Newer
Older
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
}
// Set verdict
if (v_result == 0) {
var octetstring v_msg;
var octetstring v_hashed_id8;
log("*** " & testcasename() & ": PASS: InnerAtResponse received ***");
v_msg := bit2oct(encvalue(v_inner_at_response.certificate));
if (ischosen(v_inner_at_response.certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_hashed_id8 := f_hashedId8FromSha384(f_hashWithSha384(v_msg));
} else {
v_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256(v_msg));
}
infoPort.send(InfoPortData : { hashed_id8 := v_hashed_id8, at_certificate := v_inner_at_response.certificate });
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Failed to verify EA an EnrolmentRequestMessage ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_AUTH_14_BV_pki
} // End of group f_TC_SECPKI_ITSS_AUTH_14_BV
/**
* @desc Check that the ecSignature of the Authorization request is not encrypted
* <pre>
* Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION
* Initial conditions:
* with {
* the IUT in 'enrolled' state
* and the AA in 'operational' state
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is triggered to request new Authorization Ticket (AT)
* }
* then {
* the IUT sends EtsiTs103097Data to the AA
* containing EtsiTs102941Data
* containing authorizationRequest
* containing ecSignature
* containing ecSignature
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_AUTH_16_BV
* @reference ETSI TS 102 941 [2], clause 6.2.3.3.1
*/
testcase TC_SECPKI_ITSS_AUTH_16_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_01_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_16_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
} // End of testcase TC_SECPKI_ITSS_AUTH_16_BV
group f_TC_SECPKI_ITSS_AUTH_16_BV {
function f_TC_SECPKI_ITSS_AUTH_16_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
var HttpMessage v_request;
var InnerEcResponse v_inner_ec_response;
var InnerEcRequest v_inner_ec_request;
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
// Test adapter configuration
// Preamble
f_init_default_headers_list(-, "inner_at_response", v_headers);
if (PX_TRIGGER_EC_BEFORE_AT) {
if (f_await_ec_request_send_response(v_inner_ec_request, v_inner_ec_response, v_request) == true) {
log("*** " & testcasename() & ": INFO: Enrolment succeed ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: Enrolment failed ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
} else {
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
// Test Body
tc_ac.start;
alt {
[] a_await_at_http_request_from_iut(
mw_http_request(
mw_http_request_post(
PICS_HTTP_POST_URI_AT,
-,
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentRequestMessage(
mw_encryptedData(
{ *, mw_recipientInfo_certRecipInfo(mw_pKRecipientInfo(vc_aaHashedId8)), * },
mw_symmetricCiphertext_aes128ccm
)))))),
v_request
) {
var HttpMessage v_response;
var integer v_result;
var InnerAtRequest v_inner_at_request;
var InnerAtResponse v_inner_at_response;
var boolean v_contains_ecsignature;
tc_ac.stop;
// Verify IUT response
f_verify_http_at_request_from_iut_itss_for_ecSignature(v_request.request, v_headers, v_inner_ec_response.certificate, v_inner_at_request, v_inner_at_response, v_response, v_result, v_contains_ecsignature);
log("f_TC_SECPKI_ITSS_AUTH__BV_pki: v_result: ", v_result);
log("f_TC_SECPKI_ITSS_AUTH_01_BV_pki: v_response: ", v_response);
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
}
// Set verdict
if (v_result == 0 and v_contains_ecsignature == true) {
var octetstring v_msg;
var octetstring v_hashed_id8;
log("*** " & testcasename() & ": PASS: InnerAtResponse received ***");
v_msg := bit2oct(encvalue(v_inner_at_response.certificate));
if (ischosen(v_inner_at_response.certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_hashed_id8 := f_hashedId8FromSha384(f_hashWithSha384(v_msg));
} else {
v_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256(v_msg));
}
infoPort.send(InfoPortData : { hashed_id8 := v_hashed_id8, at_certificate := v_inner_at_response.certificate });
