ItsPki_TestCases.ttcn

       * </pre>
       * 
       * @see       ETSI TS 103 525-2 v1.2.2 SECPKI_AA_AUTH_RCV_06_BI
       * @reference ETSI TS 102 941, clause 6.2.3.3.1
       */
      testcase TC_SECPKI_AA_AUTH_RCV_06_BI() runs on ItsPkiHttp system ItsPkiHttpSystem {
        var Oct32 v_private_key_ec;
        var Oct32 v_public_compressed_key_ec;
        var integer v_compressed_key_mode_ec;
        var InnerEcResponse v_inner_ec_response;
        var Oct32 v_private_key_at;
        var Oct32 v_public_compressed_key_at;
        var integer p_compressed_mode_at;
        var Oct32 v_private_enc_key_at;
        var Oct32 v_public_compressed_enc_key_at;
        var integer v_compressed_enc_mode_at;
        var Oct32 v_request_hash;
        var Oct16 v_encrypted_sym_key;
        var Oct16 v_aes_sym_key;
        var HashedId8 v_aes_sym_key_hashed_id8;
        var Oct16 v_authentication_vector;
        var Oct12 v_nonce;
        var octetstring v_salt;
        var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
        var Headers v_headers;
        var HttpMessage v_request;
        var HttpMessage v_response;
        var EtsiTs102941Data v_etsi_ts_102941_data;

        var InnerEcRequest v_inner_ec_request;
        var EtsiTs103097Certificate v_ec_certificate;
        var HashedId8 v_ec_certificate_hashed_id8;

        // Test control
        if (not PICS_IUT_AA_ROLE or not PICS_PKI_AUTH_POP) {
          log("*** " & testcasename() & ": PICS_IUT_AA_ROLE and PICS_PKI_AUTH_POP required for executing the TC ***");
          setverdict(inconc);
          stop;
        }

        // Test component configuration
        f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_IUT_AA_CERTIFICATE_ID);

        // Test adapter configuration

        // Preamble
        f_generate_inner_ec_request(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_request);
        f_generate_ec_certificate_for_inner_ec_response(v_inner_ec_request, v_private_key_ec, vc_eaWholeHash, v_ec_certificate, v_ec_certificate_hashed_id8);
        log("*** " & testcasename() & ": DEBUG: v_ec_certificate= ", v_ec_certificate);
        log("*** " & testcasename() & ": DEBUG: v_private_key_ec= ", v_private_key_ec);
        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);

        // Test Body
        f_http_build_authorization_request_with_wrong_parameters(v_ec_certificate, v_private_key_ec, true, -, -, -, -, -, -, -, -, v_private_key_at, v_public_compressed_key_at, p_compressed_mode_at, v_private_enc_key_at, v_public_compressed_enc_key_at, v_compressed_enc_mode_at, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
        v_aes_sym_key_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256('80'O & v_aes_sym_key)); // Used to match the response
        f_init_default_headers_list(-, "inner_at_request", v_headers);
        f_http_send(
                    v_headers,
                    m_http_request(
                                   m_http_request_post(
                                                       PICS_HTTP_POST_URI_AT,
                                                       v_headers,
                                                       m_http_message_body_binary(
                                                                                  m_binary_body_ieee1609dot2_data(
                                                                                                                  v_ieee1609dot2_signed_and_encrypted_data
                                                                                                                  )))));
        tc_ac.start;
        alt {
          [] a_await_at_http_response_from_iut(
                                               mw_http_response(
                                                                mw_http_response_ok(
                                                                                    mw_http_message_body_binary(
                                                                                                                mw_binary_body_ieee1609dot2_data(
                                                                                                                                                 mw_authorizationResponseMessage(
                                                                                                                                                                                 mw_encryptedData(
                                                                                                                                                                                                  { *, mw_recipientInfo_pskRecipInfo(v_aes_sym_key_hashed_id8), * },
                                                                                                                                                                                                  mw_symmetricCiphertext_aes128ccm
                                                                                                                                                                                                  )))))),
                                               v_response
                                               ) {
            var integer v_result;
            var InnerAtResponse v_authorization_validation_response;

            tc_ac.stop;

            f_verify_http_at_response_from_iut_aa(v_response.response, v_private_key_at, v_aes_sym_key, v_authentication_vector, v_request_hash, v_authorization_validation_response, v_result);
            log("*** " & testcasename() & ": INFO: AuthorizationValidationResponse= ", v_authorization_validation_response, " ***");
            // Set verdict
            if (v_result == -3) {
              log("*** " & testcasename() & ": PASS: IUT has rejected the request ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
            } else {
                log("*** " & testcasename() & ": FAIL: IUT shall not process the request ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
            }
          }
          [] a_await_at_http_response_from_iut(mw_http_response(mw_http_response_ko), v_response) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not respond with HTTP error ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] a_await_atv_http_request_from_iut(
                                               mw_http_request(
                                                               mw_http_request_post(
                                                               "/Auth", //FIXME: Use another PIXIT than PICS_HTTP_POST_URI_ATV,
                                                               -,
                                                               mw_http_message_body_binary(
                                                                                           mw_binary_body_ieee1609dot2_data(
                                                                                                                            mw_authorizationRequestMessage(
                                                                                                                            mw_encryptedData(
                                                                                                                                             { *, mw_recipientInfo_certRecipInfo(mw_pKRecipientInfo(vc_eaHashedId8)), * },
                                                                                                                                             mw_symmetricCiphertext_aes128ccm
                                                                                                                                             )))))),
                                               v_request
                                               ) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not process the AtV request ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] tc_ac.timeout {
            log("*** " & testcasename() & ": FAIL: No response received from the IUT ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
          }
        } // End of 'alt' statement

