Skip to content
ItsPki_TestCases.ttcn 1.04 MiB
Newer Older
                log("*** " & testcasename() & ": FAIL: EC request signature verification failed ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }

              // Set verdict
              log("*** " & testcasename() & ": PASS: InnerEcRequest received ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
            }
            [] tc_ac.timeout {
              log("*** " & testcasename() & ": INCONC: Expected message not received ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
            }
          } // End of 'alt' statement
          
          // Postamble
          f_cfHttpDown();
        } // End of function f_TC_SECPKI_ITSS_ENR_01_BV_pki

      } // End of group f_TC_SECPKI_ITSS_ENR_02_BV

ASN.1 Documenter's avatar
ASN.1 Documenter committed
      /**
       * @desc In presence of a valid EC, the enrolment request of the IUT is a rekeying enrolment 
       *       request with the itsId (contained in the InnerECRequest) and the SignerIdentifier 
       *       (contained in the outer EtsiTs1030971Data-Signed) both declared as digest containing 
       *       the HashedId8 of the EC and the outer signature computed using the current valid EC 
       *       private key corresponding to the verification public key.
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       * <pre>
       * Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT and PICS_SECPKI_REENROLMENT
       * Expected behaviour:
       *     ensure that {
       *         when {
       *             the IUT is requested to send an EnrolmentRequestMessage
       *         }
       *         then {
       *             the IUT sends an EtsiTs103097Data-Encrypted
       *                 containing an encrypted EtsiTs103097Data-Signed
       *                     containing EtsiTs103097Data
       *                          containing InnerECRequestSignedForPOP
       *                             containing InnerEcRequest
       *                                 containing itsId
       *                                     declared as digest containing the HashedId8 of the EC identifier
       *                 and containing signer
       *                     declared as digest containing the HashedId8 of the EC identifier 
       *                 and containing signature 
       *                     computed using the current valid EC private key corresponding to the verification public key
       *         }
       *     }
       * </pre>
       * 
       * @see       ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_ENR_03_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       * @reference ETSI TS 102 941, clause 6.1.3
       */
      testcase TC_SECPKI_ITSS_ENR_03_BV() runs on ItsMtc system ItsPkiItssSystem {
        // Local variables
        var ItsPkiItss v_itss;
        var ItsPkiHttp v_ea;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Test control
        if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT or not PICS_SECPKI_REENROLMENT) {
          log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT and PICS_SECPKI_REENROLMENT required for executing the TC ***");
          setverdict(inconc);
          stop;
        }
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Test component configuration
        f_cfMtcUp01(v_itss, v_ea);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Start components
        v_itss.start(f_TC_SECPKI_ITSS_ENR_03_BV_itss());
        v_ea.start(f_TC_SECPKI_ITSS_ENR_03_BV_pki());
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Synchronization
        f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Cleanup
        f_cfMtcDown01(v_itss, v_ea);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      } // End of testcase TC_SECPKI_ITSS_ENR_03_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      group f_TC_SECPKI_ITSS_ENR_03_BV {
        function f_TC_SECPKI_ITSS_ENR_03_BV_itss(
                                                 in float p_delay := 0.0
                                                 ) runs on ItsPkiItss system ItsPkiItssSystem {
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Local variables
          var HashedId8               v_certificate_digest;
          var EtsiTs103097Certificate v_certificate;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test component configuration
          vc_hashedId8ToBeUsed := "";
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          f_cfUp_itss();
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test adapter configuration
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Preamble
          // Initial state: No CAM shall be emitted
          geoNetworkingPort.clear;
          tc_noac.start;
          alt {
            [] geoNetworkingPort.receive {
              log("No CA message expected");
              f_selfOrClientSyncAndVerdict(c_prDone, e_error);
              }
            [] tc_noac.timeout {
              // Trigger the first enrolment
              f_sendUtTriggerEnrolmentRequestPrimitive();
              log("*** " & testcasename() & "_itss: INFO: No CA message received ***");
ASN.1 Documenter's avatar
ASN.1 Documenter committed
              f_selfOrClientSyncAndVerdict(c_prDone, e_success);
              } 
            } // End of 'alt' statement
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test Body
          // Give time to the IUT to setup enrol state
          tc_ac.start; // TDOD To refined, use altstep
          alt {
            [] utPort.receive(UtPkiTriggerInd: { state := 1 }) {
              tc_ac.stop;
              log("*** " & testcasename() & "_itss: INFO: IUT is in enrolment state ***");
            }
            [] tc_ac.timeout {
              log("*** " & testcasename() & "_itss: DBG: IUT state update not recieved ***");
              //f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
            }
          } // End of 'alt' statement

          if(p_delay > 0.0){
            log("*** " & testcasename() & "_itss: INFO: Wait for second enrolment trigger ***");
            f_sleep(p_delay);
          }

ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Trigger the second enrolment
          f_sendUtTriggerEnrolmentRequestPrimitive();

          log("*** " & testcasename() & "_itss: PASS: Re-enrolment trigger sent succesfully ***");
          f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Postamble
          f_cfDown_itss();
        } // End of function f_TC_SECPKI_ITSS_ENR_03_BV_itss
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        function f_TC_SECPKI_ITSS_ENR_03_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
          // Local variable
          var Headers v_headers;
          var HttpMessage v_request;
          var InnerEcRequest v_inner_ec_request;
          var InnerEcResponse v_inner_ec_response;
          var HashedId8   v_ec_cert_digest;
          var octetstring v_ec_cert_hash;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test component configuration
          f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test adapter configuration
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Preamble
          f_init_default_headers_list(-, "inner_ec_response", v_headers);

          if (not(f_await_ec_request_send_response( v_inner_ec_request, v_inner_ec_response, v_request))) {
            log("*** " & testcasename() & ": FAIL: First InnerEcRequest failed ***");
            log("*** " & testcasename() & ":      v_request := ", v_request);
            f_selfOrClientSyncAndVerdict(c_prDone, e_error);
          }
          log("*** " & testcasename() & ": INFO: First InnerEcRequest received ***");
          log(">>>>> v_inner_ec_response=", v_inner_ec_response);
                        
          var HashAlgorithm ha := f_getHashAlgorithmOfVerificationKeyIndicator(v_inner_ec_response.certificate.toBeSigned.verifyKeyIndicator);
          if (ha == sha256) {
            v_ec_cert_hash := f_hashWithSha256(bit2oct(encvalue(v_inner_ec_response.certificate)));
          } else if (ha == sha384) {
            v_ec_cert_hash := f_hashWithSha384(bit2oct(encvalue(v_inner_ec_response.certificate)));
          } else {
            log("*** " & testcasename() & ": FAIL: Unknown EC certificate hash alg=", ha);
            f_selfOrClientSyncAndVerdict(c_prDone, e_error);
          }
          v_ec_cert_digest := substr(v_ec_cert_hash, lengthof(v_ec_cert_hash) - 8, 8);

          log("*** " & testcasename() & ": INFO: First InnerEcRequest received ***");
          f_selfOrClientSyncAndVerdict(c_prDone, e_success);

          // Test Body
          tc_ac.start;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          alt {
            [] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request) {
ASN.1 Documenter's avatar
ASN.1 Documenter committed
              var integer v_result;
              var HttpMessage v_response;
              var Oct16 v_request_hash, v_aes_enc_key;
              var Ieee1609Dot2Data v_decrypted_message;
              var EtsiTs102941Data v_etsi_ts_102941_data;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
              tc_ac.stop;
              f_send_500_Internal_Error(v_headers); // we don't care about response
ASN.1 Documenter's avatar
ASN.1 Documenter committed

              // Verify IUT response
              if (not(f_read_ec_request_from_iut_itss(
                                                      v_request.request.body.binary_body.ieee1609dot2_data,
                                                      v_request_hash, v_aes_enc_key,
                                                      v_decrypted_message,
                                                      v_etsi_ts_102941_data,
                                                      v_inner_ec_request))) {
                log("*** " & testcasename() & ": FAIL: Can't parse enrolment request ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
              