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Failed to verify AT an AuthorizationRequestMessage ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_AUTH_16_BV_pki
} // End of group f_TC_SECPKI_ITSS_AUTH_16_BV
YannGarcia
committed
} // End of group itss_authorization_request
// ETSI TS 103 525-2 V2.0.2 (2023-07) Clause 5.2.3.2 Authorization response handling
YannGarcia
committed
group itss_authorization_response {
// Void
} // End of group itss_authorization_response
// ETSI TS 103 525-2 V2.0.2 (2023-07) Clause 5.2.3.3 Authorization request repetition
YannGarcia
committed
5192
5193
5194
5195
5196
5197
5198
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
5212
5213
5214
5215
5216
5217
5218
5219
5220
group itss_authorization_request_repetition {
/**
* @desc Check that IUT repeats an authorization request when response has not been received
* <pre>
* Pics Selection: PICS_SECPKI_AUTHORIZATION_RETRY
* Initial conditions: {
* the IUT being in the 'enrolled' state
* and the IUT already sent the Authorization Request at the time T1
* and the IUT has not yet received the Authorization Response
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT local time is reached the T1 + PIXIT_AUTH_TIMEOUT_TH1
* }
* then {
* the IUT sends to EA an AuthorizationRequestMessage
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 TP SECPKI_ITSS_AUTH_REP_01_BV
* @reference ETSI TS 103 601, clause 5.2
*/
testcase TC_SECPKI_ITSS_AUTH_REP_01_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
YannGarcia
committed
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
YannGarcia
committed
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
YannGarcia
committed
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_REP_01_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_REP_01_BV_pki());
YannGarcia
committed
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
YannGarcia
committed
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
YannGarcia
committed
} // End of testcase TC_SECPKI_ITSS_AUTH_REP_01_BV
YannGarcia
committed
group f_TC_SECPKI_ITSS_AUTH_REP_01_BV {
YannGarcia
committed
function f_TC_SECPKI_ITSS_AUTH_REP_01_BV_itss() runs on ItsPkiItss system ItsPkiItssSystem {
// Local variables
var HashedId8 v_certificate_digest;
var EtsiTs103097Certificate v_certificate;
var InfoPortData v_info_port_data;
var boolean v_start_awaiting := false;
YannGarcia
committed
// Test component configuration
vc_hashedId8ToBeUsed := PX_IUT_DEFAULT_CERTIFICATE;
f_cfUp_itss();
YannGarcia
committed
// Test adapter configuration
YannGarcia
committed
// Preamble
// Initial state: No CAM shall be emitted
geoNetworkingPort.clear;
tc_noac.start;
alt {
[] geoNetworkingPort.receive {
log("No CA message expected");
f_selfOrClientSyncAndVerdict(c_prDone, e_error);
}
[] tc_noac.timeout {
f_sendUtTriggerEnrolmentRequestPrimitive();
log("*** " & testcasename() & "_itss: : INFO: No CA message received ***");
YannGarcia
committed
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
} // End of 'alt' statement
YannGarcia
committed
// Test Body
f_sendUtTriggerAuthorizationRequestPrimitive();
tc_ac.start;
alt {
[v_start_awaiting == true] a_await_cam_with_current_cert(
v_info_port_data.at_certificate
) {
log("*** " & testcasename() & ": PASS: IUT started to send CA message using new AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
[] geoNetworkingPort.receive {
log("*** " & testcasename() & ": FAIL: IUT started to send CA message using wrong AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
[] infoPort.receive(InfoPortData:?) -> value v_info_port_data {
log("*** " & testcasename() & ": INFO: Received new AT certificate ***");
v_start_awaiting := true;
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & "_itss: : PASS: No CA message received ***");
YannGarcia
committed
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
YannGarcia
committed
// Postamble
f_cfDown_itss();
} // End of function f_TC_SECPKI_ITSS_AUTH_REP_01_BV_itss
YannGarcia
committed
function f_TC_SECPKI_ITSS_AUTH_REP_01_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
