diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000000000000000000000000000000000000..1fb51d2d5f2f4fcdf8fc999b2217158b9c0f930e --- /dev/null +++ b/.gitmodules @@ -0,0 +1,4 @@ +[submodule "lib/asn1"] + path = lib/asn1 + url = https://forge.etsi.org/rep/ITS/asn1/sec_ts103097.git + branch = testing diff --git a/ItsSecurity_Functions.ttcn b/ItsSecurity_Functions.ttcn new file mode 100644 index 0000000000000000000000000000000000000000..b560785c956efa6f99e4f4edba68e608b4e7d6f0 --- /dev/null +++ b/ItsSecurity_Functions.ttcn @@ -0,0 +1,886 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF525 + * @version $Url$ + * $Id$ + * @desc Module containing functions for the secured GN ATS + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module ItsSecurity_Functions { + + // LibCommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_Time all; + + // LibIts + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + import from ITS_Container language "ASN.1:1997" all; + import from DENM_PDU_Descriptions language "ASN.1:1997" all; + + // LibItsCommon + import from LibItsCommon_TestSystem all; + import from LibItsCommon_Functions all; + import from LibItsCommon_ASN1_NamedNumbers all; + + // LibItsDenm + import from LibItsDenm_Templates all; + import from LibItsDenm_Functions all; + import from LibItsDenm_TestSystem all; + + // LibItsCam + import from LibItsCam_Templates all; + import from LibItsCam_Functions all; + import from LibItsCam_TestSystem all; + + // LibItsBtp + import from LibItsBtp_Templates all; + + // LibItsGeoNetworking + import from LibItsGeoNetworking_TestSystem all; + import from LibItsGeoNetworking_Functions all; + import from LibItsGeoNetworking_Templates all; + import from LibItsGeoNetworking_TypesAndValues all; + import from LibItsGeoNetworking_Pixits all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + import from LibItsSecurity_Templates all; + import from LibItsSecurity_Functions all; + + + group secCam { + + /** + * @desc Prepare a secured CAM + * @param p_configId The configuration identifier to be used + * @param p_headerFields HeaderInfo to be inserted in the message + * @param p_signerIdentifier Add digest or AT certificate or certificate chain + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields + * @return Secured GeoNetworking packet containing a CAM + */ + function f_prepareSecuredCam( + in charstring p_configId, + in HeaderInfo p_headerInfo, + in SignerIdentifier p_signerIdentifier, + in template (value) StationID p_station_id := f_getTsStationId() + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GnNonSecuredPacket v_gnNonSecuredPacket; + var octetstring v_gnPayload; + var EtsiTs103097Data v_securedMessage; + +// log(">>> f_prepareSecuredCam"); + + // Build signed Ieee1609Dot2Data + v_gnNonSecuredPacket := valueof(m_geoNwShbPacket( + f_getPosition(c_compNodeC) + )); + + // Encode CAM payload + v_gnPayload := valueof( + bit2oct( + encvalue( + m_camReq( + m_camMsg_vehicle_HF_BV( + valueof(p_station_id), + f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime + LibItsCam_Templates.m_tsPosition + ))))); + + // Add BTP/CAM payload + if (PX_GN_UPPER_LAYER == e_btpA) { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpA( + v_gnPayload)))); + } else { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpB( + v_gnPayload)))); + } + + // Encode it +// log("f_prepareSecuredCam: v_gnNonSecuredPacket= ", v_gnNonSecuredPacket); + v_gnPayload := bit2oct( + encvalue( + v_gnNonSecuredPacket + ) + ); +// log("f_prepareSecuredCam: v_gnPayload= ", v_gnPayload); + f_buildGnSecuredCam( + v_securedMessage, + valueof(m_toBeSignedData( + m_signedDataPayload( + m_etsiTs103097Data_unsecured( + v_gnPayload + )), + p_headerInfo + )), + p_signerIdentifier, + p_configId + ); + + // Return secured Gn packet + return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + } // End of function f_prepareSecuredCam + + /** + * @desc Prepare a secured CAM including wrong elements of protocols. It is used for BO test cases + * @param p_configId The configuration identifier to be used + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields + * @param p_alterATCertificateSignature Set to true to alter the AT certificate signature + * @param p_alterAACertificateSignature Set to true to alter the AA certificate signature + * @return Secured GeoNetworking packet containing a CAM + */ + function f_prepareSecuredCam_Bo( + in charstring p_configId, + in HeaderInfo p_headerInfo, + in SignerIdentifier p_signerIdentifier, + in template (value) StationID p_station_id := f_getTsStationId(), + in UInt8 p_protocolVersion := c_protocol_version, + in boolean p_alter_psid := false, + in boolean p_add_generation_location := false, + in boolean p_add_expiry_time := false, + in boolean p_add_p2pcd_learning_request := false, + in boolean p_add_missing_crl_identifier := false, + in boolean p_add_encryption_key := false, + in boolean p_alter_signature_algorithm := false, + in boolean p_alter_signer_identifier := false, + in boolean p_alter_signature := false + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GnNonSecuredPacket v_gnNonSecuredPacket; + var octetstring v_gnPayload; + var Ieee1609Dot2Data v_securedMessage; + + // Build signed Ieee1609Dot2Data + v_gnNonSecuredPacket := valueof(m_geoNwShbPacket( + f_getPosition(c_compNodeC) + )); + + // Add CAM payload + v_gnPayload := valueof( + valueof( + bit2oct( + encvalue( + m_camReq( + m_camMsg_vehicle_HF_BV( + f_getTsStationId(), + f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime + LibItsCam_Templates.m_tsPosition + )))))); + + // Add BTP/CAM payload + if (PX_GN_UPPER_LAYER == e_btpA) { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpA( + v_gnPayload)))); + } else { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpB( + v_gnPayload)))); + } + + // Encode it + v_gnPayload := bit2oct( + encvalue( + v_gnNonSecuredPacket + ) + ); + + f_buildGnSecuredCam_Bo( + v_securedMessage, + valueof(m_toBeSignedData( + m_signedDataPayload( + m_etsiTs103097Data_unsecured( + v_gnPayload + )), + p_headerInfo + )), + p_signerIdentifier, + p_configId, + p_protocolVersion, + p_alter_psid, + p_add_generation_location, + p_add_expiry_time, + p_add_p2pcd_learning_request, + p_add_missing_crl_identifier, + p_add_encryption_key, + p_alter_signature_algorithm, + p_alter_signer_identifier, + p_alter_signature + ); + + // Return secured Gn packet +// log("f_prepareSecuredCam_Bo: ", m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + } // End of function f_prepareSecuredCam_Bo + + /** + * @desc Sends a secured CAM + * @param p_configId The configuration identifier to be used + * @param p_headerFields Additional HeaderInfo + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @return GeoNetworking payload + */ + function f_sendSecuredCam( + in charstring p_configId, + in HeaderInfo p_headerInfo, + in SignerIdentifier p_issuerIdentifier, + in template (value) StationID p_station_id := f_getTsStationId() + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + + // Local variables + var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam(p_configId, p_headerInfo, p_issuerIdentifier, p_station_id); + log("f_sendSecuredCam: v_securedGnPdu= ", v_securedGnPdu); + + f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); + + return v_securedGnPdu; + + } // End of function f_sendSecuredCam + + /** + * @desc Sends a secured CAM including wrong elements of protocols. It is used for BO test cases + * @param p_configId The configuration identifier to be used + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is requested to send a Ieee1609Dot2Data + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing protocol_version + * indicating value '3' + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_SND_MSG_01_BV + * @reference ETSI TS 103 097 [1] Clause 5.1 + * @reference IEEE1609.2[2] Clause 6.3.2 + */ + testcase TC_SEC_ITSS_SND_MSG_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Security protocol version set to 3 ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_MSG_01_BV + + /** + * @desc Sending behaviour test cases for CAM profile. + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.4 CAM profile + */ + group camProfile { + + /** + * @desc Check that IUT sends the secured CAM using SignedData container. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing content + * containing signedData + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_01_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The CA message is secured"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_01_BV + + /** + * @desc Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing tbsData + * containing headerInfo + * containing psid + * indicating 'AID_CAM' + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_02_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_02_BV + + /** + * @desc Check that IUT sends the secured CAM with the HeaderInfo containing generationTime + * and doesn't containing expiryTime, generationLocation, encryptionKey, p2pcdLearningRequest, missingCrlIdentifier. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing tbsData + * containing headerInfo + * containing generationTime + * and not containing expiryTime + * and not containing generationLocation, + * and not containing encryptionKey + * and not containing p2pcdLearningRequest + * and not containing missingCrlIdentifier + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_03_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_03_BV + + /** + * @desc Check that IUT sends the secured CAM containing signer containing either certificate or digest; + * Check that signing certificate has permissions to sign CAM messages. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing signer + * containing digest + * or containing certificate + * containing id + * indicating 'none' + * and containing toBeSigned + * containing appPermissions + * containing the item of type PsidSsp + * containing psid + * indicating AID_CAM + * and not containing certIssuePermissions + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_04_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + * @reference IEEE 1609.2 [2] Clause 6.3.4 + */ + testcase TC_SEC_ITSS_SND_CAM_04_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing digest"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( // or containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_CAM), * } + ) + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing certificate"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_04_BV + + /** + * @desc Check that IUT calculate the digest of certificate using proper hash algorithm; + * Check that IUT canonicalize certificates before hash calculation. + *
+ * Pics Selection: PICS_GN_SECURITY and ((PICS_SEC_SHA256 and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)) or (PICS_SEC_SHA384 and PICS_SEC_BRAINPOOL_P384R1)) + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (X_CERTIFICATE) + * and the IUT is configured to send more than one CAM per second + * and the IUT having sent a secured CAM + * containing signer + * containing certificate + * indicating X_CERTIFICATE + * containing verifyKeyIndicator + * containing verificationKey + * containing X_KEY + * } + * ensure that { + * when { + * the IUT is requested to send a subsequent secured CAM + * containing signer + * containing digest + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing signer + * containing digest + * indicating last 8 bytes of the Hash value calculated using X_HASH algorithm + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_05_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + * @reference IEEE 1609.2 [2] Clause 6.3.4 + */ + testcase TC_SEC_ITSS_SND_CAM_05_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_certificate; + var HashedId8 v_certificate_digest; + var ItsCam v_component; + + // Test control + if (not(PICS_GN_SECURITY and ((PICS_SEC_SHA256 and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)) or (PICS_SEC_SHA384 and PICS_SEC_BRAINPOOL_P384R1)))) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and ((PICS_SEC_SHA256 and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)) or (PICS_SEC_SHA384 and PICS_SEC_BRAINPOOL_P384R1))' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_N; // ecdsaNistP256 SHA-256 (uncompressed) + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B_N; // ecdsaBrainpoolP256r1 (uncompressed) + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3_N; // ecdsaBrainpoolP384r1 (uncompressed) + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(vc_hashedId8ToBeUsed, v_certificate); + f_getCertificateDigest(vc_hashedId8ToBeUsed, v_certificate_digest); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [PICS_SEC_SHA256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + sha256, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + mw_issuerIdentifier_sha256AndDigest( + v_certificate.issuer.sha256AndDigest + ), + mw_toBeSignedCertificate_at( + -, + v_certificate.toBeSigned.verifyKeyIndicator + ) + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [PICS_SEC_SHA384 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + sha384, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + mw_issuerIdentifier_sha384AndDigest( + v_certificate.issuer.sha384AndDigest + ), + mw_toBeSignedCertificate_at( + -, + v_certificate.toBeSigned.verifyKeyIndicator + ) + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with AT certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with AT certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [PICS_SEC_SHA256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + sha256, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest( + v_certificate_digest + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured CA message received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_SHA384 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + sha384, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest( + v_certificate_digest + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured CA message received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_05_BV + + /** + * @desc Check that IUT sends the secured CAM containing the signing certificate when over the time of one + * second no other secured CAM contained the certificate was sent. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * and the IUT is configured to send more then one CAM per second + * and the IUT having sent a CAM + * containing generationTime + * indicating TIME_LAST + * } + * ensure that { + * when { + * the IUT is sending secured CAM as a message of type EtsiTs103097Data + * containing signer + * containing certificate + * } then { + * this message + * contains headerInfo + * containing generation_time + * indicating TIME (TIME >= TIME_LAST + 1sec) + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_06_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_06_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Time64 v_time_last; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + v_time_last := f_getSecuredMessage(v_geoNwInd.msgIn).content.signedData.tbsData.headerInfo.generationTime; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received, TIME_LAST = ", v_time_last, " ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + if (ff_abs(int2float(v_geoNwInd.msgIn.gnPacket.securedMsg.content.signedData.tbsData.headerInfo.generationTime - v_time_last)) <= 0.95) { + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was within a second ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: Generation of CAM messages including certificate was not within a second ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission with digest ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_06_BV + + /** + * @desc Check that IUT sends the secured CAM containing the signing certificate when the timeout of one second + * has been expired after the previous CAM containing the certificate. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state with AT certificate (CERT_IUT_A_AT) + * and the IUT is configured to send more than one CAM per second + * and the IUT having sent a CAM + * containing signer + * containing certificate + * and containing generationTime + * indicating TIME_LAST + * } + * ensure that { + * when { + * the IUT is sending secured CAM as a message of type EtsiTs103097Data + * containing generationTime + * indicating TIME (TIME >= TIME_LAST + 1sec) + * } then { + * this message is + * containing certificate + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_07_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_07_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const integer c_cntTimeLimit := 10; + const float c_certificateGenerationTime := 1.0; + timer t_maxTransInterval := c_certificateGenerationTime * 1.3;//1.15; + var integer v_cntTime := 0; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_component := f_setCamFrequencyGreatherThan1Hz(); + geoNetworkingPort.clear; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + t_maxTransInterval.start; + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + t_maxTransInterval.stop; + v_cntTime := v_cntTime + 1; + if (v_cntTime == c_cntTimeLimit) { // Exit message loop + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + // end of alt + } + else { + t_maxTransInterval.start; + log("*** " & testcasename() & ": INFO: CA message retransmission with certificate ***"); + repeat; + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission with digest ***"); + repeat; + } + [] t_maxTransInterval.timeout { + log("*** " & testcasename() & ": FAIL: CA message with certificate was not received in 1 sec after previous one ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_07_BV + + /** + * @desc Check that IUT sends the secured CAM containing the signing certificate when the IUT received + * a CAM from an unknown ITS-S. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * and the IUT is configured to send more than one CAM per second + * and the IUT having already sent CAM + * containing certificate + * at TIME_1 + * and the IUT having received a Ieee1609Dot2Data + * containing signedData + * containing signer + * containing digest + * indicating HashedId8 value + * referenced to unknown certificate (CERT_TS_B_AT) + * at TIME_2 (TIME_1 < TIME_2 < TIME_1+1sec) + * } + * ensure that { + * when { + * the IUT is requested to send CAM + * at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec) + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing signedData + * containing type + * containing signer + * containing certificate + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_08_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_08_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + timer t_maxTransInterval := 0.5; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_component := f_setCamFrequencyGreatherThan1Hz(); + geoNetworkingPort.clear; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message from unknown ITS-S + geoNetworkingPort.clear; + f_sendSecuredCam(cc_taCert_B, valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), valueof(m_signerIdentifier_digest), f_getTsStationId() + 10/*Unknown ITS-S*/); + + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } + + // Test Body + t_maxTransInterval.start; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + repeat; + } + [] t_maxTransInterval.timeout { + log("*** " & testcasename() & ": FAIL: CA message was transmited w/o unrecognized request header ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_08_BV + + /** + * @desc Check that IUT restarts the certificate sending timer when the certificate has been sent. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state (CERT_IUT_A_AT) + * and the IUT is configured to send more then one CAM per second + * and the IUT having already sent CAM + * containing signer + * containing certificate + * at TIME_1 + * and the IUT having received a CAM + * containing signer + * containing digest + * containing HashedId8 value + * indicating ann unknown certificate + * at TIME_2 (TIME_1 + 0.3sec) + * and the IUT having sent CAM + * containing signer + * containing certificate + * at TIME_3 (TIME_3 > TIME_2) + * } + * ensure that { + * when { + * the IUT is sending the next CAM + * containing signer + * containing certificate + * at TIME_4 + * } then { + * the difference between TIME_4 and TIME_3 is about of 1sec + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_09_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_09_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 1.0; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var SignerIdentifier v_signerIdentifier; + var ItsCam v_component; + var boolean v_firstCertReceived := false; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_component := f_setCamFrequencyGreatherThan1Hz(); + geoNetworkingPort.clear; + tc_ac.start; + alt { + [v_firstCertReceived == false] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + log("*** " & testcasename() & ": INFO: Initial conditions: The first CAM with certificate is received ***"); + v_firstCertReceived := true; + f_sleep(0.3); + // Send secured message with request for unrecognized certificate + f_getMsgSignerIdentifier(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier); + f_sendSecuredCam( + cc_taCert_F, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof( + m_signerIdentifier_digest( + f_calculateDigestFromCertificate( + v_signerIdentifier.certificate[0] + ) + ) + ) + ); + repeat; + } + [v_firstCertReceived == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + // start a timeout of one second to check + // that the next cert will be received after this timeout + t_maxTransInterval.start; + log("*** " & testcasename() & ": INFO: Initial conditions: The requested CAM with certificate is received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": FAIL: CA message certificate inclusion time wasn't restarted ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate ***"); + repeat; + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The CAM certificate inclusion timer has been restarted ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_09_BV + + /** + * @desc Check that the IUT sends certificate request when it receives secured CAM containing + * digest of unknown certificate as a message signer. + *
+ * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AT_DISTRIBUTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * and the IUT has receiving a EtsiTs103097Data + * containing signer + * containing digest + * indicating HashedId8 value DIGEST_A + * referencing an unknown certificate (CERT_TS_F_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing headerInfo + * containing inlineP2pcdRequest + * containing HashedId3 value + * indicating last 3 octets of DIGEST_A + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_10_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.1.2 + */ + testcase TC_SEC_ITSS_SND_CAM_10_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HashedId8 v_hashedId8; + var HashedId3 v_expectedHashedId3; + var ItsCam v_component; + timer t_maxTransInterval := 0.5; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AT_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_getCertificateDigest( + cc_taCert_F, + v_hashedId8 + ); + v_expectedHashedId3 := f_hashedId3FromHashedId8(v_hashedId8); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message from unknown ITS-S + geoNetworkingPort.clear; + f_sendSecuredCam( + cc_taCert_B, // SHA-256/NIST P-256 + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + t_maxTransInterval.start; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, -, + { v_expectedHashedId3 } + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate request was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + repeat; + } + [] t_maxTransInterval.timeout { + log("*** " & testcasename() & ": FAIL: CAM was transmited w/o unrecognized request header ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_10_BV + + /** + * @desc Check that the IUT sends certificate request when it receives secured CAM + * containing certificate signed by unknown AA certificate. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA256 + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * and the IUT has receiving a message of type EtsiTs103097Data + * containing signer + * containing certificate + * containing issuer + * containing sha256AndDigest + * indicating HashedId8 value DIGEST_F + * referencing an unknown certificate (CERT_TS_B_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing signedData + * containing tbsData + * containing headerInfo + * containing inlineP2pcdRequest + * containing HashedId3 value + * indicating last 3 octets of DIGEST_F + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_11_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.1.2 + */ + testcase TC_SEC_ITSS_SND_CAM_11_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HashedId8 v_hashedId8; + var HashedId3 v_expectedHashedId3; + var ItsCam v_component; + + // Test control + if (not(PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA256)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA256' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + if (PICS_SEC_SHA256 == true) { + f_getCertificateDigest( + cc_taCert_F, + v_hashedId8 + ); + } + v_expectedHashedId3 := f_hashedId3FromHashedId8(v_hashedId8); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message from unknown ITS-S + geoNetworkingPort.clear; + f_sendSecuredCam( + cc_taCert_B, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement; + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, + -, + { v_expectedHashedId3 } + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate request was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate request ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_11_01_BV + + /** + * @desc Check that the IUT sends certificate request when it receives secured CAM + * containing certificate signed by unknown AA certificate. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA384 + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * and the IUT has receiving a message of type EtsiTs103097Data + * containing signer + * containing certificate + * containing issuer + * containing sha384AndDigest + * indicating HashedId8 value DIGEST_A + * referencing an unknown certificate (CERT_TS_B_1_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing signedData + * containing tbsData + * containing headerInfo + * containing inlineP2pcdRequest + * containing HashedId3 value + * indicating last 3 octets of DIGEST_A + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_11_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.1.2 + */ + testcase TC_SEC_ITSS_SND_CAM_11_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HashedId8 v_hashedId8; + var HashedId3 v_expectedHashedId3; + var ItsCam v_component; + + // Test control + if (not(PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA384)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA384' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + if (PICS_SEC_SHA384 == true) { + f_getCertificateDigest( + cc_taCert_F3, + v_hashedId8 + ); + } + v_expectedHashedId3 := f_hashedId3FromHashedId8(v_hashedId8); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message from unknown ITS-S + geoNetworkingPort.clear; + f_sendSecuredCam( + cc_taCert_B, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement; + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, + -, + { v_expectedHashedId3 } + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate request was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate request ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_11_02_BV + + /** + * @desc Check that IUT sends the secured CAM containing the signing certificate when it received + * a CAM containing a request for unrecognized certificate that matches with the currently + * used AT certificate ID of the IUT. + *
+ * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AT_DISTRIBUTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * and the IUT is configured to send more than one CAM per second + * and the IUT having already sent a CAM + * containing signer + * containing certificate + * at TIME_1 + * and the IUT having received a CAM + * containing inlineP2pcdRequest + * containing HashedId3 + * indicaing value HASHED_ID_3 + * indicating last 3 octets of currently used AT certificate + * at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec) + * } + * ensure that { + * when { + * the IUT is requested to send a CAM + * at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec) + * } then { + * the IUT sends a CAM + * containing signer + * and containing certificate + * referenced by the HashedId3 value HASHED_ID_3 + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_12_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_12_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 1.0; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AT_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_getCertificateDigest( + cc_taCert_B, // Unknown certificate + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + var SignerIdentifier v_signerIdentifier; + var SequenceOfCertificate v_certificates; + var integer v_certificatesLength; + + tc_ac.stop; + t_maxTransInterval.stop; + // Extract certificate chain + f_getMsgSignerIdentifier(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerIdentifier); + v_certificates := v_signerIdentifier.certificate; + v_certificatesLength := lengthof(v_certificates); + if (v_certificatesLength == 1) { + // Check reference + if (f_calculateDigestFromCertificate(v_certificates[0]) == v_hashedId8) { + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: Wrong certificate reference ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } else { + log("*** " & testcasename() & ": FAIL: Unexpected certificate content ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate ***"); + repeat; + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_12_BV + + /** + * @desc Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate + * headerInfo field when it received a CAM containing a request for unrecognized certificate that + * matches with the currently used AA certificate ID of the IUT. + *
+ * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AT_DISTRIBUTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * issued by the AA certificate (CERT_IUT_A_AA) + * and the IUT is configured to send more than one CAM per second + * and the IUT having already sent a CAM + * containing signer + * containing certificate + * at TIME_1 + * and the IUT having received a CAM + * containing inlineP2pcdRequest + * containing HashedId3 value + * indicating last 3 octets of the digest of CERT_IUT_A_AA + * at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec) + * } + * ensure that { + * when { + * the IUT is requested to send a CAM + * at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec) + * } then { + * the IUT sends a CAM + * containing headerInfo + * and containing the requestedCertificate + * indicating requested AA certificate CERT_IUT_A_AA + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_13_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_13_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 1.0; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AT_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_A_AA, v_aa_certificate); + f_getCertificateDigest( + cc_iutCert_A_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, -, -, + v_aa_certificate + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate ***"); + repeat; + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_13_BV + + /** + * @desc Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate headerInfo + * field when it received a CAM containing a request for unrecognized certificate that matches with the known + * AA certificate ID which is not currently used by the IUT. + *
+ * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * and the IUT is configured to send more than one CAM per second + * and the IUT is configured to know the AA certificate (CERT_TS_B_AA) + * and the IUT having already sent a CAM + * containing signer + * containing certificate + * at TIME_1 + * and the IUT having received a CAM + * containing inlineP2pcdRequest + * containing HashedId3 value + * indicating last 3 octets of the digest of CERT_TS_B_AA + * which is not an issuer of currently used AT certificate + * at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec) + * } + * ensure that { + * when { + * the IUT is requested to send a CAM + * at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec) + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing headerInfo + * containing the requestedCertificate + * indicating requested AA certificate (CERT_TS_B_AA) + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_14_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_14_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 1.0; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_taCert_B_AA, v_aa_certificate); + f_getCertificateDigest( + cc_taCert_B_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, -, -, + v_aa_certificate + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_14_BV + + /** + * @desc Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate + * headerInfo field when it was previously requested and already received from another ITS-S. + *
+ * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * issued by the AA certificate (CERT_IUT_A_AA) + * and the IUT is configured to send more than one CAM per second + * and the IUT having already sent a CAM + * containing signer + * containing certificate + * at TIME_1 + * and the IUT having received a CAM + * containing inlineP2pcdRequest + * containing HashedId3 value + * indicating last 3 octets of the digest of CERT_IUT_A_AA + * at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 0.8sec) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 0.9sec) + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing headerInfo + * does not containing requestedCertificate + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_15_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_15_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 0.8; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_A_AA, v_aa_certificate); + f_getCertificateDigest( + cc_iutCert_A_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam // does not containing requested certificate + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_15_BV + + /** + * @desc Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate + * headerInfo field when it contains certificate in the signer field. + *
+ * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * issued by the AA certificate (CERT_IUT_A_AA) + * and the IUT is configured to send more than one CAM per second + * and the IUT having already sent a CAM + * containing signer + * containing certificate + * at TIME_1 + * and the IUT having received a CAM + * containing inlineP2pcdRequest + * containing HashedId3 value + * indicating last 3 octets of the digest of CERT_IUT_A_AA + * at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 0.9sec) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec) + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing signer + * containing certificate + * and containing headerInfo + * not containing requestedCertificate + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_16_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_16_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 0.8; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_taCert_AA, v_aa_certificate); + f_getCertificateDigest( + cc_taCert_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam // Not containing requestedCertificate + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam // Not containing requestedCertificate + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate ***"); + repeat; + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_16_BV + + /** + * @desc Check that the IUT send a secured CAM containing the AA certificate in the + * requestedCertificate headerInfo field with the next CAM containing digest + * as a signer info. + *
+ * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * issued by the AA certificate (CERT_IUT_A_AA) + * and the IUT is configured to send more than one CAM per second + * and the IUT having already sent a CAM + * containing signer + * containing certificate + * at TIME_1 + * and the IUT having received a CAM + * containing inlineP2pcdRequest + * containing HashedId3 value + * indicating last 3 octets of the digest of CERT_IUT_A_AA + * at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec) + * } + * ensure that { + * when { + * the IUT is sending a first subsequent secured CAM + * containing signer + * containing digest + * } then { + * this message + * containing headerInfo + * containing requestedCertificate + * indicating requested AA certificate CERT_IUT_A_AA + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_17_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_17_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_A_AA, v_aa_certificate); + f_getCertificateDigest( + cc_iutCert_A_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, -, -, + v_aa_certificate + ) + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_17_BV + + /** + * @desc Check that IUT sends the secured CAM containing generation time and this time is inside the validity period of the signing certificate; + * Check that message generation time value is realistic + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a CAM + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing headerInfo + * containing generationTime + * indicating TIME_1 (CUR_TIME - 5min <= TIME_1 <= CUR_TIME + 5min) + * and containing signer + * containing certificate + * containing toBeSigned + * containing validityPeriod + * containing start + * indicating value X_START_VALIDITY (X_START_VALIDITY <= GEN_TIME) + * and containing duration + * indicating value > GEN_TIME - X_START_VALIDITY + * } + * } + *+ * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_18_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.1 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2, 5.2.4.2.2, 5.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_18_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + const integer c_timeLimit := 2 * 60 * 1000000; // us + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var Time64 v_generationTime; + var Time64 v_curTime; + var SignerIdentifier v_signerIdentifier; + var ValidityPeriod v_validityPeriod; + var Certificate v_cert; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + geoNetworkingPort.clear; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo); + v_generationTime := v_headerInfo.generationTime; + v_curTime := f_getCurrentTime(); + v_curTime := v_curTime * 1000; // Time64 is in microseconds + log("v_generationTime (us)=", v_generationTime); + log("c_timeLimit (us)=", c_timeLimit); + log("v_curTime (us)=", v_curTime); + log("valid interval=", Time64:(v_curTime - c_timeLimit .. v_curTime + c_timeLimit)); + // Check generation time + if (not match(v_generationTime, Time64:(v_curTime - c_timeLimit .. v_curTime + c_timeLimit))) { + log("*** " & testcasename() & ": FAIL: CA message generation time is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // Check certificate validity period + f_getMsgSignerIdentifier (f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier); + log("v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_ (s)=", v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_); + log("c_timeLimit (s)=", c_timeLimit / 1000000); + log("v_curTime (s)=", v_curTime / 1000000); + log("valid interval=", Time32:((v_curTime - c_timeLimit) / 1000000, (v_curTime + c_timeLimit) / 1000000)); + if (v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_ > (v_curTime + c_timeLimit) / 1000000) { + log("*** " & testcasename() & ": FAIL: CA message certificate validity period is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // TODO Check duration + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission with digest ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_18_BV + + /** + * @desc Check that IUT sends the secured CAM containing the 'data' field in signed data payload, + * containing the EtsiTs103097Data of type unsecured, contained the CAM payload + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * contains content + * contains signedData + * containing tbsData + * containing payload + * containing data + * containing content + * containing unsecuredData + * containing not-empty data + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_19_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_19_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + log("###############", mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_cam + ) + ) + ) + ))); + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CAM received with a well formated payload ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_19_BV + + /** + * @desc Check that the IUT sends the secured CAM signed with the certificate containing appPermisions + * allowing to sign CA messages + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing signer + * containing certificate + * containing appPermissions + * containing an item of type PsidSsp + * containing psid = AID_CAM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_20_BV + * @reference ETSI TS 103 097 [1] Clauses 7.2.1 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_20_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( // containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_CAM), * } + ) + ) + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CAM