              if (not(isvalue(v_inner_ec_request))) {
                log("*** " & testcasename() & ": FAIL: Can't parse enrolment request ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
              if (not(match(v_inner_ec_request.itsId, v_ec_cert_digest))) {
                log("*** " & testcasename() & ": FAIL: ITS-S ID is not equal to the EC HashedId8 ***");
                log("*** " & testcasename() & ": FAIL:     ", match(v_inner_ec_request.itsId, v_ec_cert_digest));
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              if (not(ischosen(v_decrypted_message.content.signedData))) {
                log("*** " & testcasename() & ": FAIL: EC request shall contain signed message ***");
                log("*** " & testcasename() & ": FAIL:     inner data content=", v_decrypted_message.content);
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
              if (not(ischosen(v_decrypted_message.content.signedData.signer.digest))) {
                log("*** " & testcasename() & ": FAIL: re-keying EC request shall be signed by the previous EC certificate digest***");
                log("*** " & testcasename() & ": FAIL:     signerInfo=", v_decrypted_message.content.signedData.signer);
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
              if (not(f_verifyEcdsa(bit2oct(encvalue(v_decrypted_message.content.signedData.tbsData)),
                                    v_ec_cert_hash,
                                    v_decrypted_message.content.signedData.signature_,
                                    v_inner_ec_response.certificate.toBeSigned.verifyKeyIndicator.verificationKey))) {
                log("*** " & testcasename() & ": FAIL: EC request signature verification failed ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
              }
              // Set verdict
              log("*** " & testcasename() & ": PASS: InnerEcRequest received ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
            }
            [] tc_ac.timeout {
              log("*** " & testcasename() & ": INCONC: Expected message not received ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
            }
          } // End of 'alt' statement
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Postamble
          f_cfHttpDown();
        } // End of function f_TC_SECPKI_ITSS_ENR_03_BV_pki
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      } // End of group f_TC_SECPKI_ITSS_ENR_03_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      /**
       * @desc If the EC is revoked, the IUT returns to the state 'initialized'.
       * <pre>
       * Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT and PICS_SECPKI_CRL
       * Expected behaviour:
       *     ensure that {
       *         when {
       *             the IUT is requested to send an EnrollmentRequestMessage
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       *         }
       *         then {
       *             the IUT sends an EtsiTs103097Data-Encrypted
       *               containing an encrypted EtsiTs103097Data-Signed
       *                 containing EtsiTs102941Data
       *                   containing InnerECRequestSignedForPOP
       *                     containing InnerEcRequest
       *                       containing itsId
       *                         indicating the canonical identifier of the ITS-S 
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       *         }
       *     }
       * </pre>
       * 
       * @see       ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_ENR_04_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       * @reference ETSI TS 102 941, clause 6.1.3, 6.2.3.2.1
       */
      testcase TC_SECPKI_ITSS_ENR_04_BV() runs on ItsMtc system ItsPkiItssSystem {
        // Local variables
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Test control
        if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT or not PICS_SECPKI_CRL) {
          log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT and PICS_SECPKI_CRL required for executing the TC ***");
          setverdict(inconc);
          stop;
        }
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Test component configuration
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Synchronization
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Cleanup
        setverdict(inconc);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      } // End of TC_SECPKI_ITSS_ENR_04_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      /**
       * @desc If the EC expires, the IUT returns to the state 'initialized'.
       * <pre>
       * Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT
       * Expected behaviour:
       *     ensure that {
       *         when {
       *             the IUT is requested to send an EnrollmentRequestMessage
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       *         }
       *         then {
       *             the IUT sends an EtsiTs103097Data-Encrypted
       *               containing an encrypted EtsiTs103097Data-Signed
       *                 containing EtsiTs102941Data
       *                   containing InnerECRequestSignedForPOP
       *                     containing InnerEcRequest
       *                       containing itsId
       *                         indicating the canonical identifier of the ITS-S 
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       *         }
       *     }
       * </pre>
       * 
       * @see       ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_ENR_05_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       * @reference ETSI TS 102 941, clause 6.1.3, 6.2.3.2.1
       */
      testcase TC_SECPKI_ITSS_ENR_05_BV() runs on ItsMtc system ItsPkiItssSystem {
        // Local variables
        var Oct32      v_private_key;
        var Oct32      v_public_key_x;
        var Oct32      v_public_key_y;
        var Oct32      v_public_compressed_key;
        var integer    v_compressed_mode;
        var ItsPkiItss v_itss;
        var ItsPkiHttp v_ea;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Test control
        if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT) {
          log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT required for executing the TC ***");
          setverdict(inconc);
          stop;
        }
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Test component configuration
        f_cfMtcUp01(v_itss, v_ea);

        // Start components
        v_itss.start(f_TC_SECPKI_ITSS_ENR_05_BV_itss()); // wait 15 sec before the second enrolment
        v_ea.start(f_TC_SECPKI_ITSS_ENR_05_BV_pki());
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Synchronization
        f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Cleanup
        f_cfMtcDown01(v_itss, v_ea);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      } // End of TC_SECPKI_ITSS_ENR_05_BV
      group f_TC_SECPKI_ITSS_ENR_05_BV {

        function f_TC_SECPKI_ITSS_ENR_05_BV_itss() runs on ItsPkiItss system ItsPkiItssSystem {
          // Test component configuration
          vc_hashedId8ToBeUsed := "";
          f_cfUp_itss();
          
          // Test adapter configuration
          
          // Preamble
          // Initial state: No CAM shall be emitted
          geoNetworkingPort.clear;
          tc_noac.start;
          alt {
            [] geoNetworkingPort.receive {
              log("No CA message expected");
              f_selfOrClientSyncAndVerdict(c_prDone, e_error);
            }
            [] tc_noac.timeout {
              // Trigger the first enrolment
              log("*** " & testcasename() & "_itss: INFO: No CA message received ***");
            } 
          } // End of 'alt' statement
          log("*** " & testcasename() & "_itss: INFO: Trigger 1st emrolment ***");
          f_sendUtTriggerEnrolmentRequestPrimitive();
          
          // wait a couple of seconds and run second enrolment to check re-enrolment procedure
          f_sleep(PX_RE_ENROLMENT_DELAY);
          log("*** " & testcasename() & "_itss: INFO: Trigger 2nd emrolment ***");
          f_sendUtTriggerEnrolmentRequestPrimitive();

          // wait 5 seconds after expiration of EC cert
          f_sleep(PX_CERT_EXPIRATION_DELAY + 5.0);

          f_selfOrClientSyncAndVerdict(c_prDone, e_success);

          // Test Body
          // Trigger the 3rd enrolment
          log("*** " & testcasename() & "_itss: INFO: Trigger 3rd emrolment ***");
          f_sendUtTriggerEnrolmentRequestPrimitive();

          log("*** " & testcasename() & "_itss: PASS: Re-enrolment trigger sent succesfully ***");
          f_selfOrClientSyncAndVerdict(c_tbDone, e_success);

