Loading ItsPki_TestCases.ttcn +189 −32 Original line number Diff line number Diff line Loading @@ -1220,13 +1220,13 @@ module ItsPki_TestCases { alt { [] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request) { var integer v_result; var HttpMessage v_response; var Oct16 v_request_hash, v_aes_enc_key; var Ieee1609Dot2Data v_decrypted_message; var EtsiTs102941Data v_etsi_ts_102941_data; var InnerEcResponse v_inner_ec_response2; var Ieee1609Dot2Data v_response_message; tc_ac.stop; f_send_500_Internal_Error(v_headers); // we don't care about response // Verify IUT response if (not(f_read_ec_request_from_iut_itss( Loading @@ -1235,11 +1235,26 @@ module ItsPki_TestCases { v_decrypted_message, v_etsi_ts_102941_data, v_inner_ec_request))) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } if (not(isvalue(v_inner_ec_request))) { // send error response to prevent enrolment repetition if( not f_http_build_error_ec_response(unknownits, v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); if( not isvalue(v_inner_ec_request) ){ log("*** " & testcasename() & ": FAIL: Can't parse enrolment request ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } Loading Loading @@ -1292,16 +1307,10 @@ module ItsPki_TestCases { * Expected behaviour: * ensure that { * when { * the IUT is requested to send an EnrollmentRequestMessage * the IUT is informed about a revocation of its EC * } * then { * the IUT sends an EtsiTs103097Data-Encrypted * containing an encrypted EtsiTs103097Data-Signed * containing EtsiTs102941Data * containing InnerECRequestSignedForPOP * containing InnerEcRequest * containing itsId * indicating the canonical identifier of the ITS-S * the IUT returns to the "initialized" state * } * } * </pre> Loading Loading @@ -1333,11 +1342,13 @@ module ItsPki_TestCases { * <pre> * Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT * Expected behaviour: * ensure that { * when { * with * the IUT being in the 'enrolled' state * and the EC of the IUT expires * ensure that * when * the IUT is requested to send an EnrollmentRequestMessage * } * then { * then * the IUT sends an EtsiTs103097Data-Encrypted * containing an encrypted EtsiTs103097Data-Signed * containing EtsiTs102941Data Loading @@ -1345,8 +1356,6 @@ module ItsPki_TestCases { * containing InnerEcRequest * containing itsId * indicating the canonical identifier of the ITS-S * } * } * </pre> * * @see ETSI TS 103 525-2 v1.2.1 SECPKI_ITSS_ENR_05_BV Loading Loading @@ -1762,17 +1771,32 @@ module ItsPki_TestCases { var PublicVerificationKey v_canonical_key; tc_ac.stop; f_send_500_Internal_Error(v_headers); // we don't care about response if ((not f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, if( not f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, v_request_hash, v_aes_enc_key, v_decrypted_message, v_pki_request, v_inner_ec_request))) { v_inner_ec_request)) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // send any response to prevent enrolment repetition // negative is simpler if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); if (not isvalue(v_inner_ec_request)) { log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); Loading Loading @@ -1907,8 +1931,6 @@ module ItsPki_TestCases { var EtsiTs102941Data v_pki_request; tc_ac.stop; f_send_500_Internal_Error(v_headers); // we dont care about response f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, v_request_hash, v_aes_enc_key, v_decrypted_message, Loading @@ -1919,7 +1941,24 @@ module ItsPki_TestCases { log("*** " & testcasename() & ": FAIL: Can't parse enrolment request ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } if (not(ischosen(v_pki_request.content.enrolmentRequest))) { // send any response to prevent enrolment repetition // negative is simpler if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); if( not ischosen(v_pki_request.content.enrolmentRequest)) { log("*** " & testcasename() & ": FAIL: Not an enrolment request ***"); log("*** " & testcasename() & ": EtsiTs102941Data.content=", v_pki_request.content); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); Loading Loading @@ -2066,17 +2105,32 @@ module ItsPki_TestCases { tc_ac.stop; f_send_500_Internal_Error(v_headers); // we don't