Newer
Older
// Test adapter configuration
// Preamble
f_init_default_headers_list(-, "inner_ec_response", v_headers);
tc_ac.start;
alt {
[] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request) {
log("*** " & testcasename() & ": INFO: First enrolment request received ***");
tc_ac.stop;
f_http_restart("inner_ec_request");
log("*** " & testcasename() & ": INCONC: First enrolment request not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_wait.start(PX_EC_REPETITION_TIMEOUT);
alt {
[] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request) {
log("*** " & testcasename() & ": PASS: EC repetition has been received after a ", tc_wait.read, " ***");
tc_wait.stop;
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
[] tc_wait.timeout {
log("*** " & testcasename() & ": FAIL: EC repetition was not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
}
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_ENR_REP_01_BV_pki
} // End of group f_TC_SECPKI_ITSS_ENR_REP_01_BV
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
/**
* @desc Check that IUT uses the same message to perform enrollment retry
* <pre>
* Pics Selection: PICS_SECPKI_ENROLLMENT_RETRY
* Initial conditions: {
* the IUT being in the 'initialized' state
* and the IUT already sent the Enrollment Request (M)
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is triggered to re-send an Enrollment Request
* }
* then {
* the IUT sends M to EA
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 TP SECPKI_ITSS_ENR_REP_02_BV
* @reference ETSI TS 103 601, clause 5.1.2
*/
group f_TC_SECPKI_ITSS_ENR_REP_02_BV {
testcase TC_SECPKI_ITSS_ENR_REP_02_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT or not PICS_SECPKI_ENROLLMENT_RETRY) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT or PICS_SECPKI_ENROLLMENT_RETRY required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
// Start component
v_itss.start(f_TC_SECPKI_ITSS_ENR_REP_01_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_ENR_REP_02_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
} // End of testcase TC_SECPKI_ITSS_ENR_REP_02_BV
function f_TC_SECPKI_ITSS_ENR_REP_02_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
var HttpMessage v_request1;
var HttpMessage v_request2;
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
// Test adapter configuration
// Preamble
f_init_default_headers_list(-, "inner_ec_response", v_headers);
tc_ac.start;
alt {
[] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request1) {
log("*** " & testcasename() & ": INFO: First enrolment request received ***");
f_http_restart("inner_ec_request");
log("*** " & testcasename() & ": INCONC: First enrolment request not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
} // End of 'alt' statement
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
// Test Body
[] a_await_ec_http_request_from_iut(
mw_http_request(
mw_http_request_post(
PICS_HTTP_POST_URI_EC,
-,
v_request1.request.body)),
v_request2)
{
log("*** " & testcasename() & ": PASS: Same enrolment request received ***");
// send error respond to prevent future requests
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_success);
[] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request2) {
tc_ac.stop;
log("*** " & testcasename() & ": FAIL: 2nd enrolment request is not identical ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_error);
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: First enrolment request not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_tbDone, e_timeout);
}
} // End of 'alt' statement
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_ENR_REP_02_BV_pki
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
} // End of group f_TC_SECPKI_ITSS_ENR_REP_02_BV
/**
* @desc Check that IUT stops sending the Enrollment Request message if Enrollment Response message has been received
* <pre>
* Pics Selection: PICS_SECPKI_ENROLLMENT_RETRY
* Initial conditions: {
* the IUT being in the 'initialized' state
* and the IUT has sent the Enrollment Request more than 1 time
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT receives an Enrollment Response
* }
* then {
* the IUT stops sending Enrollment Requests to EA
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 TP SECPKI_ITSS_ENR_REP_03_BV
* @reference ETSI TS 103 601, clause 5.1.2
*/
testcase TC_SECPKI_ITSS_ENR_REP_03_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT or not PICS_SECPKI_ENROLLMENT_RETRY) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT or PICS_SECPKI_ENROLLMENT_RETRY required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
v_itss.start(f_TC_SECPKI_ITSS_ENR_REP_01_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_ENR_REP_03_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
} // End of testcase TC_SECPKI_ITSS_ENR_REP_03_BV
group f_TC_SECPKI_ITSS_ENR_REP_03_BV {
function f_TC_SECPKI_ITSS_ENR_REP_03_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
var HttpMessage v_request;
var HttpMessage v_initial_request;