        // Postamble
        f_cfHttpDown();
      } // End of testcase TC_SECPKI_AA_AUTH_RCV_06_BI

      /**
       * @desc Check that the AA rejects the AuthorizationRequest message if it unable to verify the integrity of the request using hmacKey
       * <pre>
       * Pics Selection: PICS_IUT_AA_ROLE
       * Initial conditions: 
       *     with {
       *          the EA/AA in "operational state"
       *              authorized with the certificate CERT_AA
       *                  containing encryptionKey (AA_ENC_PUB_KEY)
       *     }
       * Expected behaviour:
       *     ensure that {
       *         when {
       *            the IUT is received the EtsiTs103097Data message
       *                containing EtsiTs102941Data
       *                    containing content.authorizationRequest
       *                        containing hmacKey (HMAC)
       *                        and containing sharedAtRequest
       *                            containing keyTag (KEY_TAG)
       *                                indicating wrong value
       *         }
       *         then {
       *            the IUT does not send the AuthorizationValidationRequest message
       *            and the IUT sends to the TS the AuthorizationResponse message
       *                containing authorizationResponse
       *                    containing requestHash
       *                        indicating the leftmost 16 bits of the SHA256 value
       *                            calculated over the X_HASH_STRUCTURE
       *                and containing responseCode
       *                    indicating the value NOT EQUAL to 0
       *                and not containing certificate
       *         }
       *     }
       * </pre>
       * 
       * @see       ETSI TS 103 525-2 v1.2.2 SECPKI_AA_AUTH_RCV_07_BI
       * @reference ETSI TS 102 941, clause 6.2.3.3.1
       */
      testcase TC_SECPKI_AA_AUTH_RCV_07_BI() runs on ItsPkiHttp system ItsPkiHttpSystem {
        var Oct32 v_private_key_ec;
        var Oct32 v_public_compressed_key_ec;
        var integer v_compressed_key_mode_ec;
        var InnerEcResponse v_inner_ec_response;
        var Oct32 v_private_key_at;
        var Oct32 v_public_compressed_key_at;
        var integer p_compressed_mode_at;
        var Oct32 v_private_enc_key_at;
        var Oct32 v_public_compressed_enc_key_at;
        var integer v_compressed_enc_mode_at;
        var Oct32 v_request_hash;
        var Oct16 v_encrypted_sym_key;
        var Oct16 v_aes_sym_key;
        var HashedId8 v_aes_sym_key_hashed_id8;
        var Oct16 v_authentication_vector;
        var Oct12 v_nonce;
        var octetstring v_salt;
        var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
        var Headers v_headers;
        var HttpMessage v_request;
        var HttpMessage v_response;
        var EtsiTs102941Data v_etsi_ts_102941_data;

        var InnerEcRequest v_inner_ec_request;
        var EtsiTs103097Certificate v_ec_certificate;
        var HashedId8 v_ec_certificate_hashed_id8;

        // Test control
        if (not PICS_IUT_AA_ROLE) {
          log("*** " & testcasename() & ": PICS_IUT_AA_ROLE required for executing the TC ***");
          setverdict(inconc);
          stop;
        }

        // Test component configuration
        f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_IUT_AA_CERTIFICATE_ID);

        // Test adapter configuration

        // Preamble
        f_generate_inner_ec_request(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_request);
        f_generate_ec_certificate_for_inner_ec_response(v_inner_ec_request, v_private_key_ec, vc_eaWholeHash, v_ec_certificate, v_ec_certificate_hashed_id8);
        log("*** " & testcasename() & ": DEBUG: v_ec_certificate= ", v_ec_certificate);
        log("*** " & testcasename() & ": DEBUG: v_private_key_ec= ", v_private_key_ec);
        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);

        // Test Body
        f_http_build_authorization_request_with_wrong_parameters(v_ec_certificate, v_private_key_ec, -, true, -, -, -, -, -, -, -, v_private_key_at, v_public_compressed_key_at, p_compressed_mode_at, v_private_enc_key_at, v_public_compressed_enc_key_at, v_compressed_enc_mode_at, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
        v_aes_sym_key_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256('80'O & v_aes_sym_key)); // Used to match the response
        f_init_default_headers_list(-, "inner_at_request", v_headers);
        f_http_send(
                    v_headers,
                    m_http_request(
                                   m_http_request_post(
                                                       PICS_HTTP_POST_URI_AT,
                                                       v_headers,
                                                       m_http_message_body_binary(
                                                                                  m_binary_body_ieee1609dot2_data(
                                                                                                                  v_ieee1609dot2_signed_and_encrypted_data
                                                                                                                  )))));
        tc_ac.start;
        alt {
          [] a_await_at_http_response_from_iut(
                                               mw_http_response(
                                                                mw_http_response_ok(
                                                                                    mw_http_message_body_binary(
                                                                                                                mw_binary_body_ieee1609dot2_data(
                                                                                                                                                 mw_authorizationResponseMessage(
                                                                                                                                                                                 mw_encryptedData(
                                                                                                                                                                                                  { *, mw_recipientInfo_pskRecipInfo(v_aes_sym_key_hashed_id8), * },
                                                                                                                                                                                                  mw_symmetricCiphertext_aes128ccm
                                                                                                                                                                                                  )))))),
                                               v_response
                                               ) {
            var integer v_result;
            var InnerAtResponse v_authorization_validation_response;

            tc_ac.stop;