care about response if (not(f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, v_request_hash, v_aes_enc_key, v_decrypted_message, v_pki_request, v_inner_ec_request))) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // send error response to prevent enrolment repetition if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); // check signed message structure if ( not ( match( v_decrypted_message, mw_etsiTs103097Data_signed( mw_signedData( Loading Loading @@ -2233,8 +2287,6 @@ module ItsPki_TestCases { var PublicVerificationKey v_canonical_key; tc_ac.stop; f_send_500_Internal_Error(v_headers); // we don't care about response log("*** " & testcasename() & ": PASS: EC request sent to proper EA recipient ***"); if (not(f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, Loading @@ -2242,10 +2294,27 @@ module ItsPki_TestCases { v_decrypted_message, v_pki_request, v_inner_ec_request))) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // send any response to prevent enrolment repetition // negative is just simpler if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); // Set verdict log("*** " & testcasename() & ": PASS: EC request can be decrypted ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_success); Loading Loading @@ -2314,7 +2383,7 @@ module ItsPki_TestCases { // Start components v_itss.start(f_TC_SECPKI_ITSS_ENR_01_BV_itss()); v_ea.start(f_TC_SECPKI_ITSS_ENR_01_BV_pki()); v_ea.start(f_TC_SECPKI_ITSS_ENR_11_BV_pki()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone}); Loading @@ -2323,6 +2392,93 @@ module ItsPki_TestCases { f_cfMtcDown01(v_itss, v_ea); } // End of TC_SECPKI_ITSS_ENR_11_BV group f_TC_SECPKI_ITSS_ENR_11_BV { function f_TC_SECPKI_ITSS_ENR_11_BV_pki ( ) runs on ItsPkiHttp system ItsPkiItssSystem { // Local variable var Headers v_headers; var HttpMessage v_request; // Test component configuration f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID); // Test adapter configuration // Preamble f_init_default_headers_list(-, "inner_ec_response", v_headers); f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body tc_ac.start; alt { [] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request) { var Ieee1609Dot2Data v_decrypted_message; var InnerEcRequest v_inner_ec_request; var InnerEcResponse v_inner_ec_response; var Ieee1609Dot2Data v_response_message; var EtsiTs102941Data v_pki_request; var Oct16 v_request_hash, v_aes_enc_key; var PublicVerificationKey v_canonical_key; tc_ac.stop; if (not f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, v_request_hash, v_aes_enc_key, v_decrypted_message, v_pki_request, v_inner_ec_request)) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // send any response to prevent enrolment repetition // negative is easier if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); if (not isbound(v_inner_ec_request)) { log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } if (not f_verifyEcdsa(bit2oct(encvalue(v_pki_request.content.enrolmentRequest.content.signedData.tbsData)), int2oct(0, 32), v_pki_request.content.enrolmentRequest.content.signedData.signature_, v_inner_ec_request.publicKeys.verificationKey)) { log("*** " & testcasename() & ": FAIL: EC request signature verification failed ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // Set verdict log("*** " & testcasename() & ": PASS: EC request can be decrypted ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cfHttpDown(); } // End of function f_TC_SECPKI_ITSS_ENR_11_BV_pki } // End of group g_TC_SECPKI_ITSS_ENR_11_BV /** * @desc Check that signing of Enrolment HttpRequest message is permitted by the EC certificate. * <pre> Loading @@ -2330,6 +2486,7 @@ module ItsPki_TestCases { * Expected behaviour: * ensure that { * when { * the IUT is in enrolled state * the IUT is requested to send an EnrolmentRequestMessage * } * then { Loading
