08_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_08_03_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO(cc_taCert_D)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_03_BO /** * @desc Check that IUT discards Secured GN Message if the optional HeaderField generation_location is outside of the identified validity region of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_E_AT
             *     and the IUT current location is inside the validiti region of CERT_TS_E_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_E)
             *         containing header_fields ['signer_info']
             *           containing certificate (CERT_TS_E_AT)
             *             containing validity_restrictions ['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'id_region'
             *                 and containing identified_region
             *                   indicating REGION
             *         and containing header_fields ['generation_location']
             *           indicating location outside of the REGION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_08_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_08_04_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO(cc_taCert_E)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_04_BO /** * @desc Check that IUT accepts Secured GN Message if the distance between the current position of IUT and the value of optional HeaderField generation_location is 29.9 km *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields ['generation_location']
             *           containing generation_location
             *             indicating position in 29.9 km from the current position of IUT
             *         and containing header_fields['its_aid']
             *           indicating 'AID_BEACON'
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_08_05_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_GENMSG_08_05_BV() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_05_BV()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_05_BV /** * @desc Check that IUT discards Secured GN Message if the distance between the current position of IUT and the value of optional HeaderField generation_location is more than 30 km *
             * Pics Selection: PICS_GN_SECURITY AND PICS_C2C
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields ['generation_location']
             *           containing generation_location
             *             indicating position in 31 km from the current position of IUT
             *         and containing header_fields['its_aid']
             *           indicating 'AID_BEACON'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_08_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.2 */ testcase TC_SEC_ITSS_RCV_GENMSG_08_06_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_08_06_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_08_06_BO group g_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO( in charstring p_taCert ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( p_taCert, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( PX_WGSLATITUDE, PX_WGSLONGITUDE, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate_digest_with_sha256, false ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_08_05_BV() runs on ItsGeoNetworking { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var Int32 v_latitude; var Int32 v_longitude; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body fx_computePositionUsingDistance( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, 29900.0, 0, v_latitude, v_longitude ); v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_generation_location( valueof(m_threeDLocation( v_latitude, v_longitude, '0000'O )) ) }, e_certificate_digest_with_sha256 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_08_05_BV /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_08_06_BO() runs on ItsGeoNetworking { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var Int32 v_latitude; var Int32 v_longitude; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body fx_computePositionUsingDistance( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, 31000.0, 0, v_latitude, v_longitude ); v_securedGnPdu := f_prepareSecuredBeacon( cc_taCert_A, { m_header_field_generation_location( valueof(m_threeDLocation( v_latitude, v_longitude, '0000'O )) ) }, e_certificate_digest_with_sha256 ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_08_06_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_08_xx_BO /** * @desc Check that IUT discards the Secured GN Message containing empty payload of type 'signed' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing payload_field
             *           containing type
             *             indicating 'signed'
             *           and containing data
             *             indicating length 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_09_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_09_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_02_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_02_BO group g_TC_SEC_ITSS_RCV_GENMSG_09_02_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_09_02_BO() runs on ItsGeoNetworking { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredOtherMessage( v_securedMessage, m_payload_signed( ''O ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_02_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_02_BO /** * @desc Check that IUT discards the Secured GN Message containing payload element of type 'unsecured' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing payload_field
             *           containing type
             *             indicating 'unsecured'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_09_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_09_03_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_03_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_03_BO group g_TC_SEC_ITSS_RCV_GENMSG_09_03_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_09_03_BO() runs on ItsGeoNetworking { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredOtherMessage( v_securedMessage, m_payload_unsecured( v_gnPayload ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_03_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_03_BO /** * @desc Check that IUT discards the Secured GN Message containing payload element of type 'encrypted' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing payload_field
             *           containing type
             *             indicating 'encrypted'
             *           and containing data
             *             indicating length > 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_09_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_09_04_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_04_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_04_BO group g_TC_SEC_ITSS_RCV_GENMSG_09_04_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_09_04_BO() runs on ItsGeoNetworking { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredOtherMessage( v_securedMessage, m_payload_encrypted( v_gnPayload ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_04_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_04_BO testcase TC_SEC_ITSS_RCV_GENMSG_09_05_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_05_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_05_BO group g_TC_SEC_ITSS_RCV_GENMSG_09_05_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_09_05_BO() runs on ItsGeoNetworking { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredOtherMessage( v_securedMessage, m_payload_signed_external( v_gnPayload ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_05_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_05_BO testcase TC_SEC_ITSS_RCV_GENMSG_09_06_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_09_06_BO()); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_09_06_BO group g_TC_SEC_ITSS_RCV_GENMSG_09_06_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_09_06_BO() runs on ItsGeoNetworking { // Local variables var GnNonSecuredPacket v_gnNonSecuredPacket; var octetstring v_gnPayload; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB var template (value) SecuredMessage v_securedMessage; var GeoNetworkingPdu v_securedGnPdu; // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_gnNonSecuredPacket := valueof( m_geoNwBroadcastPacket( v_longPosVectorNodeB, vc_localSeqNumber, f_getGeoBroadcastArea( c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) ))); // Encode it v_gnPayload := bit2oct( encvalue( v_gnNonSecuredPacket ) ); f_buildGnSecuredOtherMessage( v_securedMessage, m_payload_signed_and_encrypted( v_gnPayload ), e_certificate_digest_with_sha256, valueof(m_threeDLocation( v_longPosVectorNodeB.latitude, v_longPosVectorNodeB.longitude, '0000'O )) ); v_securedGnPdu := valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_09_06_BO } // End of group g_TC_SEC_ITSS_RCV_GENMSG_09_06_BO /** * @desc Check that IUT discards the Secured GN Message if the message does not contain the trailer field of type 'signature' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing trailer_fields
             *           not containing trailer_fields['signature']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_10_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_10_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO_nodeB(0)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_10_01_BO /** * @desc Check that IUT discards the Secured GN Message containing more than one instance of TrailerField of type 'signature' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_DENM_A)
             *         containing trailer_fields[0]
             *           containing type
             *             indicating 'signature'
             *         and containing trailer_fields[1]
             *           containing type
             *             indicating 'signature'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_10_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_10_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO_nodeB(2)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_10_02_BO group g_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO_nodeB( in integer p_trailerStatus ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; // Preamble f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredBeacon_Bo(cc_taCert_A, -, p_trailerStatus); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of function f_TC_SEC_ITSS_RCV_GENMSG_10_0x_BO_nodeB } // End of group g_TC_SEC_ITSS_RCV_GENMSG_10_0x_BV /** * @desc Check that the IUT discards Secured GN Message containing signature that is not verified using the verification key from the certificate contained in the message's signer info *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing certificate (CERT_TS_A_AT)
             *               containing subject_attributes['verification key']
             *                 containing key (KEY)
             *         and containing trailer_fields[0]
             *           containing type
             *             indicating 'signature'
             *           containing signature
             *             NOT verifiable using KEY
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_11_01_BO * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.2 & 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_11_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_11_0x_BO_nodeB(1)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_11_01_BO /** * @desc Check that IUT discards the Secured Message if the message contains trailer field of type 'signature' with reserved public key algorythms *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing trailer_fields
             *           containing an instance of type TrailerField
             *             containing type
             *               indicating 'signature'
             *             and containing signature.algorithm
             *               indicating X_RESERVED_PK_ALGORYTHM
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_11_02_BO * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.2 & 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_11_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_11_0x_BO_nodeB(3)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_11_02_BO group g_TC_SEC_ITSS_RCV_GENMSG_11_0x_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_11_0x_BO_nodeB( in integer p_trailerStatus ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; // Preamble f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredBeacon_Bo( cc_taCert_A, -, p_trailerStatus, -, e_certificate ); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of function f_TC_SEC_ITSS_RCV_GENMSG_11_0x_BO_nodeB } // End of group g_TC_SEC_ITSS_RCV_GENMSG_11_0x_BV /** * @desc Check that IUT discards a Secured GN Message if the signer certificate of the message contains the subject type 'enrolment_credential' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_A_EC)