var HttpMessage v_request;
var InnerEcRequest v_inner_ec_request;
YannGarcia
committed
var InnerEcResponse v_inner_ec_response;
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
YannGarcia
committed
// Test adapter configuration
YannGarcia
committed
// Preamble
f_init_default_headers_list(-, "inner_at_response", v_headers);
YannGarcia
committed
if (PX_TRIGGER_EC_BEFORE_AT) {
f_await_ec_request_send_error_response(v_request);
log("*** " & testcasename() & ": INFO: Reply with 400 Bad Request error message ***");
}
// Wait for the repetition
if (PX_TRIGGER_EC_BEFORE_AT) {
if (f_await_ec_request_send_response(v_inner_ec_request, v_inner_ec_response, v_request) == true) {
YannGarcia
committed
log("*** " & testcasename() & ": INFO: Enrolment succeed ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: Enrolment failed ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
} else {
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
v_inner_ec_response.certificate := omit;
YannGarcia
committed
}
YannGarcia
committed
// Test Body
tc_ac.start;
alt {
[] a_await_at_http_response_from_iut(
mw_http_request(
mw_http_request_post(
PICS_HTTP_POST_URI_EC,
-,
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentRequestMessage(
mw_encryptedData(
{ *, mw_recipientInfo_pskRecipInfo(vc_aaHashedId8), * },
mw_symmetricCiphertext_aes128ccm
YannGarcia
committed
)))))),
v_request
) {
var HttpMessage v_response;
var integer v_result;
var InnerAtRequest v_inner_at_request;
var InnerAtResponse v_inner_at_response;
YannGarcia
committed
tc_ac.stop;
// Verify IUT response
f_verify_http_at_request_from_iut_itss(v_request.request, v_headers, v_inner_ec_response.certificate, v_inner_at_request, v_inner_at_response, v_response, v_result);
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
}
// Set verdict
if (v_result == 0) {
var octetstring v_msg;
var octetstring v_hashed_id8;
YannGarcia
committed
log("*** " & testcasename() & ": PASS: InnerEcRequest received ***");
v_msg := bit2oct(encvalue(v_inner_at_response.certificate));
if (ischosen(v_inner_at_response.certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_hashed_id8 := f_hashedId8FromSha384(f_hashWithSha384(v_msg));
} else {
v_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256(v_msg));
}
infoPort.send(InfoPortData : { hashed_id8 := v_hashed_id8, at_certificate := v_inner_at_response.certificate });
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Failed to verify EA an EnrolmentRequestMessage ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
YannGarcia
committed
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_AUTH_REP_01_BV_pki
YannGarcia
committed
} // End of group f_TC_SECPKI_ITSS_AUTH_REP_01_BV
YannGarcia
committed
5397
5398
5399
5400
5401
5402
5403
5404
5405
5406
5407
5408
5409
5410
5411
5412
5413
5414
5415
5416
5417
5418
5419
5420
5421
5422
/**
* @desc Check that IUT uses the same message to perform authorization retry
* <pre>
* Pics Selection: PICS_SECPKI_AUTHORIZATION_RETRY
* Initial conditions: {
* the IUT being in the 'enrolled' state
* and the IUT already sent the Authorization Request at the time T1
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is triggered to re-send an AuthorizationRequestMessage to AA
* }
* then {
* the IUT sends M to AA
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 TP SECPKI_ITSS_AUTH_REP_02_BV
* @reference ETSI TS 103 601, clause 5.1.2
*/
testcase TC_SECPKI_ITSS_AUTH_REP_02_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
YannGarcia
committed
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
YannGarcia
committed
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
YannGarcia
committed
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_REP_02_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_REP_02_BV_pki());
YannGarcia
committed
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
YannGarcia
committed
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
YannGarcia
committed
} // End of testcase TC_SECPKI_ITSS_AUTH_REP_02_BV
YannGarcia
committed
group f_TC_SECPKI_ITSS_AUTH_REP_02_BV {