ItsPki_TestCases.ttcn +189 −32 Original line number Diff line number Diff line Loading @@ -1220,13 +1220,13 @@ module ItsPki_TestCases { alt { [] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request) { var integer v_result; var HttpMessage v_response; var Oct16 v_request_hash, v_aes_enc_key; var Ieee1609Dot2Data v_decrypted_message; var EtsiTs102941Data v_etsi_ts_102941_data; var InnerEcResponse v_inner_ec_response2; var Ieee1609Dot2Data v_response_message; tc_ac.stop; f_send_500_Internal_Error(v_headers); // we don't care about response // Verify IUT response if (not(f_read_ec_request_from_iut_itss( Loading @@ -1235,11 +1235,26 @@ module ItsPki_TestCases { v_decrypted_message, v_etsi_ts_102941_data, v_inner_ec_request))) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } if (not(isvalue(v_inner_ec_request))) { // send error response to prevent enrolment repetition if( not f_http_build_error_ec_response(unknownits, v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); if( not isvalue(v_inner_ec_request) ){ log("*** " & testcasename() & ": FAIL: Can't parse enrolment request ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } Loading Loading @@ -1292,16 +1307,10 @@ module ItsPki_TestCases { * Expected behaviour: * ensure that { * when { * the IUT is requested to send an EnrollmentRequestMessage * the IUT is informed about a revocation of its EC * } * then { * the IUT sends an EtsiTs103097Data-Encrypted * containing an encrypted EtsiTs103097Data-Signed * containing EtsiTs102941Data * containing InnerECRequestSignedForPOP * containing InnerEcRequest * containing itsId * indicating the canonical identifier of the ITS-S * the IUT returns to the "initialized" state * } * } * </pre> Loading Loading @@ -1333,11 +1342,13 @@ module ItsPki_TestCases { * <pre> * Pics Selection: PICS_IUT_ITS_S_ROLE and PICS_SECPKI_ENROLMENT * Expected behaviour: * ensure that { * when { * with * the IUT being in the 'enrolled' state * and the EC of the IUT expires * ensure that * when * the IUT is requested to send an EnrollmentRequestMessage * } * then { * then * the IUT sends an EtsiTs103097Data-Encrypted * containing an encrypted EtsiTs103097Data-Signed * containing EtsiTs102941Data Loading @@ -1345,8 +1356,6 @@ module ItsPki_TestCases { * containing InnerEcRequest * containing itsId * indicating the canonical identifier of the ITS-S * } * } * </pre> * * @see ETSI TS 103 525-2 v1.2.1 SECPKI_ITSS_ENR_05_BV Loading Loading @@ -1762,17 +1771,32 @@ module ItsPki_TestCases { var PublicVerificationKey v_canonical_key; tc_ac.stop; f_send_500_Internal_Error(v_headers); // we don't care about response if ((not f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, if( not f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, v_request_hash, v_aes_enc_key, v_decrypted_message, v_pki_request, v_inner_ec_request))) { v_inner_ec_request)) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // send any response to prevent enrolment repetition // negative is simpler if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); if (not isvalue(v_inner_ec_request)) { log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); Loading Loading @@ -1907,8 +1931,6 @@ module ItsPki_TestCases { var EtsiTs102941Data v_pki_request; tc_ac.stop; f_send_500_Internal_Error(v_headers); // we dont care about response f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, v_request_hash, v_aes_enc_key, v_decrypted_message, Loading @@ -1919,7 +1941,24 @@ module ItsPki_TestCases { log("*** " & testcasename() & ": FAIL: Can't parse enrolment request ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } if (not(ischosen(v_pki_request.content.enrolmentRequest))) { // send any response to prevent enrolment repetition // negative is simpler if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); if( not ischosen(v_pki_request.content.enrolmentRequest)) { log("*** " & testcasename() & ": FAIL: Not an enrolment request ***"); log("*** " & testcasename() & ": EtsiTs102941Data.content=", v_pki_request.content); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); Loading Loading @@ -2066,17 +2105,32 @@ module ItsPki_TestCases { tc_ac.stop; f_send_500_Internal_Error(v_headers); // we don't care about response if (not(f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, v_request_hash, v_aes_enc_key, v_decrypted_message, v_pki_request, v_inner_ec_request))) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // send error response to prevent enrolment repetition if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); // check signed message structure