            f_verify_http_at_response_from_iut_aa(v_response.response, v_private_key_at, v_aes_sym_key, v_authentication_vector, v_request_hash, v_authorization_validation_response, v_result);
            log("*** " & testcasename() & ": INFO: AuthorizationValidationResponse= ", v_authorization_validation_response, " ***");
            // Set verdict
            if (v_result == -3) {
              log("*** " & testcasename() & ": PASS: IUT has rejected the request ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
            } else {
                log("*** " & testcasename() & ": FAIL: IUT shall not process the request ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
            }
          }
          [] a_await_at_http_response_from_iut(mw_http_response(mw_http_response_ko), v_response) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not respond with HTTP error ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] a_await_atv_http_request_from_iut(
                                               mw_http_request(
                                                               mw_http_request_post(
                                                               "/Auth", //FIXME: Use another PIXIT than PICS_HTTP_POST_URI_ATV,
                                                               -,
                                                               mw_http_message_body_binary(
                                                                                           mw_binary_body_ieee1609dot2_data(
                                                                                                                            mw_authorizationRequestMessage(
                                                                                                                            mw_encryptedData(
                                                                                                                                             { *, mw_recipientInfo_certRecipInfo(mw_pKRecipientInfo(vc_eaHashedId8)), * },
                                                                                                                                             mw_symmetricCiphertext_aes128ccm
                                                                                                                                             )))))),
                                               v_request
                                               ) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not process the AtV request ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] tc_ac.timeout {
            log("*** " & testcasename() & ": FAIL: No response received from the IUT ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
          }
        } // End of 'alt' statement

        // Postamble
        f_cfHttpDown();
      } // End of testcase TC_SECPKI_AA_AUTH_RCV_07_BI

      /**
       * @desc Send a correctly encoded AT request, but the ITS-Station is not enrolled at the EA
       */
      testcase TC_SECPKI_AA_AUTH_RCV_08_BI() runs on ItsPkiHttp system ItsPkiHttpSystem {
        var Oct32 v_private_key_ec;
        var Oct32 v_public_compressed_key_ec;
        var integer v_compressed_key_mode_ec;
        var InnerEcResponse v_inner_ec_response;
        var Oct32 v_private_key_at;
        var Oct32 v_public_compressed_key_at;
        var integer p_compressed_mode_at;
        var Oct32 v_private_enc_key_at;
        var Oct32 v_public_compressed_enc_key_at;
        var integer v_compressed_enc_mode_at;
        var Oct32 v_request_hash;
        var Oct16 v_encrypted_sym_key;
        var Oct16 v_aes_sym_key;
        var HashedId8 v_aes_sym_key_hashed_id8;
        var Oct16 v_authentication_vector;
        var Oct12 v_nonce;
        var octetstring v_salt;
        var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
        var Headers v_headers;
        var HttpMessage v_request;
        var HttpMessage v_response;
        var EtsiTs102941Data v_etsi_ts_102941_data;

        var InnerEcRequest v_inner_ec_request;
        var EtsiTs103097Certificate v_ec_certificate;
        var HashedId8 v_ec_certificate_hashed_id8;

        // Test control
        if (not PICS_IUT_AA_ROLE) {
          log("*** " & testcasename() & ": PICS_IUT_AA_ROLE required for executing the TC ***");
          setverdict(inconc);
          stop;
        }

        // Test component configuration
        f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_IUT_AA_CERTIFICATE_ID);

        // Test adapter configuration

        // Preamble
        f_generate_inner_ec_request_with_wrong_parameters(
                                                          { valueof(m_appPermissions(c_its_aid_SCR, { bitmapSsp := PX_INNER_EC_CERTFICATE_BITMAP_SSP_SCR })) }, 
                                                          PICS_INVALID_ITS_S_CANONICAL_ID, 
                                                          f_getCurrentTime() / 1000, 
                                                          valueof(m_duration_in_hours(PX_GENERATED_CERTIFICATE_DURATION)), 
                                                          -, 
                                                          v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_request
                                                          );
        f_generate_ec_certificate_for_inner_ec_response(v_inner_ec_request, v_private_key_ec, vc_eaWholeHash, v_ec_certificate, v_ec_certificate_hashed_id8);
        log("*** " & testcasename() & ": DEBUG: v_ec_certificate= ", v_ec_certificate);
        log("*** " & testcasename() & ": DEBUG: v_private_key_ec= ", v_private_key_ec);
        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);

        // Test Body
        f_http_build_authorization_request_with_wrong_parameters(v_ec_certificate, v_private_key_ec, -, -, true, -, -, -, -, -, -, v_private_key_at, v_public_compressed_key_at, p_compressed_mode_at, v_private_enc_key_at, v_public_compressed_enc_key_at, v_compressed_enc_mode_at, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
        v_aes_sym_key_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256('80'O & v_aes_sym_key)); // Used to match the response
        f_init_default_headers_list(-, "inner_at_request", v_headers);
        f_http_send(
                    v_headers,
                    m_http_request(
                                   m_http_request_post(
                                                       PICS_HTTP_POST_URI_AT,
                                                       v_headers,
                                                       m_http_message_body_binary(
                                                                                  m_binary_body_ieee1609dot2_data(
                                                                                                                  v_ieee1609dot2_signed_and_encrypted_data
                                                                                                                  )))));
        tc_ac.start;
        alt {
          [] a_await_at_http_response_from_iut(
                                               mw_http_response(
                                                                mw_http_response_ok(
                                                                                    mw_http_message_body_binary(
                                                                                                                mw_binary_body_ieee1609dot2_data(
                                                                                                                                                 mw_authorizationResponseMessage(
                                                                                                                                                                                 mw_encryptedData(
                                                                                                                                                                                                  { *, mw_recipientInfo_pskRecipInfo(v_aes_sym_key_hashed_id8), * },
                                                                                                                                                                                                  mw_symmetricCiphertext_aes128ccm
                                                                                                                                                                                                  )))))),
                                               v_response
                                               ) {
            var integer v_result;
            var InnerAtResponse v_authorization_validation_response;