var integer v_rep_count := 0;
var integer c_rep_answer := 2; // answer to the n-th request repetition
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
// Test adapter configuration
// Preamble
f_init_default_headers_list(-, "inner_ec_response", v_headers);
tc_ac.start;
alt {
[] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_initial_request) {
log("*** " & testcasename() & ": INFO: First enrolment request received ***");
tc_ac.stop;
f_http_restart("inner_ec_request");
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: First enrolment request not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
} // End of 'alt' statement
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test Body
tc_ac.start;
alt {
// match initial request
[] a_await_ec_http_request_from_iut(
mw_http_ec_request_generic(
v_initial_request.request.body.binary_body.ieee1609dot2_data
),
v_request
) {
v_rep_count := v_rep_count + 1;
if (v_rep_count < c_rep_answer) {
// skip repetition
log("*** " & testcasename() & ": ", v_rep_count, " EC repetition has been received. Continue ***");
f_http_restart("inner_ec_request");
tc_ac.start;
repeat;
}
if(v_rep_count == c_rep_answer) {
// answer this repetition
log("*** " & testcasename() & ": ", v_rep_count, " EC repetition has been received. Respond ***");
var InnerEcRequest v_inner_ec_request;
var InnerEcResponse v_inner_ec_response;
var HttpMessage v_response;
var integer v_result;
f_verify_http_ec_request_from_iut_itss(v_request.request, v_headers, v_inner_ec_request, v_inner_ec_response, v_response, v_result);
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
} else { // Send HTTP error 500
f_send_500_Internal_Error(v_headers);
}
// Set verdict
if (v_result == 0) {
log("*** " & testcasename() & ": PASS: InnerEcRequest received ***");
} else {
log("*** " & testcasename() & ": FAIL: Failed to verify EA an EnrolmentRequestMessage ***");
repeat;
}
// repetition request received after sending the response
log("*** " & testcasename() & ": FAIL: Repetition request received after response ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
[] a_await_ec_http_request_from_iut( mw_http_ec_request_generic, v_request ) {
tc_ac.stop;
f_send_500_Internal_Error(v_headers);
log("*** " & testcasename() & ": INCONC: New request received during repetition period ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
if(v_rep_count < c_rep_answer) {
log("*** " & testcasename() & ": INCONC: Timeout occured during the repetition period ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
log("*** " & testcasename() & ": PASS: EC repetition request was not received after response ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_ENR_REP_03_BV_pki
} // End of group f_TC_SECPKI_ITSS_ENR_REP_03_BV
/**
* @desc Check that IUT stops sending the Enrollment Request message if maximum number of retry has been reached
* <pre>
* Pics Selection: PICS_SECPKI_ENROLLMENT_RETRY
* Initial conditions: {
* the IUT being in the 'initialized' state
* and the IUT has started sending the Enrollment Request
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT sent the PIXIT_ENR_MAX_N1 Enrollment Request messages
* }
* then {
* the IUT stops sending Enrollment Requests
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 TP SECPKI_ITSS_ENR_REP_04_BV
* @reference ETSI TS 103 601, clause 5.1.2
*/
testcase TC_SECPKI_ITSS_ENR_REP_04_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT or not PICS_SECPKI_ENROLLMENT_RETRY) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT or PICS_SECPKI_ENROLLMENT_RETRY required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
v_itss.start(f_TC_SECPKI_ITSS_ENR_REP_01_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_ENR_REP_04_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
} // End of testcase TC_SECPKI_ITSS_ENR_REP_04_BV
group f_TC_SECPKI_ITSS_ENR_REP_04_BV {
function f_TC_SECPKI_ITSS_ENR_REP_04_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
var HttpMessage v_initial_request;
var HttpMessage v_request;
var integer v_count := 0;
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
// Test adapter configuration
// Preamble
f_init_default_headers_list(-, "inner_ec_response", v_headers);
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
// Test Body
tc_ac.start;
alt{
[v_count <= PX_ENR_MAX_N1] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_initial_request) {
v_count := v_count + 1;
repeat;
}
[] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_initial_request){
// count exceed
log("*** " & testcasename() & ": FAIL: Too many repetitions of Enrolment requests received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_error);
}
[] tc_ac.timeout{
if(v_count > PX_ENR_MAX_N1){
log("*** " & testcasename() & ": PASS: Maximum number of Enrollment request repetitions received ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
}
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_ENR_REP_04_BV_pki
} // End of group f_TC_SECPKI_ITSS_ENR_REP_04_BV