          // Postamble
          f_cfDown_itss();
        } // End of function f_TC_SECPKI_ITSS_ENR_03_BV_itss

        function f_TC_SECPKI_ITSS_ENR_05_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
          // Local variable
          var Headers v_headers;
          var HttpMessage v_request;
          var InnerEcRequest v_inner_ec_request;
          var InnerEcResponse v_inner_ec_response;
          var HashedId8   v_ec_cert_digest;
          var EtsiTs103097Certificate v_ec_cert;
          
          // Test component configuration
          f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);

          f_init_default_headers_list(-, "inner_ec_response", v_headers);
          
          // Preamble
          if (not(f_await_ec_request_send_response(v_inner_ec_request, v_inner_ec_response, v_request,
                                                   ok,
                                                   m_certificateSubjectAttributes_id_omit(
                                                                                          -,
                                                                                          valueof(m_validityPeriod(f_getCurrentTime() / 1000, 
                                                                                          m_duration_in_seconds(float2int(PX_CERT_EXPIRATION_DELAY))))
                                                   )))) {
            log("*** " & testcasename() & ": FAIL: First InnerEcRequest failed ***");
            log("*** " & testcasename() & ":      v_request := ", v_request);
            f_selfOrClientSyncAndVerdict(c_prDone, e_error);
          }
          log(">>>>> 1st v_inner_ec_response=", v_inner_ec_response);

          v_ec_cert := v_inner_ec_response.certificate;
          v_ec_cert_digest := f_calculateDigestFromCertificate(v_ec_cert);

          if (not(ischosen(v_ec_cert.toBeSigned.validityPeriod.duration.seconds))) {
            log("*** " & testcasename() & ": INCONC: wrong EC certificate validity period error");
            f_selfOrClientSyncAndVerdict(c_prDone, e_error);
          }
          log("*** " & testcasename() & ": INFO: First InnerEcRequest processed. EC = " & oct2str(v_ec_cert_digest) & "***");
          log("*** " & testcasename() & ": INFO:                                      expires in " 
               & int2str(v_ec_cert.toBeSigned.validityPeriod.start_ + v_ec_cert.toBeSigned.validityPeriod.duration.seconds - (f_getCurrentTime()/1000))
               & " seconds ***"
          );
          
          // Wait for 2nd request with EC data
          if (not(f_await_ec_request_send_response( v_inner_ec_request, v_inner_ec_response, v_request, deniedrequest))) {
            log("*** " & testcasename() & ": FAIL: 2nd InnerEcRequest failed ***");
            log("*** " & testcasename() & ":      v_request := ", v_request);
            f_selfOrClientSyncAndVerdict(c_prDone, e_error);
          }
          log(">>>>> 2nd v_inner_ec_response=", v_inner_ec_response);

          if (not(match(v_inner_ec_request.itsId, v_ec_cert_digest))) {
            log("*** " & testcasename() & ": FAIL: ITS-S ID of 2nd request must be equal to the EC HashedId8 ***");
            log("*** " & testcasename() & ": FAIL:     ", match(v_inner_ec_request.itsId, v_ec_cert_digest));
            f_selfOrClientSyncAndVerdict(c_prDone, e_error);
          }
          f_selfOrClientSyncAndVerdict(c_prDone, e_success);

          // Test Body
          if (not(f_await_ec_request_send_response( v_inner_ec_request, v_inner_ec_response, v_request, deniedrequest))){
            log("*** " & testcasename() & ": FAIL: 3rd InnerEcRequest failed ***");
            log("*** " & testcasename() & ":      v_request := ", v_request);
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          log(">>>>> 3rd v_inner_ec_response=", v_inner_ec_response);

          if(match(v_inner_ec_request.itsId, v_ec_cert_digest)){
            if(v_ec_cert.toBeSigned.validityPeriod.start_ + v_ec_cert.toBeSigned.validityPeriod.duration.seconds < (f_getCurrentTime()/1000)){
              log("*** " & testcasename() & ": INCONC: EC certificate is not expired yet ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
            }
            log("*** " & testcasename() & ": FAIL: ITS-S ID of 3rd request must NOT be equal to the expired EC HashedId8 ***");
            log("*** " & testcasename() & ": FAIL:     ", match(v_inner_ec_request.itsId, v_ec_cert_digest));
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
          
          // Postamble
          f_cfHttpDown();
        } // End of function f_TC_SECPKI_ITSS_ENR_05_BV_pki