             *               containing subject_info.subject_type
             *                 indicating 'enrolment_credentials'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_12_01_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.3 & 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_12_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB(cc_taCert_EC)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_12_01_BO /** * @desc Check that IUT discards a Secured GN Message if the signer certificate of the message contains the subject type 'authorization_authority' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_A_AA)
             *               containing subject_info.subject_type
             *                 indicating 'authorization_authority'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_12_02_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.3 & 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_12_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB(cc_taCert_AA)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_12_02_BO /** * @desc Check that IUT discards a Secured GN Message if the signer certificate of the message contains the subject type 'enrolment_authority' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_A_EA)
             *               containing subject_info.subject_type
             *                 indicating 'enrolment_authority'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_12_03_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.3 & 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_12_03_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB(cc_taCert_EA)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_12_03_BO /** * @desc Check that IUT discards a Secured GN Message if the signer certificate of the message contains the subject type 'root_ca' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields ['signer_info']
             *           containing signer
             *             containing type
             *               indicating 'certificate'
             *             containing certificate (CERT_TS_ROOT)
             *               containing subject_info.subject_type
             *                 indicating 'root_ca'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_12_04_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.3 & 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_12_04_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB(cc_taCert_CA)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_12_04_BO group g_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB( in charstring p_taCert ) runs on ItsGeoNetworking { // Local variables var GeoNetworkingPdu v_securedGnPdu; var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB // Preamble f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredBeacon( p_taCert, { m_header_field_signer_info( m_signerInfo_digest( vc_atCertificate.signer_info.signerInfo.digest )), m_header_field_generation_time(1000 * f_getCurrentTime()), // In us m_header_field_generation_location( valueof(m_threeDLocation( PX_WGSLATITUDE, PX_WGSLONGITUDE, '0000'O )) ), m_header_field_its_aid_Other }, e_certificate, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of function f_TC_SEC_ITSS_RCV_GENMSG_12_0x_BO_nodeB } // End of group g_TC_SEC_ITSS_RCV_GENMSG_12_0x_BV /** * @desc Check that IUT discards secured message signed with the not yet valid certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is before the time validity period of CERT_TS_MSG_13_01_BO_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_01_BO_AT)
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AT > CURRENT_TIME
             *               and containing end_validity
             *                 indicating END_VALIDITY_AT > START_VALIDITY_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_13_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_13_01_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1301_BO)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_01_BO /** * @desc Check that IUT discards secured message signed with the expired certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is before the time validity period of CERT_TS_MSG_13_02_BO_AT
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_A)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_02_BO_AT)
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AT < CURRENT_TIME
             *               and containing end_validity
             *                 indicating END_VALIDITY_AT < CURRENT_TIME
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_13_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_13_02_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1302_BO)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_02_BO /** * @desc Check that IUT discards secured message when IUT location is outside the circular validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_03_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_B)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_03_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'circle'
             *                 and containing circular_region
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_13_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_13_03_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1303_BO)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_03_BO /** * @desc Check that IUT discards secured message when IUT location is outside the rectangular validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_04_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_C)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_04_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'rectangle'
             *                 and containing rectangular_regions
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_13_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_13_04_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1304_BO)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_04_BO /** * @desc Check that IUT discards secured message when IUT location is outside the polygonal validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_05_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_D)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_05_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'polygon'
             *                 and containing polygonal_region
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_13_05_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_13_05_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1305_BO)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_05_BO /** * @desc Check that IUT discards secured message when IUT location is outside the identified validity restriction of the signing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the validity period of CERT_TS_MSG_13_06_BO_AT
             *     and the IUT current location is set to CURRENT_IUT_LOCATION
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage (MSG_SEC_RCV_GENMSG_E)
             *         containing header_fields['signer_info'].signer
             *           containing certificate (CERT_TS_MSG_13_06_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region
             *                 containing region_type
             *                   indicating 'id'
             *                 and containing id_region
             *                   indicating REGION
             *                     not containing the CURRENT_IUT_LOCATION
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_GENMSG_13_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.3 */ testcase TC_SEC_ITSS_RCV_GENMSG_13_06_BO() runs on ItsMtc system ItsSecSystem { // Local variables var ItsGeoNetworking v_nodeB; var ItsGeoNetworking v_nodeD; // Test control if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); setverdict(inconc); stop; } // Test component configuration f_cf02Up(); // Preamble // Start components v_nodeB := f_getComponent(c_compNodeB); v_nodeD := f_getComponent(c_compNodeD); v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB(cc_taCertMsg1306_BO)); v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); // Cleanup f_cf02Down(); } // End of testcase TC_SEC_ITSS_RCV_GENMSG_13_06_BO group g_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO { /** * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) */ function f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB( in charstring p_taCert ) runs on ItsGeoNetworking { // Local variables f_cf01Up(); // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body f_sendSecuredBeacon(p_taCert, omit, e_certificate); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); // Postamble f_selfOrClientSyncAndVerdict(c_poDone, e_success); } // End of function f_TC_SEC_ITSS_RCV_GENMSG_13_0x_BO_nodeB } // End of group g_TC_SEC_ITSS_RCV_GENMSG_13_0x_BV } // End of group recvOtherProfile /** * @desc Receiving behaviour test cases for certificates profile * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.3.5 Profiles for certificates */ group recvCertificatesProfile { /** * @desc Check that IUT discards the AT certificate with version 3 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_01_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_01_01_BO_AT)
             *             containing version
             *               indicating '3'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_01_01_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 & 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_01_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0101_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_01_01_BO /** * @desc Check that IUT discards the AT certificate with version 1 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_01_02_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_01_02_BO_AT)
             *             containing version
             *               indicating '1'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_01_02_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 & 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_01_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0102_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_01_02_BO /** * @desc Check that IUT discards the AA certificate with version 3 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_01_03_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates[0] (CERT_TS_01_03_BO_AA)
             *             containing version
             *               indicating '3'
             *           and containing certificates[1] (CERT_TS_01_03_BO_AT)
             *             containing signer_info.type
             *               indicating 'certificate_digest_with_sha256'
             *             and containing signer_info.digest
             *               referencing to CERT_TS_01_03_BO_AA
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_01_03_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 & 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_01_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0103_BO, -, e_certificate_chain); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_01_03_BO /** * @desc Check that IUT discards the AA certificate with version 1 *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_01_04_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate_chain'
             *           containing certificates[0] (CERT_TS_01_04_BO_AA)
             *             containing version
             *               indicating '1'
             *           and containing certificates[1] (CERT_TS_01_04_BO_AT)
             *             containing signer_info.digest
             *               referencing to CERT_TS_01_04_BO_AA
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_01_04_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 & 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_01_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); if (PICS_DEBUG_ADDON) { f_sendCertificateAndWaitForCertificateChainRequest(cc_taCert_F, f_generateDefaultCam()); } f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0104_BO, -, e_certificate_chain); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_01_04_BO /** * @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_credential' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_02_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_02_01_BO_AT)