YannGarcia
committed
function f_TC_SECPKI_ITSS_AUTH_REP_02_BV_itss() runs on ItsPkiItss system ItsPkiItssSystem {
// Local variables
var HashedId8 v_certificate_digest;
var EtsiTs103097Certificate v_certificate;
var InfoPortData v_info_port_data;
var boolean v_start_awaiting := false;
YannGarcia
committed
// Test component configuration
vc_hashedId8ToBeUsed := PX_IUT_DEFAULT_CERTIFICATE;
f_cfUp_itss();
YannGarcia
committed
// Test adapter configuration
YannGarcia
committed
// Preamble
// Initial state: No CAM shall be emitted
geoNetworkingPort.clear;
tc_noac.start;
alt {
[] geoNetworkingPort.receive {
log("No CA message expected");
f_selfOrClientSyncAndVerdict(c_prDone, e_error);
}
[] tc_noac.timeout {
f_sendUtTriggerEnrolmentRequestPrimitive();
log("*** " & testcasename() & "_itss: : INFO: No CA message received ***");
YannGarcia
committed
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
} // End of 'alt' statement
YannGarcia
committed
// Test Body
f_sendUtTriggerAuthorizationRequestPrimitive();
tc_ac.start;
alt {
[v_start_awaiting == true] a_await_cam_with_current_cert(
v_info_port_data.at_certificate
) {
log("*** " & testcasename() & ": PASS: IUT started to send CA message using new AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
[] geoNetworkingPort.receive {
log("*** " & testcasename() & ": FAIL: IUT started to send CA message using wrong AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
[] infoPort.receive(InfoPortData:?) -> value v_info_port_data {
log("*** " & testcasename() & ": INFO: Received new AT certificate ***");
v_start_awaiting := true;
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & "_itss: : PASS: No CA message received ***");
YannGarcia
committed
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
YannGarcia
committed
// Postamble
f_cfDown_itss();
} // End of function f_TC_SECPKI_ITSS_AUTH_REP_02_BV_itss
YannGarcia
committed
function f_TC_SECPKI_ITSS_AUTH_REP_02_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
var HttpMessage v_initial_request;
var HttpMessage v_request;
var InnerEcRequest v_inner_ec_request;
YannGarcia
committed
var InnerEcResponse v_inner_ec_response;
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
YannGarcia
committed
// Test adapter configuration
YannGarcia
committed
// Preamble
f_init_default_headers_list(-, "inner_at_response", v_headers);
YannGarcia
committed
if (PX_TRIGGER_EC_BEFORE_AT) {
f_await_ec_request_send_error_response(v_initial_request);
log("*** " & testcasename() & ": INFO: Reply with 400 Bad Request error message ***");
}
// Wait for the repetition
if (PX_TRIGGER_EC_BEFORE_AT) {
if (f_await_ec_request_send_response(v_inner_ec_request, v_inner_ec_response, v_request) == true) {
YannGarcia
committed
log("*** " & testcasename() & ": INFO: Enrolment succeed ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: Enrolment failed ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
} else {
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
YannGarcia
committed
// Test Body
if (f_verify_repeated_request(v_request, v_initial_request) == false) {
log("*** " & testcasename() & ": FAIL: Repeatition request are different ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": PASS: Repeatition request are different ***");
YannGarcia
committed
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
// Postamble
// Process the next request
tc_ac.start;
alt {
[] a_await_at_http_response_from_iut(
mw_http_request(
mw_http_request_post(
PICS_HTTP_POST_URI_EC,
-,
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentRequestMessage(
mw_encryptedData(
{ *, mw_recipientInfo_pskRecipInfo(vc_aaHashedId8), * },
mw_symmetricCiphertext_aes128ccm
YannGarcia
committed
)))))),
v_request
) {
var HttpMessage v_response;
var integer v_result;
var InnerAtRequest v_inner_at_request;
var InnerAtResponse v_inner_at_response;
YannGarcia
committed
tc_ac.stop;
// Verify IUT response
f_verify_http_at_request_from_iut_itss(v_request.request, v_headers, v_inner_ec_response.certificate, v_inner_at_request, v_inner_at_response, v_response, v_result);