/**
* @desc Check that IUT stops sending the Enrollment Request message if timeout has been reached
* <pre>
* Pics Selection: PICS_SECPKI_ENROLLMENT_RETRY
* Initial conditions: {
* the IUT being in the 'initialized' state
* and the IUT has started sending the Enrollment Request at the time T1
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT sent the PIXIT_ENR_TIMEOUT_TH2 Enrollment Request messages
* }
* then {
* the IUT stops sending an Enrollment Request messages
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 TP SECPKI_ITSS_ENR_REP_05_BV
* @reference ETSI TS 103 601, clause 5.1.2
*/
testcase TC_SECPKI_ITSS_ENR_REP_05_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT or not PICS_SECPKI_ENROLLMENT_RETRY) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT or PICS_SECPKI_ENROLLMENT_RETRY required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
v_itss.start(f_TC_SECPKI_ITSS_ENR_REP_01_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_ENR_REP_05_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
// Cleanup
f_cfMtcDown01(v_itss, v_ea);
} // End of testcase TC_SECPKI_ITSS_ENR_REP_05_BV
group f_TC_SECPKI_ITSS_ENR_REP_05_BV {
function f_TC_SECPKI_ITSS_ENR_REP_05_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
// Test adapter configuration
// Preamble
f_init_default_headers_list(-, "inner_ec_response", v_headers);
[] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_initial_request) {
log("*** " & testcasename() & ": INFO: First enrolment request received ***");
f_http_restart("inner_ec_request");
}
log("*** " & testcasename() & ": INCONC: First enrolment request not received ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
} // End of 'alt' statement
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
// Test body
tc_wait.start(PX_EC_REPETITION_TIMEOUT_TH2);
alt {
[] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request) {
log("*** " & testcasename() & ": FAIL: No EC repetition should be received ***");
tc_wait.stop;
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
[] tc_wait.timeout {
log("*** " & testcasename() & ": PASS: EC repetition not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
}
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_ENR_REP_05_BV_pki
} // End of group f_TC_SECPKI_ITSS_ENR_REP_05_BV
} // End of group itss_enrollment_request_repetition
// ETSI TS 103 525-2 V2.0.2 (2023-07) Clause 5.2.3.1 Authorization request
/**
* @desc Check that the ITS-S send the Authorization HttpRequest message to the Authorization Authority (AA) to request an authorization ticket.
* <pre>
* Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION
* Initial conditions:
* with {
* the IUT being in the "operational state"
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is triggered to requested a new Authorization Ticket (AT)
* }
* then {
* the IUT sends EtsiTs103097Data to the AA
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_AUTH_01_BV
* @reference ETSI TS 102 941 [2], clause 6.2.3.3.0
*/
testcase TC_SECPKI_ITSS_AUTH_01_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_01_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_01_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
function f_TC_SECPKI_ITSS_AUTH_01_BV_itss() runs on ItsPkiItss system ItsPkiItssSystem {
// Local variables
var HashedId8 v_certificate_digest;
var EtsiTs103097Certificate v_certificate;
var InfoPortData v_info_port_data;
var boolean v_start_awaiting := false;
vc_hashedId8ToBeUsed := "";
YannGarcia
committed
geoNetworkingPort.clear;
YannGarcia
committed
alt {
[] geoNetworkingPort.receive {
log("No CA message expected");
f_selfOrClientSyncAndVerdict(c_prDone, e_error);
YannGarcia
committed
}
log("*** " & testcasename() & "_itss: : INFO: No CA message received ***");
if (PX_TRIGGER_EC_BEFORE_AT) {
f_sendUtTriggerEnrolmentRequestPrimitive();
tc_ac.start;
alt {
[] utPort.receive(UtPkiTriggerInd: { state := 1 }) {
tc_ac.stop;
log("*** " & testcasename() & "_itss: INFO: IUT is in enrol state ***");
}
[LibItsPki_Pics.PICS_UT_STATE_INDICATION] tc_ac.timeout {
log("*** " & testcasename() & "_itss: DBG: IUT state update not recieved ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
[not(LibItsPki_Pics.PICS_UT_STATE_INDICATION)] tc_ac.timeout {
log("*** " & testcasename() & "_itss: DBG: IUT doesn't support state indication. Assume it was well done.***");
}
} // End of 'alt' statement
} else {
log("*** " & testcasename() & "_itss: DBG: Assume IUT already in enrolled state.***");
}
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
} // End of 'alt' statement
// Test Body
f_sendUtTriggerAuthorizationRequestPrimitive();
tc_ac.start;
alt {
[v_start_awaiting == true] a_await_cam_with_current_cert(
v_info_port_data.at_certificate
) {
log("*** " & testcasename() & ": PASS: IUT started to send CA message using new AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
}
[] geoNetworkingPort.receive {