            tc_ac.stop;

            f_verify_http_at_response_from_iut_aa(v_response.response, v_private_key_at, v_aes_sym_key, v_authentication_vector, v_request_hash, v_authorization_validation_response, v_result);
            log("*** " & testcasename() & ": INFO: AuthorizationValidationResponse= ", v_authorization_validation_response, " ***");
            // Set verdict
            if (v_result == -3) {
              log("*** " & testcasename() & ": INFO: IUT has rejected the request ***");
              if (match(v_authorization_validation_response, mw_innerAtResponse_ko(-, unknownits)) == true) {
                log("*** " & testcasename() & ": PASS: Error code is unknownits ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
              } else {
                log("*** " & testcasename() & ": FAIL: Expected error code should be unknownits ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
            } else {
              log("*** " & testcasename() & ": FAIL: IUT shall not process the request ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
            }
          }
          [] a_await_at_http_response_from_iut(mw_http_response(mw_http_response_ko), v_response) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not respond with HTTP error ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] a_await_atv_http_request_from_iut(
                                               mw_http_request(
                                                               mw_http_request_post(
                                                               "/Auth", //FIXME: Use another PIXIT than PICS_HTTP_POST_URI_ATV,
                                                               -,
                                                               mw_http_message_body_binary(
                                                                                           mw_binary_body_ieee1609dot2_data(
                                                                                                                            mw_authorizationRequestMessage(
                                                                                                                            mw_encryptedData(
                                                                                                                                             { *, mw_recipientInfo_certRecipInfo(mw_pKRecipientInfo(vc_eaHashedId8)), * },
                                                                                                                                             mw_symmetricCiphertext_aes128ccm
                                                                                                                                             )))))),
                                               v_request
                                               ) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not process the AtV request ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] tc_ac.timeout {
            log("*** " & testcasename() & ": FAIL: No response received from the IUT ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
          }
        } // End of 'alt' statement

        // Postamble
        f_cfHttpDown();
      } // End of testcase TC_SECPKI_AA_AUTH_RCV_08_BI

      /**
       * @desc Send an AT request, but the inner signer (valid EC) is not issued by the EA which is known / trusted by the AA. The AA trusts only EAs listet on the RCA-CTL.
       */
      testcase TC_SECPKI_AA_AUTH_RCV_09_BI() runs on ItsPkiHttp system ItsPkiHttpSystem {
        var Oct32 v_private_key_ec;
        var Oct32 v_public_compressed_key_ec;
        var integer v_compressed_key_mode_ec;
        var InnerEcResponse v_inner_ec_response;
        var Oct32 v_private_key_at;
        var Oct32 v_public_compressed_key_at;
        var integer p_compressed_mode_at;
        var Oct32 v_private_enc_key_at;
        var Oct32 v_public_compressed_enc_key_at;
        var integer v_compressed_enc_mode_at;
        var Oct32 v_request_hash;
        var Oct16 v_encrypted_sym_key;
        var Oct16 v_aes_sym_key;
        var HashedId8 v_aes_sym_key_hashed_id8;
        var Oct16 v_authentication_vector;
        var Oct12 v_nonce;
        var octetstring v_salt;
        var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
        var Headers v_headers;
        var HttpMessage v_request;
        var HttpMessage v_response;
        var EtsiTs102941Data v_etsi_ts_102941_data;

        var InnerEcRequest v_inner_ec_request;
        var EtsiTs103097Certificate v_ec_certificate;
        var HashedId8 v_ec_certificate_hashed_id8;

        // Test control
        if (not PICS_IUT_AA_ROLE) {
          log("*** " & testcasename() & ": PICS_IUT_AA_ROLE required for executing the TC ***");
          setverdict(inconc);
          stop;
        }

        // Test component configuration
        f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_IUT_AA_CERTIFICATE_ID);

        // Test adapter configuration

        // Preamble
        f_generate_inner_ec_request(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_request);
        f_generate_ec_certificate_for_inner_ec_response(v_inner_ec_request, v_private_key_ec, vc_eaWholeHash, v_ec_certificate, v_ec_certificate_hashed_id8);
        log("*** " & testcasename() & ": DEBUG: v_ec_certificate= ", v_ec_certificate);
        log("*** " & testcasename() & ": DEBUG: v_private_key_ec= ", v_private_key_ec);
        f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);

        // Test Body
        f_http_build_authorization_request_with_wrong_parameters(v_ec_certificate, v_private_key_ec, -, -, -, -, -, true, -, -, -, v_private_key_at, v_public_compressed_key_at, p_compressed_mode_at, v_private_enc_key_at, v_public_compressed_enc_key_at, v_compressed_enc_mode_at, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
        v_aes_sym_key_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256('80'O & v_aes_sym_key)); // Used to match the response
        f_init_default_headers_list(-, "inner_at_request", v_headers);
        f_http_send(
                    v_headers,
                    m_http_request(
                                   m_http_request_post(
                                                       PICS_HTTP_POST_URI_AT,
                                                       v_headers,
                                                       m_http_message_body_binary(
                                                                                  m_binary_body_ieee1609dot2_data(
                                                                                                                  v_ieee1609dot2_signed_and_encrypted_data
                                                                                                                  )))));
        tc_ac.start;
        alt {
          [] a_await_at_http_response_from_iut(
                                               mw_http_response(
                                                                mw_http_response_ok(
                                                                                    mw_http_message_body_binary(
                                                                                                                mw_binary_body_ieee1609dot2_data(
                                                                                                                                                 mw_authorizationResponseMessage(
                                                                                                                                                                                 mw_encryptedData(
                                                                                                                                                                                                  { *, mw_recipientInfo_pskRecipInfo(v_aes_sym_key_hashed_id8), * },
                                                                                                                                                                                                  mw_symmetricCiphertext_aes128ccm
                                                                                                                                                                                                  )))))),
                                               v_response
                                               ) {
            var integer v_result;
            var InnerAtResponse v_authorization_validation_response;