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
}
// Set verdict
if (v_result == 0) {
var octetstring v_msg;
var octetstring v_hashed_id8;
YannGarcia
committed
log("*** " & testcasename() & ": INFO: InnerEcRequest received ***");
v_msg := bit2oct(encvalue(v_inner_at_response.certificate));
if (ischosen(v_inner_at_response.certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_hashed_id8 := f_hashedId8FromSha384(f_hashWithSha384(v_msg));
} else {
v_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256(v_msg));
}
infoPort.send(InfoPortData : { hashed_id8 := v_hashed_id8, at_certificate := v_inner_at_response.certificate });
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: Failed to verify EA an EnrolmentRequestMessage ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
YannGarcia
committed
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_AUTH_REP_02_BV_pki
YannGarcia
committed
} // End of group f_TC_SECPKI_ITSS_AUTH_REP_02_BV
YannGarcia
committed
5607
5608
5609
5610
5611
5612
5613
5614
5615
5616
5617
5618
5619
5620
5621
5622
5623
5624
5625
5626
5627
5628
5629
5630
5631
5632
/**
* @desc Check that IUT stops sending the Authorization Request message if Authorization Response message has been received
* <pre>
* Pics Selection: PICS_SECPKI_AUTHORIZATION_RETRY
* Initial conditions: {
* the IUT being in the 'enrolled' state
* and the IUT has sent the Authorization Request more than 1 time
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT receives an Authorization Response
* }
* then {
* the IUT stops sending Authorization Requests to AA
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 TP SECPKI_ITSS_AUTH_REP_03_BV
* @reference ETSI TS 103 601, clause 5.1.2
*/
testcase TC_SECPKI_ITSS_AUTH_REP_03_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
YannGarcia
committed
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
YannGarcia
committed
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
YannGarcia
committed
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_REP_03_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_REP_03_BV_pki());
YannGarcia
committed
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
YannGarcia
committed
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
YannGarcia
committed
} // End of testcase TC_SECPKI_ITSS_AUTH_REP_03_BV
YannGarcia
committed
group f_TC_SECPKI_ITSS_AUTH_REP_03_BV {
YannGarcia
committed
function f_TC_SECPKI_ITSS_AUTH_REP_03_BV_itss() runs on ItsPkiItss system ItsPkiItssSystem {
// Local variables
var HashedId8 v_certificate_digest;
var EtsiTs103097Certificate v_certificate;
var InfoPortData v_info_port_data;
var boolean v_start_awaiting := false;
YannGarcia
committed
// Test component configuration
vc_hashedId8ToBeUsed := PX_IUT_DEFAULT_CERTIFICATE;
f_cfUp_itss();
YannGarcia
committed
// Test adapter configuration
YannGarcia
committed
// Preamble
// Initial state: No CAM shall be emitted
geoNetworkingPort.clear;
tc_noac.start;
alt {
[] geoNetworkingPort.receive {
log("No CA message expected");
f_selfOrClientSyncAndVerdict(c_prDone, e_error);
}
[] tc_noac.timeout {
f_sendUtTriggerEnrolmentRequestPrimitive();
log("*** " & testcasename() & "_itss: : INFO: No CA message received ***");
YannGarcia
committed
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
} // End of 'alt' statement
YannGarcia
committed
// Test Body
f_sendUtTriggerAuthorizationRequestPrimitive();
tc_ac.start;
alt {
[v_start_awaiting == true] a_await_cam_with_current_cert(
v_info_port_data.at_certificate
) {
log("*** " & testcasename() & ": PASS: IUT started to send CA message using new AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
[] geoNetworkingPort.receive {
log("*** " & testcasename() & ": FAIL: IUT started to send CA message using wrong AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
[] infoPort.receive(InfoPortData:?) -> value v_info_port_data {
log("*** " & testcasename() & ": INFO: Received new AT certificate ***");
v_start_awaiting := true;
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & "_itss: : PASS: No CA message received ***");