             *             containing signer_info.type
             *               indicating 'certificate_digest_with_sha256'
             *             and containing signer_info.digest
             *               referencing to certificate (CERT_TS_A_EC)
             *                 containing subject_info.subject_type
             *                   indicating 'enrolment_credential'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_02_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_CERT_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0201_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_02_01_BO /** * @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_credential' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_02_02_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates[0] (CERT_TS_02_02_BO_AA)
             *             containing signer_info.digest
             *               referencing to certificate CERT_TS_A_EC
             *                 containing subject_info.subject_type
             *                   indicating 'enrolment_credential'
             *           and containing certificates[1] (CERT_TS_02_02_BO_AT)
             *             containing signer_info.digest
             *               referencing to CERT_TS_02_02_BO_AA
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_02_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_CERT_02_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0202_BO, omit, e_certificate_chain); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_02_02_BO /** * @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_authority' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_02_03_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_02_03_BO_AT)
             *             containing signer_info.type
             *               indicating 'certificate_digest_with_sha256'
             *             and containing signer_info.digest
             *               referencing to certificate (CERT_TS_A_EA)
             *                 containing subject_info.subject_type
             *                   indicating 'enrolment_authority'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_02_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_CERT_02_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0203_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_02_03_BO /** * @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_authority' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_02_04_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates[0] (CERT_TS_02_04_BO_AA)
             *             containing signer_info.digest
             *               referencing to certificate CERT_TS_A_EA
             *                 containing subject_info.subject_type
             *                   indicating 'enrolment_authority'
             *           and containing certificates[1] (CERT_TS_02_04_BO_AT)
             *             containing signer_info.digest
             *               referencing to CERT_TS_02_04_BO_AA
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_02_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_CERT_02_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0204_BO, omit, e_certificate_chain); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_02_04_BO /** * @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'authorization_ticket' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_03_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info'].signer
             *         containing certificate (CERT_TS_03_01_BO_AT)
             *           containing signer_info.digest
             *             referencing to CERT_TS_03_BO_CA
             *               containing subject_info.subject_type
             *                 indicating 'authorization_ticket'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_03_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_CERT_03_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0301_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_03_01_BO /** * @desc Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'authorization_ticket' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_03_02_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates[0] (CERT_TS_03_02_BO_AA)
             *             containing signer_info.digest
             *               referencing to CERT_TS_03_BO_CA
             *                 containing subject_info.subject_type
             *                   indicating 'authorization_ticket'
             *           and containing certificates[1] (CERT_TS_03_02_BO_AT)
             *             containing signer_info.digest
             *             referencing to CERT_TS_03_02_BO_AA
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_03_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_CERT_03_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0302_BO, omit, e_certificate_chain); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_03_02_BO /** * @desc Check that IUT discards a SecuredMessage if the issuer certificate of the AA certificate contains the subject type 'authorization_authority' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_04_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates[0] (CERT_TS_04_01_BO_AA)
             *             containing signer_info.digest
             *               referencing to CERT_TS_A_AA
             *           and containing certificates[1] (CERT_TS_04_01_BO_AT)
             *             containing signer_info.digest
             *               referencing to CERT_TS_04_01_BO_AA
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_04_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 6.3 */ testcase TC_SEC_ITSS_RCV_CERT_04_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0401_BO, omit, e_certificate_chain); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_04_01_BO /** * @desc Check that IUT discards the message when signing AT certificate has an invalid signature *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_A_AT)
             *             containing signer_info.digest
             *               referencing to a CERT_TS_A_AA
             *             and containing signature
             *               NOT verifiable with CERT_TS_A_AA.subject_attributes['verification_key'].key
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_05_01_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_05_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam_Bo( cc_taCert_A, -, 1, -, e_certificate, true, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_05_01_BO /** * @desc Check that IUT discards the message when the issuing AA certificate of the signing AT certificate has an invalid signature *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_A_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate_chain'
             *           and containing certificates[0] (CERT_TS_A_AA)
             *             containing signer_info.digest
             *               referencing to a CERT_ROOT
             *             and containing signature
             *               NOT verifiable with CERT_ROOT.subject_attributes['verification_key'].key
             *           and containing certificates[1] (CERT_TS_A_AT)
             *             containing signer_info.digest
             *               referencing to a CERT_TS_A_AA
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_05_02_BO * @reference ETSI TS 103 097 v1.2.1, clauses 6.1 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_05_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_prepareSecuredCam_Bo( cc_taCert_A, -, 1, -, e_certificate_chain, true, false, true ); f_sendGeoNetMessage(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu)); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_05_02_BO /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the same circular region validity restriction as its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_06_01_BV_AT
             *     and the IUT current location is inside the CURCULAR_REGION_AA
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           containing certificate (CERT_TS_06_01_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'circle'
             *               containing circular_region
             *                 indicating CURCULAR_REGION_AA
             *             containing signer_info.digest
             *               referencing to a CERT_TS_B_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     indicating CURCULAR_REGION_AA
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_06_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0601_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_06_01_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_06_02_BV_AT
             *     and the IUT current location is inside the CURCULAR_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_06_02_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'circle'
             *               and containing circular_region
             *                 indicating CURCULAR_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_B_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     indicating CURCULAR_REGION_AA
             *                       fully covering CURCULAR_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_06_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_06_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0602_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_06_02_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_06_03_BV_AT
             *     and the IUT current location is inside the CURCULAR_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_06_03_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'circle'
             *               and containing circular_region
             *                 indicating CURCULAR_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_C_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'rectangular'
             *                   and containing rectangular_region[0]
             *                     indicating RECT_REGION_AA
             *                       fully covering CURCULAR_REGION_AT
             *      then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_06_03_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_06_03_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0603_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_06_03_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_06_04_BV_AT
             *     and the IUT current location is inside the CURCULAR_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_06_04_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'circle'
             *               and containing circular_region
             *                 indicating CURCULAR_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_D_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     indicating POLYGON_REGION_AA
             *                       fully covering CURCULAR_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_06_04_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_06_04_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0604_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_06_04_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_06_05_BV_AT
             *     and the IUT current location is inside the CURCULAR_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           containing certificate (CERT_TS_06_05_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'circle'
             *               and containing circular_region
             *                 indicating CURCULAR_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_E_AA
             *                 containing validity_restrictions['region']
             *                   and containing region_type
             *                     indicating 'id'
             *                   and containing id_region
             *                     containing region_dictionary
             *                       indicating 'iso_3166_1'
             *                     and containing local_region
             *                       indicating 0
             *                     and containing region_identifier
             *                       indicating ID_REGION_AT
             *                         fully covering CURCULAR_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_06_05_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_06_05_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0605_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_06_05_BV /** * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the circular region validity restriction *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_06_06_BO_AT