            tc_ac.stop;

            f_verify_http_at_response_from_iut_aa(v_response.response, v_private_key_at, v_aes_sym_key, v_authentication_vector, v_request_hash, v_authorization_validation_response, v_result);
            log("*** " & testcasename() & ": INFO: AuthorizationValidationResponse= ", v_authorization_validation_response, " ***");
            // Set verdict
            if (v_result == -3) {
              log("*** " & testcasename() & ": INFO: IUT has rejected the request ***");
              if (match(v_authorization_validation_response, mw_innerAtResponse_ko(-, its_aa_unknownea)) == true) {
                log("*** " & testcasename() & ": PASS: Error code is its_aa_unknownea ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
              } else {
                log("*** " & testcasename() & ": FAIL: Expected error code should be its_aa_unknownea ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
            } else {
              log("*** " & testcasename() & ": FAIL: IUT shall not process the request ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
            }
          }
          [] a_await_at_http_response_from_iut(mw_http_response(mw_http_response_ko), v_response) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not respond with HTTP error ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] a_await_atv_http_request_from_iut(
                                               mw_http_request(
                                                               mw_http_request_post(
                                                               "/Auth", //FIXME: Use another PIXIT than PICS_HTTP_POST_URI_ATV,
                                                               -,
                                                               mw_http_message_body_binary(
                                                                                           mw_binary_body_ieee1609dot2_data(
                                                                                                                            mw_authorizationRequestMessage(
                                                                                                                            mw_encryptedData(
                                                                                                                                             { *, mw_recipientInfo_certRecipInfo(mw_pKRecipientInfo(vc_eaHashedId8)), * },
                                                                                                                                             mw_symmetricCiphertext_aes128ccm
                                                                                                                                             )))))),
                                               v_request
                                               ) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not process the AtV request ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] tc_ac.timeout {
            log("*** " & testcasename() & ": FAIL: No response received from the IUT ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
          }
        } // End of 'alt' statement

        // Postamble
        f_cfHttpDown();
      } // End of testcase TC_SECPKI_AA_AUTH_RCV_09_BI

      /**
       * @desc Send an AT request, but the generation time of the CSR is in the past.
       */
      testcase TC_SECPKI_AA_AUTH_RCV_10_BI() runs on ItsPkiHttp system ItsPkiHttpSystem {
        var Oct32 v_private_key_ec;
        var Oct32 v_public_compressed_key_ec;
        var integer v_compressed_key_mode_ec;
        var InnerEcResponse v_inner_ec_response;
        var Oct32 v_private_key_at;
        var Oct32 v_public_compressed_key_at;
        var integer p_compressed_mode_at;
        var Oct32 v_private_enc_key_at;
        var Oct32 v_public_compressed_enc_key_at;
        var integer v_compressed_enc_mode_at;
        var Oct32 v_request_hash;
        var Oct16 v_encrypted_sym_key;
        var Oct16 v_aes_sym_key;
        var HashedId8 v_aes_sym_key_hashed_id8;
        var Oct16 v_authentication_vector;
        var Oct12 v_nonce;
        var octetstring v_salt;
        var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
        var Headers v_headers;
        var HttpMessage v_response;
        var EtsiTs102941Data v_etsi_ts_102941_data;

        var InnerEcRequest v_inner_ec_request;
        var EtsiTs103097Certificate v_ec_certificate;
        var HashedId8 v_ec_certificate_hashed_id8;

        // Test control
        if (not PICS_IUT_AA_ROLE) {
          log("*** " & testcasename() & ": PICS_IUT_AA_ROLE required for executing the TC ***");
          setverdict(inconc);
          stop;
        }

        // Test component configuration
        f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_IUT_AA_CERTIFICATE_ID);

        // Test adapter configuration

        // Preamble
        if (PICS_SIMULATE_EA_ENTITY) {
          f_generate_inner_ec_request(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_request);
          f_generate_ec_certificate_for_inner_ec_response(v_inner_ec_request, v_private_key_ec, vc_eaWholeHash, v_ec_certificate, v_ec_certificate_hashed_id8);
          log("*** " & testcasename() & ": DEBUG: v_ec_certificate= ", v_ec_certificate);
          f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
        } else {
          if (f_await_http_inner_ec_request_response(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_response) == false) {
            log("*** " & testcasename() & ": INCONC: Enrolment failed ***");
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
          } else {
            log("*** " & testcasename() & ": INFO: Enrolment succeed ***");
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
          }
          v_ec_certificate := v_inner_ec_response.certificate;
          log("*** " & testcasename() & ": DEBUG: v_inner_ec_response= ", v_inner_ec_response);
          log("*** " & testcasename() & ": DEBUG: v_private_key_ec= ", v_private_key_ec);
        }