YannGarcia
committed
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
YannGarcia
committed
// Postamble
f_cfDown_itss();
} // End of function f_TC_SECPKI_ITSS_AUTH_REP_03_BV_itss
YannGarcia
committed
function f_TC_SECPKI_ITSS_AUTH_REP_03_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
var HttpMessage v_initial_request;
var HttpMessage v_request;
var InnerEcRequest v_inner_ec_request;
YannGarcia
committed
var InnerEcResponse v_inner_ec_response;
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
YannGarcia
committed
// Test adapter configuration
YannGarcia
committed
// Preamble
f_init_default_headers_list(-, "inner_at_response", v_headers);
YannGarcia
committed
if (PX_TRIGGER_EC_BEFORE_AT) {
f_await_ec_request_send_error_response(v_initial_request);
log("*** " & testcasename() & ": INFO: Reply with 400 Bad Request error message ***");
}
// Wait for the repetition
if (PX_TRIGGER_EC_BEFORE_AT) {
if (f_await_ec_request_send_response(v_inner_ec_request, v_inner_ec_response, v_request) == true) {
YannGarcia
committed
log("*** " & testcasename() & ": INFO: Enrolment succeed ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: Enrolment failed ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
} else {
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
YannGarcia
committed
// Test Body
tc_ac.start;
alt {
[] a_await_at_http_response_from_iut(
mw_http_request(
mw_http_request_post(
PICS_HTTP_POST_URI_EC,
-,
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentRequestMessage(
mw_encryptedData(
{ *, mw_recipientInfo_pskRecipInfo(vc_aaHashedId8), * },
mw_symmetricCiphertext_aes128ccm
YannGarcia
committed
)))))),
v_request
) {
var HttpMessage v_response;
var integer v_result;
var InnerAtRequest v_inner_at_request;
var InnerAtResponse v_inner_at_response;
YannGarcia
committed
tc_ac.stop;
// Verify IUT response
if (f_verify_repeated_request(v_request, v_initial_request) == false) {
log("*** " & testcasename() & ": FAIL: Repeatition request are different ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
} else {
f_verify_http_at_request_from_iut_itss(v_request.request, v_headers, v_inner_ec_response.certificate, v_inner_at_request, v_inner_at_response, v_response, v_result);
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
}
// Set verdict
if (v_result == 0) {
var octetstring v_msg;
var octetstring v_hashed_id8;
YannGarcia
committed
log("*** " & testcasename() & ": PASS: InnerEcRequest received ***");
v_msg := bit2oct(encvalue(v_inner_at_response.certificate));
if (ischosen(v_inner_at_response.certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_hashed_id8 := f_hashedId8FromSha384(f_hashWithSha384(v_msg));
} else {
v_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256(v_msg));
}
infoPort.send(InfoPortData : { hashed_id8 := v_hashed_id8, at_certificate := v_inner_at_response.certificate });
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Failed to verify EA an EnrolmentRequestMessage ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
5808
5809
5810
5811
5812
5813
5814
5815
5816
5817
5818
5819
5820
5821
5822
5823
5824
5825
5826
5827
5828
5829
5830
5831
5832
5833
5834
5835
5836
5837
5838
5839
5840
5841
5842
5843
5844
5845
5846
5847
5848
5849
5850
5851
5852
5853
5854
5855
5856
5857
5858
5859
5860
5861
5862
5863
5864
5865
5866
5867
5868
5869
5870
5871
5872
5873
5874
5875
5876
5877
5878
5879
5880
5881
5882
5883
5884
5885
5886
5887
5888
5889
5890
5891
5892
5893
5894
5895
5896
5897
5898
5899
5900
5901
5902
5903
5904
5905
5906
5907
5908
5909
5910
5911
5912
5913
5914
5915
5916
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_AUTH_REP_03_BV_pki
} // End of group f_TC_SECPKI_ITSS_AUTH_REP_03_BV
/**
* @desc Check that IUT stops sending the Authorization Request message if maximum number of retry has been reached
* <pre>
* Pics Selection: PICS_SECPKI_AUTHORIZATION_RETRY
* Initial conditions: {
* the IUT being in the 'enrolled' state
* and the IUT has sent the Authorization Request
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT sent the PIXIT_AUTH_MAX_N1 Authorization Request messages