log("*** " & testcasename() & ": FAIL: IUT started to send CA message using wrong AT certificate ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
[] infoPort.receive(InfoPortData:?) -> value v_info_port_data {
log("*** " & testcasename() & ": INFO: Received new AT certificate ***");
v_start_awaiting := true;
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & "_itss: : PASS: No CA message received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cfDown_itss();
} // End of function f_TC_SECPKI_ITSS_AUTH_01_BV_itss
function f_TC_SECPKI_ITSS_AUTH_01_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var Headers v_headers;
var HttpMessage v_request;
var InnerEcRequest v_inner_ec_request;
var template (omit) EtsiTs103097Certificate v_ec_cert := omit;
// Test component configuration
f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
f_init_default_headers_list(-, "inner_at_response", v_headers);
if (f_await_ec_request_send_response(v_inner_ec_request, v_inner_ec_response, v_request) == true) {
v_ec_cert := v_inner_ec_response.certificate;
log("*** " & testcasename() & ": INFO: Enrolment succeed ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
} else {
log("*** " & testcasename() & ": INCONC: Enrolment failed ***");
f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
}
} else {
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
[] a_await_at_http_request_from_iut(
mw_http_request(
mw_http_request_post(
PICS_HTTP_POST_URI_AT,
-,
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentRequestMessage(
mw_encryptedData(
{ *, mw_recipientInfo_certRecipInfo(mw_pKRecipientInfo(vc_aaHashedId8)), * },
mw_symmetricCiphertext_aes128ccm
var HttpMessage v_response;
var integer v_result;
var InnerAtRequest v_inner_at_request;
var InnerAtResponse v_inner_at_response;
f_verify_http_at_request_from_iut_itss(v_request.request, v_headers, v_ec_cert, v_inner_at_request, v_inner_at_response, v_response, v_result);
log("f_TC_SECPKI_ITSS_AUTH_01_BV_pki: v_result: ", v_result);
log("f_TC_SECPKI_ITSS_AUTH_01_BV_pki: v_response: ", v_response);
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
}
// Set verdict
if (v_result == 0) {
var octetstring v_msg;
var octetstring v_hashed_id8;
log("*** " & testcasename() & ": PASS: InnerAtResponse received ***");
v_msg := bit2oct(encvalue(v_inner_at_response.certificate));
if (ischosen(v_inner_at_response.certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
v_hashed_id8 := f_hashedId8FromSha384(f_hashWithSha384(v_msg));
} else {
v_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256(v_msg));
}
infoPort.send(InfoPortData : { hashed_id8 := v_hashed_id8, at_certificate := v_inner_at_response.certificate });
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Failed to verify EA an EnrolmentRequestMessage ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
}
} // End of 'alt' statement
// Postamble
f_cfHttpDown();
} // End of function f_TC_SECPKI_ITSS_AUTH_01_BV_pki
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
/**
* @desc Check that the AuthorizationRequest message is encrypted and sent to only one Authorization Authority.
* <pre>
* Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION
* Initial conditions:
* with {
* the IUT being in the "operational state"
* authorized with CERT_AA certificate
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is triggered to requested a new Authorization Ticket (AT)
* }
* then {
* the IUT sends EtsiTs103097Data to the AA
* containing content.encryptedData.recipients
* indicating size 1
* and containing the instance of RecipientInfo
* containing certRecipInfo
* containing recipientId
* indicating HashedId8 of the CERT_AA
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_AUTH_02_BV
* @reference ETSI TS 102 941 [2], clause 6.2.3.3.1
*/
testcase TC_SECPKI_ITSS_AUTH_02_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_01_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_01_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
/**
* @desc Check that the AuthorizationRequest message is encrypted using the encryptionKey found in the AA certificate referenced in recipientId.
* <pre>
* Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION
* Initial conditions:
* with {
* the IUT being in the "operational state"
* authorized with AA certificate
* containing encryptionKey (AA_ENC_PUB_KEY)
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is triggered to requested a new Authorization Ticket (AT)
* }
* then {
* the IUT sends EtsiTs103097Data to the AA
* containing content.encryptedData
* containing ciphertext
* containing data
* encrypted using AA_ENC_PUB_KEY
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_AUTH_03_BV
* @reference ETSI TS 102 941 [2], clause 6.2.3.3.1
*/
testcase TC_SECPKI_ITSS_AUTH_03_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_01_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_01_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
/**
* @desc Check that the AuthorizationRequest message is never reused the same encryption key and nonce.