        // Test Body
        f_http_build_authorization_request_with_wrong_parameters(v_inner_ec_response.certificate, v_private_key_ec, -, -, -, -, -, -, -, -, f_getCurrentTime() / 2, v_private_key_at, v_public_compressed_key_at, p_compressed_mode_at, v_private_enc_key_at, v_public_compressed_enc_key_at, v_compressed_enc_mode_at, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
        v_aes_sym_key_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256('80'O & v_aes_sym_key)); // Used to match the response
        f_init_default_headers_list(-, "inner_at_request", v_headers);
        f_http_send(
                    v_headers,
                    m_http_request(
                                   m_http_request_post(
                                                       PICS_HTTP_POST_URI_AT,
                                                       v_headers,
                                                       m_http_message_body_binary(
                                                                                  m_binary_body_ieee1609dot2_data(
                                                                                                                  v_ieee1609dot2_signed_and_encrypted_data
                                                                                                                  )))));
        tc_ac.start;
        alt {
          [] a_await_at_http_response_from_iut(
                                               mw_http_response(
                                                                mw_http_response_ok(
                                                                                    mw_http_message_body_binary(
                                                                                                                mw_binary_body_ieee1609dot2_data(
                                                                                                                                                 mw_authorizationResponseMessage(
                                                                                                                                                                                 mw_encryptedData(
                                                                                                                                                                                                  { *, mw_recipientInfo_pskRecipInfo(v_aes_sym_key_hashed_id8), * },
                                                                                                                                                                                                  mw_symmetricCiphertext_aes128ccm
                                                                                                                                                                                                  )))))),
                                               v_response
                                               ) {
            var integer v_result;
            var InnerAtResponse v_authorization_validation_response;

            tc_ac.stop;

            f_verify_http_at_response_from_iut_aa(v_response.response, v_private_key_at, v_aes_sym_key, v_authentication_vector, v_request_hash, v_authorization_validation_response, v_result);
            log("*** " & testcasename() & ": INFO: AuthorizationValidationResponse= ", v_authorization_validation_response, " ***");
            // Set verdict
            if (v_result == -3) {
              log("*** " & testcasename() & ": INFO: IUT has rejected the request ***");
              if (match(v_authorization_validation_response, mw_innerAtResponse_ko(-, its_aa_outofsyncrequest)) == true) {
                log("*** " & testcasename() & ": PASS: Error code is its_aa_unknownea ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
              } else {
                log("*** " & testcasename() & ": FAIL: Expected error code should be its_aa_outofsyncrequest ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
            } else {
              log("*** " & testcasename() & ": FAIL: IUT shall not process the request ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
            }
          }
          [] a_await_at_http_response_from_iut(mw_http_response(mw_http_response_ko), v_response) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not respond with HTTP error ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] tc_ac.timeout {
            log("*** " & testcasename() & ": FAIL: No response received from the IUT ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
          }
        } // End of 'alt' statement

        // Postamble
        f_cfHttpDown();
      } // End of testcase TC_SECPKI_AA_AUTH_RCV_10_BI

      /**
       * @desc Send an AT request, but the generation time of the CSR is in the future.
       */
      testcase TC_SECPKI_AA_AUTH_RCV_11_BI() runs on ItsPkiHttp system ItsPkiHttpSystem {
        var Oct32 v_private_key_ec;
        var Oct32 v_public_compressed_key_ec;
        var integer v_compressed_key_mode_ec;
        var InnerEcResponse v_inner_ec_response;
        var Oct32 v_private_key_at;
        var Oct32 v_public_compressed_key_at;
        var integer p_compressed_mode_at;
        var Oct32 v_private_enc_key_at;
        var Oct32 v_public_compressed_enc_key_at;
        var integer v_compressed_enc_mode_at;
        var Oct32 v_request_hash;
        var Oct16 v_encrypted_sym_key;
        var Oct16 v_aes_sym_key;
        var HashedId8 v_aes_sym_key_hashed_id8;
        var Oct16 v_authentication_vector;
        var Oct12 v_nonce;
        var octetstring v_salt;
        var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
        var Headers v_headers;
        var HttpMessage v_response;
        var EtsiTs102941Data v_etsi_ts_102941_data;

        var InnerEcRequest v_inner_ec_request;
        var EtsiTs103097Certificate v_ec_certificate;
        var HashedId8 v_ec_certificate_hashed_id8;

        // Test control
        if (not PICS_IUT_AA_ROLE) {
          log("*** " & testcasename() & ": PICS_IUT_AA_ROLE required for executing the TC ***");
          setverdict(inconc);
          stop;
        }

        // Test component configuration
        f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_IUT_AA_CERTIFICATE_ID);

        // Test adapter configuration

        // Preamble
        if (PICS_SIMULATE_EA_ENTITY) {
          f_generate_inner_ec_request(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_request);
          f_generate_ec_certificate_for_inner_ec_response(v_inner_ec_request, v_private_key_ec, vc_eaWholeHash, v_ec_certificate, v_ec_certificate_hashed_id8);
          log("*** " & testcasename() & ": DEBUG: v_ec_certificate= ", v_ec_certificate);
          f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
        } else {
          if (f_await_http_inner_ec_request_response(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_response) == false) {
            log("*** " & testcasename() & ": INCONC: Enrolment failed ***");
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
          } else {
            log("*** " & testcasename() & ": INFO: Enrolment succeed ***");
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
          }
          v_ec_certificate := v_inner_ec_response.certificate;
          log("*** " & testcasename() & ": DEBUG: v_inner_ec_response= ", v_inner_ec_response);
          log("*** " & testcasename() & ": DEBUG: v_private_key_ec= ", v_private_key_ec);
        }