      } // End of group f_TC_SECPKI_ITSS_ENR_05_BV

ASN.1 Documenter's avatar
ASN.1 Documenter committed
      /**
       * @desc For each enrolment request, the ITS-S shall generate a new verification key pair 
               corresponding to an approved signature algorithm as specified in TS 103 097.
       * <pre>
       * Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT and not PICS_SECPKI_REENROLMENT
       * Expected behaviour:
       *     ensure that {
       *         when {
       *             the IUT is requested to send multiple EnrolmentRequestMessage
       *         }
       *         then {
       *             each EnrolmentRequestMessage
       *                 contains a different and unique verification key pair within the InnerECRequest
       *         }
       *     }
       * </pre>
       * 
       * @see       ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_ENR_06_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       * @reference ETSI TS 102 941, clause 6.1.3
       */
      const charstring c_nextTry := "nextTry";
      testcase TC_SECPKI_ITSS_ENR_06_BV_1() runs on ItsMtc system ItsPkiItssSystem {
        f_TC_SECPKI_ITSS_ENR_06_BV_mtc(c_stInitial);
      } // End of TC_SECPKI_ITSS_ENR_06_BV_1
      testcase TC_SECPKI_ITSS_ENR_06_BV_2() runs on ItsMtc system ItsPkiItssSystem {
        f_TC_SECPKI_ITSS_ENR_06_BV_mtc(c_stEnrolled);
      } // End of TC_SECPKI_ITSS_ENR_06_BV_2
      group f_TC_SECPKI_ITSS_ENR_06_BV_mtc {
        function f_TC_SECPKI_ITSS_ENR_06_BV_mtc(
                                                in charstring p_state
                                                ) runs on ItsMtc system ItsPkiItssSystem {
          // Local variables
          var ItsPkiItss v_itss;
          var ItsPkiHttp v_ea;
          // Test control
          if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT) {
            log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT required for executing the TC ***");
            setverdict(inconc);
            stop;
          }
          // Test component configuration
          f_cfMtcUp01(v_itss, v_ea);

          // Start components
          v_itss.start(f_TC_SECPKI_ITSS_ENR_06_BV_itss(PX_RE_ENROLMENT_COUNTER, p_state));
          v_ea.start(f_TC_SECPKI_ITSS_ENR_06_BV_pki(PX_RE_ENROLMENT_COUNTER, p_state));
          // Synchronization
          f_serverSyncClientsTimed(2, c_prDone, PX_TSYNC_TIME_LIMIT);
        
          for(var integer v_i := 0; v_i < PX_RE_ENROLMENT_COUNTER; v_i := v_i + 1){
            f_serverSyncClientsTimed(2, c_nextTry, PX_TSYNC_TIME_LIMIT);
          }
          f_serverSyncClientsTimed(2, c_tbDone, PX_TSYNC_TIME_LIMIT);
          // Cleanup
          f_serverWaitForAllClientsToStop();        
        } // End of f_TC_SECPKI_ITSS_ENR_06_BV_mtc
        function f_TC_SECPKI_ITSS_ENR_06_BV_itss(
                                                integer p_max_try,
                                                charstring p_state
                                                ) runs on ItsPkiItss system ItsPkiItssSystem {
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Local variables
          var EtsiTs103097Certificate v_certificate;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test component configuration
          vc_hashedId8ToBeUsed := ""; 
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          f_cfUp_itss();
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test adapter configuration
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Preamble
          // Initial state: No CAM shall be emitted
          geoNetworkingPort.clear;
          tc_noac.start;
          alt {
            [] geoNetworkingPort.receive {
              log("No CA message expected");
              f_selfOrClientSyncAndVerdict(c_prDone, e_error);
            }
            [] tc_noac.timeout {
              log("*** " & testcasename() & "_itss: : INFO: No CA message received ***");
ASN.1 Documenter's avatar
ASN.1 Documenter committed
              f_selfOrClientSyncAndVerdict(c_prDone, e_success);
            } 
          } // End of 'alt' statement
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test Body
          // Send first enrolment
          for(var integer v_i := 0; v_i < p_max_try; v_i := v_i + 1){
ASN.1 Documenter's avatar
ASN.1 Documenter committed
            f_sleep(PX_RE_ENROLMENT_DELAY);
            f_sendUtTriggerEnrolmentRequestPrimitive();
            f_clientSync(c_nextTry, e_success);
          }

          f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Postamble
          f_cfDown_itss();
        } // End of function f_TC_SECPKI_ITSS_ENR_06_BV_itss
        function f_TC_SECPKI_ITSS_ENR_06_BV_pki(
                                                integer p_max_try, 
                                                charstring p_state
                                                ) runs on ItsPkiHttp system ItsPkiItssSystem {
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Local variable
          var Headers v_headers;
          var ListOfPublicVerificationKey v_generated_keys;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test component configuration
          f_cfHttpUp();
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Test adapter configuration
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Preamble
          f_init_default_headers_list(-, "inner_ec_response", v_headers);
          f_selfOrClientSyncAndVerdict(c_prDone, e_success);
ASN.1 Documenter's avatar
ASN.1 Documenter committed