* <pre>
* Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION
* Initial conditions:
* with {
* the IUT being in the "operational state"
* }
* Expected behaviour:
* ensure that {
* when {
* the IUT is triggered to requested a new Authorization Ticket (AT)
* }
* then {
* the IUT sends EtsiTs103097Data to the AA
* containing content.encryptedData
* containing ciphertext.aes128Ccm.nonce
* indicating value not equal to the nonce in N previous messages
* and containing recipients[0].certRecipInfo.encKey
* containing encrypted symmetric key (S_KEY)
* indicating symmetric key not equal to the key was used in N previous messages
* }
* }
* </pre>
*
* @see ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_AUTH_04_BV
* @reference ETSI TS 102 941 [2], clause 6.2.3.3.1
*/
testcase TC_SECPKI_ITSS_AUTH_04_BV() runs on ItsMtc system ItsPkiItssSystem {
// Local variables
var ItsPkiItss v_itss;
var ItsPkiHttp v_ea;
// Test control
if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_AUTHORIZATION) {
log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_AUTHORIZATION required for executing the TC ***");
setverdict(inconc);
stop;
}
// Test component configuration
f_cfMtcUp01(v_itss, v_ea);
// Start component
v_itss.start(f_TC_SECPKI_ITSS_AUTH_04_BV_itss());
v_ea.start(f_TC_SECPKI_ITSS_AUTH_04_BV_pki());
// Synchronization
f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
function f_TC_SECPKI_ITSS_AUTH_04_BV_itss() runs on ItsPkiItss system ItsPkiItssSystem {
// Local variables
var HashedId8 v_certificate_digest := int2oct(0, 8);
var EtsiTs103097Certificate v_certificate;
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
// Preamble
// First enrolment
geoNetworkingPort.clear;
tc_ac.start;
alt {
[] a_await_cam_with_current_cert(v_certificate) {
tc_ac.stop;
if (PX_TRIGGER_EC_BEFORE_AT) {
f_sendUtTriggerEnrolmentRequestPrimitive();
f_selfOrClientSyncAndVerdict(c_prDone, e_success);
}
}
[] geoNetworkingPort.receive(
mw_geoNwInd(
mw_geoNwSecPdu(
mw_etsiTs103097Data_signed
))) {
repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected CA message not received ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_timeout);
}
} // End of 'alt' statement
// Test Body
// N authorization
for (var integer v_i := 0; v_i < PX_RE_AUTHORIZATION_COUNTER; v_i := v_i + 1) {
f_sendUtTriggerAuthorizationRequestPrimitive();
f_sleep(PX_RE_AUTHORIZATION_DELAY);
} // End of 'for' statement
log("*** " & testcasename() & ": PASS: Enrolment trigger sent succesfully ***");
f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
// Postamble
f_cfDown_itss();
} // End of function f_TC_SECPKI_ITSS_AUTH_04_BV_itss
function f_TC_SECPKI_ITSS_AUTH_04_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
// Local variable
var integer v_counter := 0;
var Headers v_headers;
var HttpMessage v_request;
var HttpMessage v_response;
var InnerAtRequest v_inner_at_request;
var ListOfPublicVerificationKey v_generated_keys;
var integer v_result;
// Preamble
/*f_init_default_headers_list(-, "inner_at_response", v_headers);
// Wait for the first enrolment response
tc_ac.start;
alt {
[] a_await_at_http_response_from_iut(
mw_http_request(
mw_http_request_post(
PICS_HTTP_POST_URI_EC,
-,
mw_http_message_body_binary(
mw_binary_body_ieee1609dot2_data(
mw_enrolmentRequestMessage(
mw_encryptedData(
{ *, mw_recipientInfo_pskRecipInfo(vc_aaHashedId8), * },
mw_symmetricCiphertext_aes128ccm
)))))),
v_request
) {
tc_ac.stop;
// Verify IUT response
f_verify_http_at_request_from_iut_itss(v_request.request, v_request.headers, v_inner_at_request, v_response, v_result);
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
}
// Set verdict
if (v_result == 0) {
v_generated_keys[v_counter] := v_inner_at_request.publicKeys.verificationKey;
v_counter := v_counter + 1;
f_selfOrClientSyncAndVerdictTestBody(c_prDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Failed to verify EA an EnrolmentRequestMessage ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_error);
}
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": INCONC: Expected message not received ***");
f_selfOrClientSyncAndVerdict(c_prDone, e_timeout);
}
} // End of 'alt' statement