             *     and the IUT current location is inside the CURCULAR_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_06_06_BO_AT)
             *             not containing validity_restrictions['region']
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_B_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     indicating CURCULAR_REGION_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_06_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_06_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0606_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_06_06_BO /** * @desc Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is outside of the circular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_06_07_BO_AT
             *     and the IUT current location is inside the CURCULAR_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_06_07_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'circle'
             *               and containing circular_region
             *                 indicating CURCULAR_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_06_07_BO_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     indicating CURCULAR_REGION_AA_OUTSIDE
             *                       not including CURCULAR_REGION_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_06_07_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_06_07_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0607_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_06_07_BO /** * @desc Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is not fully covered by the the circular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_CIRCULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_06_08_BO_AT
             *     and the IUT current location is inside the CURCULAR_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_06_08_BO_AT)
             *             containing validity_restrictions['region']
             *                 containing region_type
             *                   indicating 'circle'
             *                 and containing circular_region
             *                   indicating CURCULAR_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_06_08_BO_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     indicating CURCULAR_REGION_AA_INTERSECT
             *                       including partially CURCULAR_REGION_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_06_08_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_06_08_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0608_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_06_08_BO /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the same rectangular region validity restriction as its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_07_01_BV_AT
             *     and the IUT current location is inside the RECT_REGION_AA
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_07_01_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'rectangle'
             *               and containing rectangular_region[0]
             *                 indicating RECT_REGION_AA
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_C_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'rectangular'
             *                   and containing rectangular_region[0]
             *                     indicating RECT_REGION_AA
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_07_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0701_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_07_01_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_07_02_BV_AT
             *     and the IUT current location is inside the RECT_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_07_02_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'rectangle'
             *               and containing rectangular_region[0]
             *                 indicating RECT_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_B_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     indicating CURCULAR_REGION_AA
             *                       fully covering the RECT_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_07_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_07_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0702_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_07_02_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the validity restriction with rectangular region which is fully inside in the rectangular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_07_03_BV_AT
             *     and the IUT current location is inside the RECT_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_07_03_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'rectangle'
             *               and containing rectangular_region[0]
             *                 indicating RECT_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_C_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'rectangular'
             *                   and containing rectangular_region[0]
             *                     indicating RECT_REGION_AA
             *                       fully covering RECT_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_07_03_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_07_03_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0703_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_07_03_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_07_04_BV_AT
             *     and the IUT current location is inside the RECT_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           containing certificate (CERT_TS_07_04_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'rectangle'
             *               containing rectangular_region[0]
             *                 indicating RECT_REGION_AT
             *             containing signer_info.digest
             *               referencing to a certificate CERT_TS_D_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'polygon'
             *                   containing polygonal_region
             *                     indicating POLYGON_REGION_AA
             *                       fully covering RECT_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_07_04_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_07_04_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0704_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_07_04_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_07_05_BV_AT
             *     and the IUT current location is inside the RECT_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_07_05_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'rectangle'
             *               and containing rectangular_region[0]
             *                 indicating RECT_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_E_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'id'
             *                   and containing id_region
             *                     containing region_dictionary
             *                       indicating 'iso_3166_1' (0)
             *                     and containing local_region
             *                       indicating 0
             *                     and containing region_identifier
             *                       indicating ID_REGION_AT
             *                         fully covering RECT_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_07_05_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_07_05_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0705_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_07_05_BV /** * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the rectangular region validity restriction *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_07_06_BO_AT
             *     and the IUT current location is inside the RECT_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           containing certificate (CERT_TS_07_06_BO_AT)
             *             not containing validity_restrictions['region']
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_C_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'rectangular'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_07_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_07_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0706_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_07_06_BO /** * @desc Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is outside of the rectangular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_07_07_BO_AT
             *     and the IUT current location is inside the RECT_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_07_07_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'rectangle'
             *               and containing rectangular_region[0]
             *                 indicating RECT_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_07_07_BO_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'rectangle'
             *                   and containing rectangular_region[0]
             *                     indicating RECT_REGION_AA_OUTSIDE
             *                       not including RECT_REGION_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_07_07_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_07_07_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0707_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_07_07_BO /** * @desc Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is not fully covered by the the rectangular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_RECTANGULAR_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_07_08_BO_AT
             *     and the IUT current location is inside the RECT_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_07_08_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'rectangle'
             *               and containing rectangular_region[0]
             *                 indicating RECT_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_07_08_BO_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'rectangle'
             *                   and containing rectangular_region[0]
             *                     indicating RECT_REGION_AA_INTERSECT
             *                       including partialy RECT_REGION_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_07_08_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_07_08_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0708_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_07_08_BO /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the same polygonal region validity restriction as its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_08_01_BV_AT
             *     and the IUT current location is inside the POLYGON_REGION_AA
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_08_01_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'polygon'
             *               and containing polygonal_region
             *                 indicating POLYGON_REGION_AA
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_D_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     indicating POLYGON_REGION_AA
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_08_01_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0801_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_08_01_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_08_02_BV_AT
             *     and the IUT current location is inside the POLYGON_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_08_02_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'polygon'
             *               and containing polygonal_region
             *                 indicating POLYGON_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_B_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     indicating CURCULAR_REGION_AA
             *                       fully including POLYGON_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_08_02_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_08_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0802_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_08_02_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_08_03_BV_AT
             *     and the IUT current location is inside the POLYGON_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_08_03_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'polygon'
             *               and containing polygonal_region
             *                 indicating POLYGON_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_C_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'rectangular'