          // Test Body
          for (var integer v_i := 0; v_i < p_max_try; v_i := v_i + 1) {
            var HttpMessage v_request;
            var InnerEcRequest v_inner_ec_request;
            var InnerEcResponse v_inner_ec_response;
            var PublicVerificationKey v_key;
            var EnrolmentResponseCode v_response_code;

            if(p_state == c_stInitial){
              v_response_code := deniedrequest;
            } else {
              v_response_code := ok;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
            }
            
            if (not(f_await_ec_request_send_response( v_inner_ec_request, v_inner_ec_response, v_request, v_response_code))) {
              log("*** " & testcasename() & ": ERROR: EC request receiving error ***");
              setverdict(inconc);
              f_clientSync(c_nextTry, e_error);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
            }
            v_key := v_inner_ec_request.publicKeys.verificationKey;
ASN.1 Documenter's avatar
ASN.1 Documenter committed

            if (isbound(v_generated_keys) and match(v_generated_keys, superset(v_key))) {
              log("*** " & testcasename() & ": LOG: ", match(v_generated_keys, superset(v_key)), "***");
              log("*** " & testcasename() & ": FAIL: Duplication of generated public keys ***");
              setverdict(fail);
              f_clientSync(c_nextTry, e_error);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
            }
            v_generated_keys[v_i] := v_key;

            f_clientSync(c_nextTry, e_success);
          }
          log("*** " & testcasename() & ": PASS: No identical verification keys received in " & int2str(p_max_try) & " messages ***");
          f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
          // Postamble
          f_cfHttpDown();
        } // End of function f_TC_SECPKI_ITSS_ENR_06_BV_pki
      } // End of group f_TC_SECPKI_ITSS_ENR_06_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      /**
       * @desc Within the InnerECRequest, the requestedSubjectAttributes shall not contain a certIssuePermissions field.
       * <pre>
       * Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT
       * Expected behaviour:
       *     ensure that {
       *         when {
       *             the IUT is requested to send an EnrolmentRequestMessage
       *         }
       *         then {
       *             the IUT sends an EtsiTs103097Data-Encrypted
       *                 containing an encrypted EtsiTs103097Data-Signed
       *                     containing EtsiTs103097Data
       *                         containing InnerECRequestSignedForPOP
       *                             containing InnerEcRequest
       *                                 containing requestedSubjectAttributes
       *                                     not containing certIssuePermissions 
       *         }
       *     }
       * </pre>
       * 
       * @see       ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_ENR_07_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       * @reference ETSI TS 102 941, clause 6.2.3.2.1
       */
      testcase TC_SECPKI_ITSS_ENR_07_BV() runs on ItsMtc system ItsPkiItssSystem {
        // Local variables
        var Oct32      v_private_key;
        var Oct32      v_public_key_x;
        var Oct32      v_public_key_y;
        var Oct32      v_public_compressed_key;
        var integer    v_compressed_mode;
        var ItsPkiItss v_itss;
        var ItsPkiHttp v_ea;
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Test control
        if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT) {
          log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT required for executing the TC ***");
          setverdict(inconc);
          stop;
        }
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Test component configuration
        f_cfMtcUp01(v_itss, v_ea);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Start components
        v_itss.start(f_TC_SECPKI_ITSS_ENR_01_BV_itss());
        v_ea.start(f_TC_SECPKI_ITSS_ENR_07_BV_pki());
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Synchronization
        f_serverSync2ClientsAndStop({c_prDone, c_tbDone});
ASN.1 Documenter's avatar
ASN.1 Documenter committed
        // Cleanup
        f_cfMtcDown01(v_itss, v_ea);
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      } // End of TC_SECPKI_ITSS_ENR_07_BV
      group f_SECPKI_ITSS_ENR_07_BV {

        function f_TC_SECPKI_ITSS_ENR_07_BV_pki() runs on ItsPkiHttp system ItsPkiItssSystem {
          // Local variable
          var Headers v_headers;
          var HttpMessage v_request;
          
          // Test component configuration
          f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
          
          // Test adapter configuration
          
          // Preamble
          f_init_default_headers_list(-, "inner_ec_response", v_headers);
          f_selfOrClientSyncAndVerdict(c_prDone, e_success);
          
          // Test Body
          tc_ac.start;
          alt {
            [] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request)
            {
              var Ieee1609Dot2Data v_decrypted_message;
              var InnerEcRequest   v_inner_ec_request;
              var InnerEcResponse  v_inner_ec_response;
              var Ieee1609Dot2Data v_response_message;
              var EtsiTs102941Data v_pki_request;
              var Oct16 v_request_hash, v_aes_enc_key;
              var PublicVerificationKey v_canonical_key;
              tc_ac.stop;

              f_send_500_Internal_Error(v_headers); // we don't care about response

              if ((not f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data,
                                                       v_request_hash, v_aes_enc_key,
                                                       v_decrypted_message,
                                                       v_pki_request,
                                                       v_inner_ec_request))) {
                log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }

              if ((not isvalue(v_inner_ec_request))) {
                log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }

              if (ispresent(v_inner_ec_request.requestedSubjectAttributes.certIssuePermissions)) {
                log("*** " & testcasename() & ": FAIL: InnerEcRequest shall not contain certIssuePermissions attribute ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }

              // Set verdict
              log("*** " & testcasename() & ": PASS: InnerEcRequest received ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
            }
            [] tc_ac.timeout {
              log("*** " & testcasename() & ": INCONC: Expected message not received ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
            }
          } // End of 'alt' statement
          
          // Postamble
          f_cfHttpDown();
        } // End of function f_TC_SECPKI_ITSS_ENR_07_BV_pki