* }
* then {
* the IUT stops sending Authorization Requests
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 TP SECPKI_ITSS_AUTH_REP_04_BV
* @reference ETSI TS 103 601, clause 5.1.2
*/
testcase TC_SECPKI_ITSS_AUTH_REP_04_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_REP_04_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_REP_04_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
} // End of testcase TC_SECPKI_ITSS_AUTH_REP_04_BV
group f_TC_SECPKI_ITSS_AUTH_REP_04_BV {
function f_TC_SECPKI_ITSS_AUTH_REP_04_BV_itss() runs on ItsPkiItss system ItsPkiItssSystem {
// Local variables
var HashedId8 v_certificate_digest;
var EtsiTs103097Certificate v_certificate;
var InfoPortData v_info_port_data;
var boolean v_start_awaiting := false;
// Test component configuration
vc_hashedId8ToBeUsed := PX_IUT_DEFAULT_CERTIFICATE;
f_cfUp_itss();
// Test adapter configuration
// Preamble
// Initial state: No CAM shall be emitted
geoNetworkingPort.clear;
tc_noac.start;
alt {
[] geoNetworkingPort.receive {
log("No CA message expected");
f_selfOrClientSyncAndVerdict(c_prDone, e_error);
}
[] tc_noac.timeout {
f_sendUtTriggerEnrolmentRequestPrimitive();
log("*** " & testcasename() & "_itss: : INFO: No CA message received ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
} // End of 'alt' statement
// Test Body
geoNetworkingPort.clear;
tc_ac.start;
alt {
[] geoNetworkingPort.receive {
log("No CA message expected");
f_selfOrClientSyncAndVerdict(c_prDone, e_error);
}
[] tc_ac.timeout {
log("*** " & testcasename() & "_itss: : INFO: No CA message received ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
} // End of 'alt' statement
// Postamble
f_cfDown_itss();
} // End of function f_TC_SECPKI_ITSS_AUTH_REP_04_BV_itss
function f_TC_SECPKI_ITSS_AUTH_REP_04_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
var HttpMessage v_initial_request;
var HttpMessage v_request;
var InnerEcRequest v_inner_ec_request;
var InnerEcResponse v_inner_ec_response;
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
// Test adapter configuration
// Preamble
for (var integer v_i := 0; v_i < PX_AUTH_MAX_N1; v_i := v_i + 1) {
if (PX_TRIGGER_EC_BEFORE_AT) {
f_await_ec_request_send_error_response(v_initial_request);
log("*** " & testcasename() & ": INFO: Reply with 400 Bad Request error message ***");
}
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
} // End of 'for' staement
// Do not expect any repetition
if (PX_TRIGGER_EC_BEFORE_AT) {
if (f_await_ec_request_send_response(v_inner_ec_request, v_inner_ec_response, v_request) == true) {
log("*** " & testcasename() & ": INFO: Enrolment not expected due to number of error ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
} else {
log("*** " & testcasename() & ": INCONC: No more enrolment request done ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
} else {
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_AUTH_REP_04_BV_pki
} // End of group f_TC_SECPKI_ITSS_AUTH_REP_04_BV
5953
5954
5955
5956
5957
5958
5959
5960
5961
5962
5963
5964
5965
5966
5967
5968
5969
5970
5971
5972
5973
5974
5975
5976
5977
5978
5979
5980
5981
5982
5983
5984
5985
5986
5987
5988
5989
5990
5991
5992
5993
5994
5995
5996
5997
5998
5999
6000
/**
* @desc Check that IUT stops sending the Authorization Request message if timeout has been reached
* <pre>
* Pics Selection: PICS_SECPKI_AUTHORIZATION_RETRY
* Initial conditions: {
* the IUT being in the 'enrolled' state
* and the IUT has started sending the Authorization Request at the time T1
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT local time is reached the T1 + PIXIT_AUTH_TIMEOUT_TH2
* }
* then {
* the IUT stops sending an Authorization Request messages
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 TP SECPKI_ITSS_AUTH_REP_05_BV
* @reference ETSI TS 103 601, clause 5.1.2
*/
testcase TC_SECPKI_ITSS_AUTH_REP_05_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_REP_05_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_REP_05_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
}