             *                   and containing rectangular_region[0]
             *                     indicating RECT_REGION_AA
             *                       fully covering POLYGON_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_08_03_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_08_03_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0803_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_08_03_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_08_04_BV_AT
             *     and the IUT current location is inside the POLYGON_REGION_AA
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_08_04_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'polygon'
             *               and containing polygonal_region
             *                 indicating POLYGON_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_D_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     indicating POLYGON_REGION_AA
             *                       fully including POLYGON_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_08_04_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_08_04_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0804_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_08_04_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_08_04_BV_AT
             *     and the IUT current location is inside the POLYGON_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_08_05_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'polygon'
             *               and containing polygonal_region
             *                 indicating POLYGON_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_E_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'id'
             *                   and containing id_region
             *                     containing region_dictionary
             *                       indicating 'iso_3166_1' (0)
             *                     and containing local_region
             *                       indicating 0
             *                     and containing region_identifier
             *                       indicating ID_REGION_AT
             *                         fully including POLYGON_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_08_05_BV * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_08_05_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0805_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_08_05_BV /** * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the polygonal region validity restriction *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_08_06_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_08_06_BO_AT)
             *             not containing validity_restrictions['region']
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_D_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'polygon'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_08_06_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_08_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0806_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_08_06_BO /** * @desc Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction containing less than 3 points *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_08_07_BO_AT
             *     and the IUT current location is inside the POLYGON_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_08_07_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'polygon'
             *               and containing polygonal_region (POLYGON_REGION_08_04_BO)
             *                 indicating length = 2
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_D_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     indicating POLYGON_REGION_AA
             *                       fully covering all points of POLYGON_REGION_08_04_BO
             *      then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_08_07_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_08_07_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0807_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_08_07_BO /** * @desc Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is outside of the polygonal region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_08_08_BO_AT
             *     and the IUT current location is inside the POLYGON_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_08_08_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'polygon'
             *               and containing polygonal_region
             *                 indicating POLYGON_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_08_08_BO_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     indicating POLYGON_REGION_AA_OUTSIDE
             *                       not including POLYGON_REGION_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_08_08_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_08_08_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0808_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_08_08_BO /** * @desc Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is not fully covered by the the polygonal region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_POLYGONAL_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_08_09_BO_AT
             *     and the IUT current location is inside the POLYGON_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_08_09_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'polygon'
             *               and containing polygonal_region
             *                 indicating POLYGON_REGION_AT
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_08_09_BO_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     indicating POLYGON_REGION_AA_INTERSECT
             *                       including partialy POLYGON_REGION_AT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_08_09_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_08_09_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0809_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_08_09_BO /** * @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and without local area definition *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_01_BV_AT
             *     and the IUT current location is inside the ID_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_01_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'iso_3166_1'
             *                 and containing region_identifier
             *                   indicating ID_REGION_AT
             *                 and containing local_region
             *                   indicating 0
             *             containing signer_info.digest
             *               referencing to a certificate CERT_TS_E_AA
             *                 containing region_type
             *                   indicating 'id'
             *                 and containing id_region
             *                   containing region_dictionary
             *                     indicating 'iso_3166_1'
             *                   and containing region_identifier
             *                     indicating ID_REGION_AT
             *                   and containing local_region
             *                     indicating 0
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_01_BV * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0901_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_01_BV /** * @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and with local area definition *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_02_BV_AT
             *     and the IUT current location is inside the ID_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_02_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'iso_3166_1'
             *                 and containing region_identifier
             *                   indicating ID_REGION_AT
             *                 and containing local_region
             *                   indicating ID_LOCAL_REGION_1
             *             containing signer_info.digest
             *               referencing to a certificate CERT_TS_E_AA
             *                 containing region_type
             *                   indicating 'id'
             *                 and containing id_region
             *                   containing region_dictionary
             *                     indicating 'iso_3166_1'
             *                   and containing region_identifier
             *                     indicating ID_REGION_AT
             *                   and containing local_region
             *                     indicating 0
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_02_BV * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0902_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_02_BV /** * @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction fully containing in the circular validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_03_BV_AT
             *     and the IUT current location is inside the ID_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_03_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'iso_3166_1'
             *                 and containing region_identifier
             *                   indicating ID_REGION_AT
             *                 and containing local_region
             *                   indicating 0
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_09_03_BV_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'circle'
             *                   and containing circular_region
             *                     fully covering ID_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_03_BV * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_03_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0903_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_03_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_03_BV_AT
             *     and the IUT current location is inside the ID_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_04_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'iso_3166_1'
             *                 and containing region_identifier
             *                   indicating ID_REGION_AT
             *                 and containing local_region
             *                   indicating 0
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_09_04_BV_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'rectangular'
             *                   containing rectangular_region[0]
             *                     fully covering ID_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_04_BV * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_04_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0904_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_04_BV /** * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_05_BV_AT
             *     and the IUT current location is inside the ID_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_05_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'iso_3166_1'
             *                 and containing region_identifier
             *                   indicating ID_REGION_AT
             *                 and containing local_region
             *                   indicating 0
             *             and containing signer_info.digest
             *               referencing to a certificate CERT_TS_09_05_BV_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'polygon'
             *                   and containing polygonal_region
             *                     fully covering ID_REGION_AT
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_05_BV * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_05_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0905_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_05_BV /** * @desc Check that the IUT accepts a message when the signing certificate of the message contains the identified region validity restriction with the identified region which is fully covered by the identified region of the validity restriction of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_06_BV_AT
             *     and the IUT current location is inside the ID_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_06_BV_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'un_stats'
             *                 and containing region_identifier
             *                   indicating ID_REGION_AT
             *                 and containing local_region
             *                   indicating 0
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_09_06_BV_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'id'
             *                   and containing id_region