        // Test Body
        f_http_build_authorization_request_with_wrong_parameters(v_inner_ec_response.certificate, v_private_key_ec, -, -, -, -, -, -, -, -, f_getCurrentTime() * 2, v_private_key_at, v_public_compressed_key_at, p_compressed_mode_at, v_private_enc_key_at, v_public_compressed_enc_key_at, v_compressed_enc_mode_at, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
        v_aes_sym_key_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256('80'O & v_aes_sym_key)); // Used to match the response
        f_init_default_headers_list(-, "inner_at_request", v_headers);
        f_http_send(
                    v_headers,
                    m_http_request(
                                   m_http_request_post(
                                                       PICS_HTTP_POST_URI_AT,
                                                       v_headers,
                                                       m_http_message_body_binary(
                                                                                  m_binary_body_ieee1609dot2_data(
                                                                                                                  v_ieee1609dot2_signed_and_encrypted_data
                                                                                                                  )))));
        tc_ac.start;
        alt {
          [] a_await_at_http_response_from_iut(
                                               mw_http_response(
                                                                mw_http_response_ok(
                                                                                    mw_http_message_body_binary(
                                                                                                                mw_binary_body_ieee1609dot2_data(
                                                                                                                                                 mw_authorizationResponseMessage(
                                                                                                                                                                                 mw_encryptedData(
                                                                                                                                                                                                  { *, mw_recipientInfo_pskRecipInfo(v_aes_sym_key_hashed_id8), * },
                                                                                                                                                                                                  mw_symmetricCiphertext_aes128ccm
                                                                                                                                                                                                  )))))),
                                               v_response
                                               ) {
            var integer v_result;
            var InnerAtResponse v_authorization_validation_response;

            tc_ac.stop;

            f_verify_http_at_response_from_iut_aa(v_response.response, v_private_key_at, v_aes_sym_key, v_authentication_vector, v_request_hash, v_authorization_validation_response, v_result);
            log("*** " & testcasename() & ": INFO: AuthorizationValidationResponse= ", v_authorization_validation_response, " ***");
            // Set verdict
            if (v_result == -3) {
              log("*** " & testcasename() & ": INFO: IUT has rejected the request ***");
              if (match(v_authorization_validation_response, mw_innerAtResponse_ko(-, its_aa_outofsyncrequest)) == true) {
                log("*** " & testcasename() & ": PASS: Error code is its_aa_unknownea ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
              } else {
                log("*** " & testcasename() & ": FAIL: Expected error code should be its_aa_outofsyncrequest ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
            } else {
              log("*** " & testcasename() & ": FAIL: IUT shall not process the request ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
            }
          }
          [] a_await_at_http_response_from_iut(mw_http_response(mw_http_response_ko), v_response) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not respond with HTTP error ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] tc_ac.timeout {
            log("*** " & testcasename() & ": FAIL: No response received from the IUT ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
          }
        } // End of 'alt' statement

        // Postamble
        f_cfHttpDown();
      } // End of testcase TC_SECPKI_AA_AUTH_RCV_11_BI

      /**
       * @desc Send an AT request, but the expiry date of the CSR is before the start date of the EC.
       */
      testcase TC_SECPKI_AA_AUTH_RCV_12_BI() runs on ItsPkiHttp system ItsPkiHttpSystem {
        var Oct32 v_private_key_ec;
        var Oct32 v_public_compressed_key_ec;
        var integer v_compressed_key_mode_ec;
        var InnerEcResponse v_inner_ec_response;
        var Oct32 v_private_key_at;
        var Oct32 v_public_compressed_key_at;
        var integer p_compressed_mode_at;
        var Oct32 v_private_enc_key_at;
        var Oct32 v_public_compressed_enc_key_at;
        var integer v_compressed_enc_mode_at;
        var Oct32 v_request_hash;
        var Oct16 v_encrypted_sym_key;
        var Oct16 v_aes_sym_key;
        var HashedId8 v_aes_sym_key_hashed_id8;
        var Oct16 v_authentication_vector;
        var Oct12 v_nonce;
        var octetstring v_salt;
        var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
        var Headers v_headers;
        var HttpMessage v_response;
        var EtsiTs102941Data v_etsi_ts_102941_data;

        var InnerEcRequest v_inner_ec_request;
        var EtsiTs103097Certificate v_ec_certificate;
        var HashedId8 v_ec_certificate_hashed_id8;

        // Test control
        if (not PICS_IUT_AA_ROLE) {
          log("*** " & testcasename() & ": PICS_IUT_AA_ROLE required for executing the TC ***");
          setverdict(inconc);
          stop;
        }

        // Test component configuration
        f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_IUT_AA_CERTIFICATE_ID);

        // Test adapter configuration

        // Preamble
        if (PICS_SIMULATE_EA_ENTITY) {
          f_generate_inner_ec_request(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_request);
          f_generate_ec_certificate_for_inner_ec_response(v_inner_ec_request, v_private_key_ec, vc_eaWholeHash, v_ec_certificate, v_ec_certificate_hashed_id8);
          log("*** " & testcasename() & ": DEBUG: v_ec_certificate= ", v_ec_certificate);
          f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
        } else {
          if (f_await_http_inner_ec_request_response(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_response) == false) {
            log("*** " & testcasename() & ": INCONC: Enrolment failed ***");
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout);
          } else {
            log("*** " & testcasename() & ": INFO: Enrolment succeed ***");
            f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
          }
          v_ec_certificate := v_inner_ec_response.certificate;
          log("*** " & testcasename() & ": DEBUG: v_inner_ec_response= ", v_inner_ec_response);
          log("*** " & testcasename() & ": DEBUG: v_private_key_ec= ", v_private_key_ec);
        }