if ( not ( match( v_decrypted_message, mw_etsiTs103097Data_signed( mw_signedData( Loading Loading @@ -2233,8 +2287,6 @@ module ItsPki_TestCases { var PublicVerificationKey v_canonical_key; tc_ac.stop; f_send_500_Internal_Error(v_headers); // we don't care about response log("*** " & testcasename() & ": PASS: EC request sent to proper EA recipient ***"); if (not(f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, Loading @@ -2242,10 +2294,27 @@ module ItsPki_TestCases { v_decrypted_message, v_pki_request, v_inner_ec_request))) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // send any response to prevent enrolment repetition // negative is just simpler if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); // Set verdict log("*** " & testcasename() & ": PASS: EC request can be decrypted ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_success); Loading Loading @@ -2314,7 +2383,7 @@ module ItsPki_TestCases { // Start components v_itss.start(f_TC_SECPKI_ITSS_ENR_01_BV_itss()); v_ea.start(f_TC_SECPKI_ITSS_ENR_01_BV_pki()); v_ea.start(f_TC_SECPKI_ITSS_ENR_11_BV_pki()); // Synchronization f_serverSync2ClientsAndStop({c_prDone, c_tbDone}); Loading @@ -2323,6 +2392,93 @@ module ItsPki_TestCases { f_cfMtcDown01(v_itss, v_ea); } // End of TC_SECPKI_ITSS_ENR_11_BV group f_TC_SECPKI_ITSS_ENR_11_BV { function f_TC_SECPKI_ITSS_ENR_11_BV_pki ( ) runs on ItsPkiHttp system ItsPkiItssSystem { // Local variable var Headers v_headers; var HttpMessage v_request; // Test component configuration f_cfHttpUp(PICS_TS_EA_CERTIFICATE_ID, PICS_TS_AA_CERTIFICATE_ID); // Test adapter configuration // Preamble f_init_default_headers_list(-, "inner_ec_response", v_headers); f_selfOrClientSyncAndVerdict(c_prDone, e_success); // Test Body tc_ac.start; alt { [] a_await_ec_http_request_from_iut(mw_http_ec_request_generic, v_request) { var Ieee1609Dot2Data v_decrypted_message; var InnerEcRequest v_inner_ec_request; var InnerEcResponse v_inner_ec_response; var Ieee1609Dot2Data v_response_message; var EtsiTs102941Data v_pki_request; var Oct16 v_request_hash, v_aes_enc_key; var PublicVerificationKey v_canonical_key; tc_ac.stop; if (not f_read_ec_request_from_iut_itss(v_request.request.body.binary_body.ieee1609dot2_data, v_request_hash, v_aes_enc_key, v_decrypted_message, v_pki_request, v_inner_ec_request)) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // send any response to prevent enrolment repetition // negative is easier if( not f_http_build_error_ec_response ( unknownits,v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_response_message) ) { f_send_500_Internal_Error(v_headers); log("*** " & testcasename() & ": FAIL: Can't build enrolment response ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } f_http_send(v_headers, m_http_response( m_http_response_ok( m_http_message_body_binary( m_binary_body_ieee1609dot2_data(v_response_message) ), v_headers))); if (not isbound(v_inner_ec_request)) { log("*** " & testcasename() & ": FAIL: Can't parse enrolment request***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } if (not f_verifyEcdsa(bit2oct(encvalue(v_pki_request.content.enrolmentRequest.content.signedData.tbsData)), int2oct(0, 32), v_pki_request.content.enrolmentRequest.content.signedData.signature_, v_inner_ec_request.publicKeys.verificationKey)) { log("*** " & testcasename() & ": FAIL: EC request signature verification failed ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_error); } // Set verdict log("*** " & testcasename() & ": PASS: EC request can be decrypted ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_success); } [] tc_ac.timeout { log("*** " & testcasename() & ": INCONC: Expected message not received ***"); f_selfOrClientSyncAndVerdict(c_tbDone, e_timeout); } } // End of 'alt' statement // Postamble f_cfHttpDown(); } // End of function f_TC_SECPKI_ITSS_ENR_11_BV_pki } // End of group g_TC_SECPKI_ITSS_ENR_11_BV /** * @desc Check that signing of Enrolment HttpRequest message is permitted by the EC certificate. * <pre> Loading @@ -2330,6 +2486,7 @@ module ItsPki_TestCases { * Expected behaviour: * ensure that { * when { * the IUT is in enrolled state * the IUT is requested to send an EnrolmentRequestMessage * } * then {