             *                     containing region_dictionary
             *                       indicating 'un_stats'
             *                     and containing region_identifier
             *                       indicating ID_REGION_AA_UNSTATS
             *                         which includes ID_REGION_AT
             *                     and containing local_region
             *                       indicating 0
             *     then
             *       the IUT accepts the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_06_BV * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_06_BV() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0906_BV, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } else { log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_06_BV /** * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the identified region validity restriction *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_07_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_07_BO_AT)
             *             not containing validity_restrictions['region']
             *             and containing signer_info.digest
             *               referencing to the certificate CERT_TS_E_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'id'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_07_BO * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_07_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0907_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_07_BO /** * @desc Check that the IUT discards a message when the signing certificate and its issuing certificate are both containing the identified region validity restrictions with the same region id but different local regions *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_08_BO_AT
             *     and the IUT current location is inside the ID_REGION_AA, local region 1
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_08_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'iso_3166_1'
             *                 containing region_identifier
             *                   indicating ID_REGION_AA
             *                 containing local_region
             *                   indicating ID_LOCAL_REGION_1
             *             containing signer_info.digest
             *               referencing to a CERT_TS_09_08_BO_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'id'
             *                   containing id_region
             *                     containing region_dictionary
             *                       indicating 'iso_3166_1'
             *                     containing region_identifier
             *                       indicating ID_REGION_AA
             *                     containing local_region
             *                       indicating ID_LOCAL_REGION_2
             *                         not equal to ID_LOCAL_REGION_1
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_08_BO * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_08_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0908_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_08_BO /** * @desc Check that the IUT discards a message when the identified region of the validity restriction of its signing certificate is different and not fully covered by the one in the issuing certificate *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_09_BO_AT
             *     and the IUT current location is inside the ID_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_09_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'iso_3166_1'
             *                 and containing region_identifier
             *                   indicating ID_REGION_AT
             *                 and containing local_region
             *                   indicating 0
             *             containing signer_info.digest
             *               referencing to a CERT_TS_09_09_BO_AA
             *                 containing validity_restrictions['region']
             *                   containing region_type
             *                     indicating 'id'
             *                   and containing id_region
             *                     containing region_dictionary
             *                       indicating 'iso_3166_1'
             *                     and containing region_identifier
             *                       indicating ID_REGION_AA_OTHER
             *                         other than ID_REGION_AT
             *                     and containing local_region
             *                       indicating 0
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_09_BO * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_09_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0909_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_09_BO /** * @desc Check that the IUT discards a message when the identified region validity restriction of its signing certificate contains unknown area code *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_10_BO_AT
             *     and the IUT current location is inside the ID_REGION_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_10_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'iso_3166_1'
             *                 and containing region_identifier
             *                   indicating ID_REGION_UNKNOWN
             *                     not existing in ISO 3166-1
             *                 and containing local_region
             *                   indicating 0
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_A_AA
             *                 not containing validity_restrictions['region']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_10_BO * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_10_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0910_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_10_BO /** * @desc Check that the IUT discards a message when the validity restriction of its signing certificate contains the identified region of type iso-3166-1 but region code is from the UN-Stats dictionary *
             * Pics Selection: PICS_GN_SECURITY AND PICS_USE_IDENTIFIED_REGION
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_09_11_BO_AT
             *     and the IUT current location is inside the  ID_REGION_AA_UNSTATS
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_09_11_BO_AT)
             *             containing validity_restrictions['region']
             *               containing region_type
             *                 indicating 'id'
             *               and containing id_region
             *                 containing region_dictionary
             *                   indicating 'iso_3166_1'
             *                 and containing region_identifier
             *                   indicating ID_REGION_AA_UNSTATS
             *                 and containing local_region
             *                   indicating 0
             *             and containing signer_info.digest
             *               referencing to a CERT_TS_A_AA
             *                 not containing validity_restrictions['region']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_09_11_BO * @reference ETSI TS 103 097 v1.2.1, clauses 4.2.26 and 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_09_11_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert0911_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_09_11_BO /** * @desc Check that the IUT discards a message when its signing certificate does not contain the time validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           containing certificate (CERT_TS_10_01_BO_AT)
             *             not containing validity_restrictions['time_start_and_end']
             *             and not containing validity_restrictions['time_end']
             *             and not containing validity_restrictions['time_start_and_duration']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_10_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_10_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1001_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_10_01_BO /** * @desc Check that the IUT discards a message when the issuing certificate of the message signing certificate does not contain the time validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info'].signer
             *         containing type
             *           indicating 'certificate'
             *         containing certificate (CERT_TS_10_02_BO_AT)
             *           containing signer_info.digest
             *             referencing to CERT_TS_10_02_BO_AA
             *               not containing validity_restrictions['time_start_and_end']
             *               and not containing validity_restrictions['time_end']
             *               and not containing validity_restrictions['time_start_and_duration']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_10_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_10_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1002_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_10_02_BO /** * @desc Check that the IUT discards a message when its signing certificate contains 'time_end' validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is less then time_end validity restricyion of CERT_TS_10_03_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           containing certificate (CERT_TS_10_03_BO_AT)
             *             containing validity_restrictions['time_end']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_10_03_BO * @reference ETSI TS 103 097 v1.2.1, clauses 7.4.2 & 7.4.4 */ testcase TC_SEC_ITSS_RCV_CERT_10_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1003_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_10_03_BO /** * @desc Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_10_04_BO_AT
             * Expected results:
             *   ensure that
             *     when  the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           containing certificate (CERT_TS_10_04_BO_AT)
             *             containing validity_restrictions['time_start_and_duration']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_10_04_BO * @reference ETSI TS 103 097 v1.2.1, clauses 7.4.2 & 7.4.4 */ testcase TC_SEC_ITSS_RCV_CERT_10_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1004_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_10_04_BO /** * @desc Check that the IUT discards a message when the issuing certificate of the message signing certificate contains 'time_end' validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is less then time_end validity restricyion of CERT_TS_10_05_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info'].signer
             *         containing type
             *           indicating 'certificate'
             *         containing certificate (CERT_TS_10_05_BO_AT)
             *           containing signer_info.digest
             *             referencing to CERT_TS_10_05_BO_AA
             *               containing validity_restrictions['time_end']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_10_05_BO * @reference ETSI TS 103 097 v1.2.1, clauses 7.4.2 & 7.4.4 */ testcase TC_SEC_ITSS_RCV_CERT_10_05_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1005_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_10_05_BO /** * @desc Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is less then time_end validity restricyion of CERT_TS_10_06_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info'].signer
             *         containing type
             *           indicating 'certificate'
             *         containing certificate (CERT_TS_10_06_BO_AT)
             *           containing signer_info.digest
             *             referencing to CERT_TS_10_06_BO_AA
             *               containing validity_restrictions['time_start_and_duration']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_10_06_BO * @reference ETSI TS 103 097 v1.2.1, clauses 7.4.2 & 7.4.4 */ testcase TC_SEC_ITSS_RCV_CERT_10_06_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1006_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_10_06_BO /** * @desc Check that the IUT discards a message when the validity period of the signing certificate ends after the validity period of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_01_BO_AT)
             *           containing signer_info.digest
             *             referencing to CERT_TS_A_AA
             *               containing validity_restrictions['time_start_and_end']
             *                 containing start_validity
             *                   indicating START_VALIDITY_AA