        // Test Body
        f_http_build_authorization_request_with_wrong_parameters(v_inner_ec_response.certificate, v_private_key_ec, -, -, -, -, -, -, vc_eaCertificate.toBeSigned.validityPeriod.start_ / 2, m_duration_in_hours(PX_GENERATED_CERTIFICATE_DURATION), -, v_private_key_at, v_public_compressed_key_at, p_compressed_mode_at, v_private_enc_key_at, v_public_compressed_enc_key_at, v_compressed_enc_mode_at, v_aes_sym_key, v_encrypted_sym_key, v_authentication_vector, v_nonce, v_salt, v_ieee1609dot2_signed_and_encrypted_data, v_request_hash);
        v_aes_sym_key_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256('80'O & v_aes_sym_key)); // Used to match the response
        f_init_default_headers_list(-, "inner_at_request", v_headers);
        f_http_send(
                    v_headers,
                    m_http_request(
                                   m_http_request_post(
                                                       PICS_HTTP_POST_URI_AT,
                                                       v_headers,
                                                       m_http_message_body_binary(
                                                                                  m_binary_body_ieee1609dot2_data(
                                                                                                                  v_ieee1609dot2_signed_and_encrypted_data
                                                                                                                  )))));
        tc_ac.start;
        alt {
          [] a_await_at_http_response_from_iut(
                                               mw_http_response(
                                                                mw_http_response_ok(
                                                                                    mw_http_message_body_binary(
                                                                                                                mw_binary_body_ieee1609dot2_data(
                                                                                                                                                 mw_authorizationResponseMessage(
                                                                                                                                                                                 mw_encryptedData(
                                                                                                                                                                                                  { *, mw_recipientInfo_pskRecipInfo(v_aes_sym_key_hashed_id8), * },
                                                                                                                                                                                                  mw_symmetricCiphertext_aes128ccm
                                                                                                                                                                                                  )))))),
                                               v_response
                                               ) {
            var integer v_result;
            var InnerAtResponse v_authorization_validation_response;

            tc_ac.stop;

            f_verify_http_at_response_from_iut_aa(v_response.response, v_private_key_at, v_aes_sym_key, v_authentication_vector, v_request_hash, v_authorization_validation_response, v_result);
            log("*** " & testcasename() & ": INFO: AuthorizationValidationResponse= ", v_authorization_validation_response, " ***");
            // Set verdict
            if (v_result == -3) {
              log("*** " & testcasename() & ": INFO: IUT has rejected the request ***");
              if (match(v_authorization_validation_response, mw_innerAtResponse_ko(-, deniedpermissions)) == true) {
                log("*** " & testcasename() & ": PASS: Error code is its_aa_unknownea ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
              } else {
                log("*** " & testcasename() & ": FAIL: Expected error code should be its_aa_outofsyncrequest ***");
                f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
              }
            } else {
              log("*** " & testcasename() & ": FAIL: IUT shall not process the request ***");
              f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
            }
          }
          [] a_await_at_http_response_from_iut(mw_http_response(mw_http_response_ko), v_response) {
            tc_ac.stop;

            log("*** " & testcasename() & ": FAIL: IUT shall not respond with HTTP error ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
          }
          [] tc_ac.timeout {
            log("*** " & testcasename() & ": FAIL: No response received from the IUT ***");
            f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout);
          }
        } // End of 'alt' statement

        // Postamble
        f_cfHttpDown();
      } // End of testcase TC_SECPKI_AA_AUTH_RCV_12_BI

      /**
       * @desc Send an AT request, but the start date of the CSR is before the start date of the EC.
       */
      testcase TC_SECPKI_AA_AUTH_RCV_13_BI() runs on ItsPkiHttp system ItsPkiHttpSystem {
        var Oct32 v_private_key_ec;
        var Oct32 v_public_compressed_key_ec;
        var integer v_compressed_key_mode_ec;
        var InnerEcResponse v_inner_ec_response;
        var Oct32 v_private_key_at;
        var Oct32 v_public_compressed_key_at;
        var integer p_compressed_mode_at;
        var Oct32 v_private_enc_key_at;
        var Oct32 v_public_compressed_enc_key_at;
        var integer v_compressed_enc_mode_at;
        var Oct32 v_request_hash;
        var Oct16 v_encrypted_sym_key;
        var Oct16 v_aes_sym_key;
        var HashedId8 v_aes_sym_key_hashed_id8;
        var Oct16 v_authentication_vector;
        var Oct12 v_nonce;
        var octetstring v_salt;
        var Ieee1609Dot2Data v_ieee1609dot2_signed_and_encrypted_data;
        var Headers v_headers;
        var HttpMessage v_response;
        var EtsiTs102941Data v_etsi_ts_102941_data;

        var InnerEcRequest v_inner_ec_request;
        var EtsiTs103097Certificate v_ec_certificate;
        var HashedId8 v_ec_certificate_hashed_id8;

        // Test control
        if (not PICS_IUT_AA_ROLE) {
          log("*** " & testcasename() & ": PICS_IUT_AA_ROLE required for executing the TC ***");
          setverdict(inconc);
          stop;
        }

        // Test component configuration
        f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_IUT_AA_CERTIFICATE_ID);

        // Test adapter configuration

        // Preamble
        if (PICS_SIMULATE_EA_ENTITY) {
          f_generate_inner_ec_request(v_private_key_ec, v_public_compressed_key_ec, v_compressed_key_mode_ec, v_inner_ec_request);
          f_generate_ec_certificate_for_inner_ec_response(v_inner_ec_request, v_private_key_ec, vc_eaWholeHash, v_ec_certificate, v_ec_certificate_hashed_id8);
          log("*** " & testcasename() & ": DEBUG: v_ec_certificate= ", v_ec_certificate);