      } // End of group f_SECPKI_ITSS_ENR_07_BV

ASN.1 Documenter's avatar
ASN.1 Documenter committed
      /**
       * @desc In the headerInfo of the tbsData of the InnerECRequestSignedForPOP all other components 
       *       of the component tbsdata.headerInfo except generationTime and psid are not used and absent. 
       *       The psid shall be set to "secured certificate request" as assigned in ETSI TS 102 965 and 
       *       the generationTime shall be present.
       * <pre>
       * Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT
       * Expected behaviour:
       *     ensure that {
       *         when {
       *             the IUT is requested to send an EnrolmentRequestMessage
       *         }
       *         then {
       *             the IUT sends an EtsiTs103097Data-Encrypted
       *                 containing an encrypted EtsiTs103097Data-Signed
       *                     containing EtsiTs103097Data
       *                         containing InnerECRequestSignedForPOP
       *                             containing tbsData
       *                                 containing headerInfo
       *                                     containing psid
       *                                         indicating AID_CERT_REQ
       *                                     and containing generationTime
       *                                     and not containing any other component of tbsdata.headerInfo
       *         }
       *     }
       * </pre>
       * 
       * @see       ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_ENR_08_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       * @reference ETSI TS 102 941, clause 6.2.3.2.1
       */
      testcase TC_SECPKI_ITSS_ENR_08_BV_1() runs on ItsMtc system ItsPkiItssSystem {
        f_TC_SECPKI_ITSS_ENR_08_BV_mtc(c_stInitial);
      } // End of TC_SECPKI_ITSS_ENR_08_BV_1
      testcase TC_SECPKI_ITSS_ENR_08_BV_2() runs on ItsMtc system ItsPkiItssSystem {
        f_TC_SECPKI_ITSS_ENR_08_BV_mtc(c_stEnrolled);
      } // End of TC_SECPKI_ITSS_ENR_08_BV_2
      group f_SECPKI_ITSS_ENR_08_BV {
        function f_TC_SECPKI_ITSS_ENR_08_BV_mtc(in charstring p_itss_state) runs on ItsMtc system ItsPkiItssSystem {
          // Local variables
          var ItsPkiItss v_itss;
          var ItsPkiHttp v_ea;
          // Test control
          if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT) {
            log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT required for executing the TC ***");
            setverdict(inconc);
            stop;
          }
          // Test component configuration
          f_cfMtcUp01(v_itss, v_ea);
          // Start components
          if(p_itss_state == c_stEnrolled) {
            v_itss.start(f_TC_SECPKI_ITSS_ENR_01_BV_itss());
          } else {
            v_itss.start(f_TC_SECPKI_ITSS_ENR_03_BV_itss());
          }
          v_ea.start(f_TC_SECPKI_ITSS_ENR_08_BV_pki(p_itss_state));
          // Synchronization
          f_serverSync2ClientsAndStop({c_prDone, c_tbDone});

          // Cleanup
          f_cfMtcDown01(v_itss, v_ea);
        } // End of TC_SECPKI_ITSS_ENR_08_BV

        function f_TC_SECPKI_ITSS_ENR_08_BV_pki(
                                                in charstring p_itss_state
                                                ) runs on ItsPkiHttp system ItsPkiItssSystem {
          // Local variable
          var Headers v_headers;
          var HttpMessage v_request;
          
          // Test component configuration
          f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
          
          // Test adapter configuration
          
          // Preamble
          f_init_default_headers_list(-, "inner_ec_response", v_headers);

          if (p_itss_state == c_stEnrolled) {
            var InnerEcRequest v_inner_ec_request;
            var InnerEcResponse v_inner_ec_response;
            if(not f_await_ec_request_send_response( v_inner_ec_request, v_inner_ec_response, v_request)){
              log("*** " & testcasename() & ": INFO: First InnerEcRequest error ***");
              f_selfOrClientSyncAndVerdict(c_prDone, e_error);
            }
            log("*** " & testcasename() & ": INFO: First InnerEcRequest received ***");
          }
          f_selfOrClientSyncAndVerdict(c_prDone, e_success);
          
          // Test Body
          tc_ac.start;
          alt {
            [] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request) {
              var Oct16 v_request_hash;
              var Oct16 v_aes_enc_key;
              var Ieee1609Dot2Data v_decrypted_message;
              var InnerEcRequest v_inner_ec_request;
              var InnerEcResponse v_inner_ec_response;
              var Ieee1609Dot2Data v_response_message;
              var EtsiTs102941Data v_pki_request;
              tc_ac.stop;

              f_send_500_Internal_Error(v_headers); // we dont care about response

              f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data,
                                                      v_request_hash, v_aes_enc_key,
                                                      v_decrypted_message,
                                                      v_pki_request,
                                                      v_inner_ec_request);

              if (not(isvalue(v_pki_request))) {
                log("*** " & testcasename() & ": FAIL: Can't parse enrolment request ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
              if (not(ischosen(v_pki_request.content.enrolmentRequest))) {
                log("*** " & testcasename() & ": FAIL: Not an enrolment request ***");
                log("*** " & testcasename() & ":       EtsiTs102941Data.content=", v_pki_request.content);
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }

              if (not(match(v_pki_request.content.enrolmentRequest,
                            mw_etsiTs103097Data_signed(
                                                       mw_signedData(
                                                                     -,
                                                                     mw_toBeSignedData(
                                                                                       -,
                                                                                       mw_headerInfo_inner_pki_request
                  )))))) {
                log("*** " & testcasename() & ": FAIL: Wrong InnerECRequestSignedForPOP headers ***");
                log("*** " & testcasename() & ":       ", 
                      match( v_pki_request.content.enrolmentRequest, 
                             m_etsiTs103097Data_signed(mw_signedData( -,mw_toBeSignedData(-,mw_headerInfo_inner_pki_request())))));
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }

              // Set verdict
              log("*** " & testcasename() & ": PASS: EC Request received with proper InnerECRequestSignedForPOP headers ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
            }
            [] tc_ac.timeout {
              log("*** " & testcasename() & ": INCONC: Expected message not received ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
            }
          } // End of 'alt' statement
          
          // Postamble
          f_cfHttpDown();
        } // End of function f_TC_SECPKI_ITSS_ENR_08_BV_pki

      } // End of group f_SECPKI_ITSS_ENR_08
ASN.1 Documenter's avatar
ASN.1 Documenter committed
      /**
       * @desc In the headerInfo of the tbsData of the outer EtsiTs102941Data-Signed all other components 
       *       of the component tbsdata.headerInfo except generationTime and psid are not used and absent. 
       *       The psid shall be set to "secured certificate request" as assigned in ETSI TS 102 965 and 
       *       the generationTime shall be present.
       * <pre>
       * Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT
       * Expected behaviour:
       *     ensure that {
       *         when {
       *             the IUT is requested to send an EnrolmentRequestMessage
       *         }
       *         then {
       *             the IUT sends an EtsiTs103097Data-Encrypted
       *                 containing an encrypted EtsiTs103097Data-Signed
       *                     containing EtsiTs103097Data
       *                         containing InnerECRequestSignedForPOP
       *                             containing tbsData
       *                                 containing headerInfo
       *                                     containing psid
       *                                         indicating AID_CERT_REQ
       *                                     and containing generationTime
       *                                     and not containing any other component of tbsdata.headerInfo
       *         }
       *     }
       * </pre>
       * 
       * @see       ETSI TS 103 525-2 v2.0.1 SECPKI_ITSS_ENR_09_BV
ASN.1 Documenter's avatar
ASN.1 Documenter committed
       * @reference ETSI TS 102 941, clause 6.2.3.2.1
       */
      testcase TC_SECPKI_ITSS_ENR_09_BV_1() runs on ItsMtc system ItsPkiItssSystem {
        f_TC_SECPKI_ITSS_ENR_09_BV_mtc(c_stInitial);
      } // End of TC_SECPKI_ITSS_ENR_09_BV_1
      testcase TC_SECPKI_ITSS_ENR_09_BV_2() runs on ItsMtc system ItsPkiItssSystem {
        f_TC_SECPKI_ITSS_ENR_09_BV_mtc(c_stEnrolled);
      } // End of TC_SECPKI_ITSS_ENR_09_BV_2

      group f_TC_SECPKI_ITSS_ENR_09_BV {

        function f_TC_SECPKI_ITSS_ENR_09_BV_mtc(in charstring p_itss_state) runs on ItsMtc system ItsPkiItssSystem {
          // Local variables
          var ItsPkiItss v_itss;
          var ItsPkiHttp v_ea;

          // Test control
          if (not PICS_IUT_ITS_S_ROLE or not PICS_SECPKI_ENROLMENT) {
            log("*** " & testcasename() & ": PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT required for executing the TC ***");
            setverdict(inconc);
            stop;
          }

          // Test component configuration
          f_cfMtcUp01(v_itss, v_ea);

          // Start components
          if(p_itss_state == c_stEnrolled) {
            v_itss.start(f_TC_SECPKI_ITSS_ENR_03_BV_itss());
          } else {
            v_itss.start(f_TC_SECPKI_ITSS_ENR_01_BV_itss());
          }
          v_ea.start(f_TC_SECPKI_ITSS_ENR_09_BV_pki(p_itss_state));

          // Synchronization
          f_serverSync2ClientsAndStop({c_prDone, c_tbDone});

          // Cleanup
          f_cfMtcDown01(v_itss, v_ea);
        } // End of f_TC_SECPKI_ITSS_ENR_09_BV_mtc

        function f_TC_SECPKI_ITSS_ENR_09_BV_pki(
                                                in charstring p_itss_state
                                                ) runs on ItsPkiHttp system ItsPkiItssSystem {
          // Local variable
          var Headers v_headers;
          var HttpMessage v_request;
          
          // Test component configuration
          f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID);
          
          // Test adapter configuration
          
          // Preamble
          f_init_default_headers_list(-, "inner_ec_response", v_headers);