             *                 containing end_validity
             *                   indicating END_VALIDITY_AA
             *           containing validity_restrictions['time_start_and_end']
             *             containing start_validity
             *               indicating START_VALIDITY_AA
             *             containing end_validity
             *               indicating END_VALIDITY_AA + 1d
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_11_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_11_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1101_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_11_01_BO /** * @desc Check that the IUT discards a message when the validity period of its signing certificate starts before the validity period of the issuing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_02_BO_AT)
             *         containing signer_info.digest
             *           referencing to CERT_TS_A_AA
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AA
             *               and containing end_validity
             *                 indicating END_VALIDITY_AA
             *         and containing validity_restrictions['time_start_and_end']
             *           containing start_validity
             *             indicating START_VALIDITY_AA - 1d
             *           and containing end_validity
             *             indicating END_VALIDITY_AA
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_11_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_11_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1102_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_11_02_BO /** * @desc Check that the IUT discards a message when the issuing certificate of signing certificate is expired but the signing certificate is not expired yet. *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_03_BO_AT)
             *         containing signer_info.digest
             *           referencing to CERT_TS_11_03_BO_AA
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating START_VALIDITY_AA - 365d
             *               and containing end_validity
             *                 indicating START_VALIDITY_AA - 1d
             *         and containing validity_restrictions['time_start_and_end']
             *           containing start_validity
             *             indicating START_VALIDITY_AA - 365d
             *           and containing end_validity
             *             indicating END_VALIDITY_AA
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_11_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_11_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1103_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_11_03_BO /** * @desc Check that the IUT discards a message when the validity period of the signing certificate is after the validity period of its issuing certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_04_BO_AT)
             *         containing signer_info.digest
             *           referencing to CERT_TS_11_04_BO_AA
             *             containing validity_restrictions['time_start_and_end']
             *               containing start_validity
             *                 indicating END_VALIDITY_AA
             *               and containing end_validity
             *                 indicating END_VALIDITY_AA + 365d
             *         and containing validity_restrictions['time_start_and_end']
             *           containing start_validity
             *             indicating START_VALIDITY_AA
             *           and containing end_validity
             *             indicating END_VALIDITY_AA +365d
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_11_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_11_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1104_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_11_04_BO /** * @desc Check that the IUT discards a message when its signing certificate does not contain the SSP-AID subject attribute *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_12_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_12_01_BO_AT)
             *             not containing subject_attributes['its_aid_ssp_list']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_12_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_RCV_CERT_12_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1201_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_12_01_BO /** * @desc Check that the IUT discards a Secured CAM when its signing certificate does not contain a record with AID_CAM in the its_aid_ssp_list subject attribute *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_12_02_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
             *       containing header_fields ['its_aid']
             *         containing its_aid
             *           indicating 'AID_CAM'
             *       and containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_12_02_BO_AT)
             *             containing subject_attributes['its_aid_ssp_list']
             *               not containing an item
             *                 containing its_aid
             *                   indicating 'AID_CAM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_12_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_RCV_CERT_12_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1202_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_12_02_BO /** * @desc Check that the IUT discards a Secured DENM when its signing certificate does not contain a record with AID_DENM in the its_aid_ssp_list subject attribute *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_12_03_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured DENM (MSG_SEC_RCV_DENM_A)
             *       containing header_fields ['its_aid']
             *         containing its_aid
             *           indicating 'AID_DENM'
             *       and containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_12_03_BO_AT)
             *             containing subject_attributes['its_aid_ssp_list']
             *               not containing an item
             *                 containing its_aid
             *                   indicating 'AID_DENM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_12_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_RCV_CERT_12_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert1203_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_12_03_BO /** * @desc Check that the IUT discards a Secured CAM when its signing certificate contains two records with AID_CAM in the its_aid_ssp_list subject attribute *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_12_04_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
             *       containing header_fields ['its_aid']
             *         containing its_aid
             *           indicating 'AID_CAM'
             *       and containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_12_04_BO_AT)
             *             containing subject_attributes['its_aid_ssp_list']
             *               containing item [0].its_aid
             *                 indicating 'AID_CAM'
             *               and containing item [1].its_aid
             *                 indicating 'AID_CAM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_12_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_RCV_CERT_12_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1204_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_12_04_BO /** * @desc Check that the IUT discards a message when the signing AT certificate contains a CAM AID-SSP record whereas the issuing AA certificate does not contain the record with AID_CAM *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_13_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
             *       containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_01_BO_AT)
             *         containing signer_info.digest
             *           referencing to CERT_TS_13_01_BO_AA
             *             containing subject_attributes['its_aid_list']
             *               not containing 'AID_CAM'
             *         and containing subject_attributes['its_aid_ssp_list']
             *           containing a record
             *             containing its_aid
             *               indicating 'AID_CAM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_13_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_13_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1301_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_13_01_BO /** * @desc Check that the IUT discards a message when the signing AT certificate contains a DENM AID-SSP record whereas the issuing AA certificate does not contain the AID record with AID_DENM *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_13_02_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured DENM (MSG_SEC_RCV_DENM_A)
             *       containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_02_BO_AT)
             *         containing signer_info.digest
             *           referencing to CERT_TS_13_02_BO_AA
             *             containing subject_attributes['its_aid_list']
             *               not containing 'AID_DENM'
             *         and containing subject_attributes['its_aid_ssp_list']
             *           containing a record
             *             containing its_aid
             *               indicating 'AID_DENM'
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_13_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_13_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert1302_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_13_02_BO /** * @desc Check that IUT discards a SecuredMessage if the AA certificate does not contain a subject_attribute of type its_aid_list *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_13_03_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
             *       containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_03_BO_AT)
             *         containing signer_info.digest
             *           referencing to CERT_TS_13_03_BO_AA
             *             not containing subject_attributes['its_aid_list']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_13_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_13_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredDenm(cc_taCert1303_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_13_03_BO /** * @desc Check that IUT discards the AT certificate with signer info of type 'certificate' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_14_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_14_01_BO_AT)
             *             containing signer_info
             *               containing type
             *                 indicating 'certificate'
             *               and containing certificate
             *                 indicating CERT_TS_AA_A
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_14_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_RCV_CERT_14_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1401_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_14_01_BO /** * @desc Check that IUT discards the AT certificate with signer info of type 'certificate_chain' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_14_02_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_14_02_BO_AT)
             *             containing signer_info
             *               containing type
             *                 indicating 'certificate_chain'
             *               and containing certificates[0]
             *                 indicating certificate (CERT_TEST_ROOT)
             *               and containing certificates[1]
             *                 indicating certificate (CERT_TS_AA_A)
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_14_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_RCV_CERT_14_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1402_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_14_02_BO /** * @desc Check that IUT discards the AT certificate with signer info of type 'certificate_digest_with_other_algorithm' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_14_03_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_14_03_BO_AT)
             *             containing signer_info
             *               containing type
             *                 indicating 'certificate_digest_with_other_algorithm'
             *               and containing digest
             *                 referencing CERT_TS_AA_A
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_14_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_RCV_CERT_14_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1403_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_14_03_BO /** * @desc Check that IUT discards the AA certificate with signer info of type 'certificate' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_15_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_15_01_BO_AT)
             *             containing signer_info.digest
             *               referencing to certificate (CERT_TS_15_01_BO_AA)
             *                 containing signer_info
             *                   containing type
             *                     indicating 'certificate'
             *                   and containing certificate
             *                     indicating CERT_TEST_ROOT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_15_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.4 */ testcase TC_SEC_ITSS_RCV_CERT_15_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1501_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_15_01_BO /** * @desc Check that IUT discards the AA certificate with signer info of type 'certificate_chain' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_15_02_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_15_02_BO_AT)
             *             containing signer_info.digest
             *               referencing to certificate (CERT_TS_15_02_BO_AA)
             *                 containing signer_info
             *                   containing type
             *                     indicating 'certificate_chain'
             *                   and containing certificates[0]
             *                     indicating certificate (CERT_ROOT)
             *                   and containing certificates[1]
             *                     indicating certificate (CERT_TS_15_02_BO_CA)
             *                       containing signer_info
             *                         containing type
             *                           indicating 'certificate_digest_with_sha256'
             *                         and containing digest
             *                           referencing to CERT_TEST_ROOT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_15_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.4 */ testcase TC_SEC_ITSS_RCV_CERT_15_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1502_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_15_02_BO /** * @desc Check that IUT discards the AA certificate with signer info of type 'certificate_digest_with_other_algorithm' *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_15_03_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_15_03_BO_AT)
             *             containing signer_info.digest
             *               referencing to certificate (CERT_TS_15_03_BO_AA)
             *                 containing signer_info
             *                   containing type
             *                     indicating 'certificate_digest_with_other_algorithm'
             *                   and containing digest
             *                     referencing CERT_TEST_ROOT
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_15_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.4 */ testcase TC_SEC_ITSS_RCV_CERT_15_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1503_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_15_03_BO /** * @desc Check that IUT discards a SecuredMessage if the subject_name of the AT certificate is not an empty name field *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_16_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a SecuredMessage
             *       containing header_fields ['signer_info']
             *         containing signer
             *           containing type
             *             indicating 'certificate'
             *           and containing certificate (CERT_TS_14_01_BO_AT)
             *             containing subject_info.subject_name
             *               indicating non-empty string ('Invalid name')
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_16_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.2 */ testcase TC_SEC_ITSS_RCV_CERT_16_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1601_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_16_01_BO /** * @desc Check that IUT discards a SecuredMessage if the subject attribute of type assurance_level is missing in the AT certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_17_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_1)
             *       containing header_fields ['signer_info'].signer
             *         containing type
             *           indicating 'certificate'
             *         and containing certificate (CERT_TS_17_01_BO_AT)
             *           not containing subject_attributes['assurance_level']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_17_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_17_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1701_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_17_01_BO /** * @desc Check that IUT discards a SecuredMessage if the subject attribute of type assurance_level is missing in the AA certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_17_02_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_1)
             *       containing header_fields ['signer_info'].signer
             *         containing type
             *           indicating 'certificate'
             *         and containing certificate (CERT_TS_17_02_BO_AT)
             *           containing signer_info.digest
             *             referencing to certificate (CERT_TS_17_02_BO_AA)
             *               not containing subject_attributes['assurance_level']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_17_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_17_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1702_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_17_02_BO /** * @desc Check that IUT discards a SecuredMessage if the assurance level of issuing certificate is less then assurance level of subordinate certificate. *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_17_03_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_1)
             *       containing header_fields ['signer_info'].signer
             *         containing type
             *           indicating 'certificate'
             *         and containing certificate (CERT_TS_17_03_BO_AT)
             *           containing subject_attributes['assurance_level']
             *             containing assurance_level
             *               indicating 0x80 (assurance level=4, confidence=0)
             *           and containing signer_info.digest
             *             referencing to certificate (CERT_TS_A_AA)
             *               containing subject_attributes['assurance_level']
             *                 containing assurance_level
             *                   indicating 0x60 (assurance level=3, confidence=0)
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_17_03_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_17_03_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1703_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_17_03_BO /** * @desc Check that IUT discards a SecuredMessage if the assurance level of issuing certificate is equal to the assurance level of the subordinate certificate but the confidence of subject assurance of issuing certificate is less then the confidence of the subordinate certificate. *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_17_04_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_1)
             *       containing header_fields ['signer_info'].signer
             *         containing type
             *           indicating 'certificate'
             *         and containing certificate (CERT_TS_17_04_BO_AT)
             *           containing subject_attributes['assurance_level']
             *             containing assurance_level
             *               indicating 0x61 (assurance level=3, confidence=1)
             *           and containing signer_info.digest
             *             referencing to certificate (CERT_TS_A_AA)
             *               containing subject_attributes['assurance_level']
             *                 containing assurance_level
             *                   indicating 0x60 (assurance level=3, confidence=0)
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_17_04_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_17_04_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1704_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_17_04_BO /** * @desc Check that IUT discards a SecuredMessage if the subject attribute of type verification_key is missing in the AT certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_18_01_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_1)
             *       containing header_fields ['signer_info'].signer
             *         containing type
             *           indicating 'certificate'
             *         and containing certificate (CERT_TS_18_01_BO_AT)
             *           not containing subject_attributes['verification_key']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_18_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_18_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1801_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_18_01_BO /** * @desc Check that IUT discards a SecuredMessage if the subject attribute of type verification_key is missing in the AA certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             *     and the IUT current time is inside the time validity period of CERT_TS_18_02_BO_AT
             * Expected results:
             *   ensure that
             *     when the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_1)
             *       containing header_fields ['signer_info'].signer
             *         containing type
             *           indicating 'certificate'
             *         and containing certificate (CERT_TS_18_02_BO_AT)
             *           containing signer_info.digest
             *             referencing to certificate (CERT_TS_18_02_BO_AA)
             *               not containing subject_attributes['verification_key']
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_18_02_BO * @reference ETSI TS 103 097 v1.2.1, clause 7.4.1 */ testcase TC_SEC_ITSS_RCV_CERT_18_02_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1802_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_18_02_BO /** * @desc Check that IUT discards a SecuredMessage if the reserved region type has been used in region validity restriction of the AT certificate *
             * Pics Selection: PICS_GN_SECURITY
             * Config Id: CF01
             * Initial conditions:
             *   with
             *     the IUT being in the 'authorized' state
             * Expected results:
             *   ensure that
             *     when
             *       the IUT is receiving a SecuredMessage
             *         containing header_fields ['signer_info'].signer.certificate (CERT_TS_19_01_BO_AT)
             *           containing validity_restrictions['region']
             *             containing region_type
             *               indicating 240
             *     then
             *       the IUT discards the message
             * 
* @see ETSI TS 103 096-2 v1.3.1 TP_SEC_ITSS_RCV_CERT_19_01_BO * @reference ETSI TS 103 097 v1.2.1, clause 4.2.2.1 */ testcase TC_SEC_ITSS_RCV_CERT_19_01_BO() runs on ItsGeoNetworking system ItsSecSystem { // Local variables var integer i; var GeoNetworkingPdu v_securedGnPdu; var GnRawPayload v_sentRawPayload; // Test adapter configuration if (not(PICS_GN_SECURITY)) { log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); stop; } // Test component configuration f_cf01Up(); // Test adapter configuration // Preamble f_prNeighbour(); f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); // Test Body v_securedGnPdu := f_sendSecuredCam(cc_taCert1901_BO, omit, e_certificate); f_sleep(PX_TNOAC); v_sentRawPayload := f_adaptPayloadForUtInd_m(v_securedGnPdu.gnPacket.packet.payload); for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { // Empty on purpose } if (i < lengthof(vc_utInds)) { log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); } else { log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer ***"); f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); } // Postamble f_poNeighbour(); f_cf01Down(); } // End of testcase TC_SEC_ITSS_RCV_CERT_19_01_BO } // End of group recvCertificatesProfile } // End of group receiverbehavior } // End of module ItsSecurity_TestCase