received with a well formated certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: CA message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_20_BV + + /** + * @desc Check that IUT sends the secured CAM containing signature; + * Check that the signature is calculated over the right fields + * and using right hash algorythm by cryptographically verifying the signature + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (X_CERTIFICATE) + * containing verifyKeyIndicator + * containing verificationKey + * containing X_KEY + * indicating KEY + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing signedData + * containing signer + * containing digest + * referencing the certificate X_CERTIFICATE + * or containing certificate + * indicating X_CERTIFICATE + * and containing signature + * containing X_SIGNATURE + * verifiable using KEY + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_21_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + * @reference IEEE 1609.2 [2], Clauses 5.3.1, 6.3.4, 6.3.29, 6.3.30, 6.3.31 + + */ + testcase TC_SEC_ITSS_SND_CAM_21_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var EtsiTs103097Certificate v_certificate; + var Signature v_signature; + var GeoNetworkingInd v_geoNwInd; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(vc_hashedId8ToBeUsed, v_certificate); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest( // containing digest referencing the certificate X_CERTIFICATE + f_getCertificateIssuer(v_certificate.issuer) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: CA message with digest received ***"); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( // or containing containing certificate indicating X_CERTIFICATE + v_certificate + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: CA message with certificate received ***"); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + // Check that the signature is calculated over the right fields and using right hash algorythm by cryptographically verifying the signature + if (f_verifyGnSecuredMessageSignatureWithCertificate(f_getSecuredMessage(v_geoNwInd.msgIn), vc_hashedId8ToBeUsed, v_certificate)) { + log("*** " & testcasename() & ": PASS: Signature verified successfully ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: Signature not verified successfully ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_21_BV + + /** + * @desc Check that IUT sends the secured CAM containing signature containing the ECC point of type set to + * either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing signedData + * containing signature + * containing X_SIGNATURE + * containing rSig + * containing x-only + * or containing compressed-y-0 + * or containing compressed-y-1 + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_22_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + * @reference IEEE 1609.2 [2], Clauses 6.3.30, 6.3.31 + */ + testcase TC_SEC_ITSS_SND_CAM_22_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [PICS_SEC_NIST_P256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaNistP256( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_x_only + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_NIST_P256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaNistP256( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_compressed_y_0 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_NIST_P256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaNistP256( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_compressed_y_1 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P256R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP256r1( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_x_only + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P256R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP256r1( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_compressed_y_0 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P256R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP256r1( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_compressed_y_1 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P384R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP384r1( + mw_ecdsaP384Signature( + mw_eccP384CurvePoint_x_only + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P384R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP384r1( + mw_ecdsaP384Signature( + mw_eccP384CurvePoint_compressed_y_0 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P384R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP384r1( + mw_ecdsaP384Signature( + mw_eccP384CurvePoint_compressed_y_1 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: CA message with wrong signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_22_BV + + /** + * @desc Check that IUT doesn't send secured CAMs if IUT is authorized with AT certificate doesn't allowing + * sending messages in this location. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_C1_AT) + * containing region + * indicating rectangular region + * not containing current IUT position + * and the IUT has no other installed AT certificates + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT doesn't send CAM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_23_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_23_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_C1; + f_cf01Up(); // Initialise IUT with CERT_IUT_C1_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_23_BV + + /** + * @desc Check that IUT doesn't send the secured CAM if IUT is configured to use an AT certificate without + * region validity restriction and generation location is outside of the region of the issuing AA certificate. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_CA3_AT) + * not containing region + * and issued by the AA certificate (CERT_IUT_C3_AA) + * containing region + * indicating rectangular region + * not containing current IUT position + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT doesn't send CAM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_24_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_24_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_CA3; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_24_BV + + /** + * @desc Check that IUT doesn't send secured CAMs if all AT certificates installed on the IUT was expired. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_CA3_AT) + * containing validityPeriod + * indicating start + duration < CURRENT_TIME + * and the IUT has no other installed AT certificates + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT doesn't send CAM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_25_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_25_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A1; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_25_BV + + /** + * @desc Check that IUT doesn't send secured CAMs if all AT certificates installed on the IUT have the starting time in the future. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A2_AT) + * containing validityPeriod + * indicating start > CURRENT_TIME + * and the IUT has no other installed AT certificates + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT doesn't send CAM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_26_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_26_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A2; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_26_BV + + /** + * @desc Check that IUT doesn't send secured CAMs if IUT doesn't possess an AT certificate allowing + * sending CAM by its appPermissions. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A3_AT) + * containing appPermissions + * not containing PsidSSP + * containing psid + * indicating AID_CAM + * and the IUT has no other installed AT certificates + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT doesn't send CAM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_27_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_27_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A3; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_27_BV + + /** + * @desc Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing tbsData + * containing headerInfo + * containing psid + * indicating 'AID_CAM' + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_28_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_28_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_A_AT_A8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT_A8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_28_BV + + /** + * @desc Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured CAM + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing tbsData + * containing headerInfo + * containing psid + * indicating 'AID_CAM' + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_29_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_29_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_A_AT_A8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT_A8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_29_BV + + } // End of group camProfile + + /** + * @desc Sending behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.5 DENM profile + */ + group denmProfile { + + /** + * @desc Check that secured DENM is signed + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing content + * containing signedData + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_01_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.2 + */ + testcase TC_SEC_ITSS_SND_DENM_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The DEN message is secured"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_01_BV + + /** + * @desc Check that IUT sends the secured DENM containing the HeaderInfo field psid set to 'AID_DENM' + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing tbsData + * containing headerInfo + * containing psid + * indicating 'AID_DENM' + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_02_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.2 + */ + testcase TC_SEC_ITSS_SND_DENM_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_02_BV + + /** + * @desc Check that IUT sends the secured DENM with the HeaderInfo containing generationTime and generationLocation + * and doesn't containing expiryTime, encryptionKey, p2pcdLearningRequest, missingCrlIdentifier, + * inlineP2pcdRequest, requestedCertificate. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing tbsData + * containing headerInfo + * containing generationTime + * and containing generationLocation, + * and not containing expiryTime + * and not containing encryptionKey + * and not containing p2pcdLearningRequest + * and not containing missingCrlIdentifier + * and not containing inlineP2pcdRequest + * and not containing requestedCertificate + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_03_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2 + */ + testcase TC_SEC_ITSS_SND_DENM_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_03_BV + + /** + * @desc Check that IUT sends the secured DENM containing signer containing certificate. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing signer + * containing certificate + * containing toBeSigned + * containing appPermissions + * containing the item of type PsidSsp + * containing psid + * indicating AID_DENM + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_04_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2 + * @reference IEEE 1609.2 [2] Clause 6.3.4 + */ + testcase TC_SEC_ITSS_SND_DENM_04_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( // or containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_DENM), * } + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing certificate"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: Incorrect secured packet received, containing digest"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_04_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation time + * and this time is inside the validity period of the signing certificate; + * Check that message generation time value is realistic. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a DENM + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing headerInfo + * containing generationTime + * indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min) + * and containing signer + * containing certificate + * containing toBeSigned + * containing validityPeriod + * containing start + * indicating value X_START_VALIDITY (X_START_VALIDITY <= GEN_TIME) + * and containing duration + * indicating value > GEN_TIME - X_START_VALIDITY + * } + * } + *+ * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_05_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2, 5.2.4.2.2, 5.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_DENM_05_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + const integer c_timeLimit := 10 * 60 * 1000000; // us + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var Time64 v_generationTime; + var Time64 v_curTime; + var SignerIdentifier v_signerIdentifier; + var ValidityPeriod v_validityPeriod; + var Certificate v_cert; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo); + v_generationTime := v_headerInfo.generationTime; + v_curTime := f_getCurrentTime(); + v_curTime := v_curTime * 1000; // Time64 is in microseconds + log("v_curTime (us)=", v_curTime); + log("c_timeLimit (us)=", c_timeLimit); + // Check generation time + if (not match(v_generationTime, Time64:(v_curTime - c_timeLimit .. v_curTime + c_timeLimit))) { + log("*** " & testcasename() & ": FAIL: DEN message generation time is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // Check certificate validity period + f_getMsgSignerIdentifier (f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier); + if (v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_ > (v_curTime + c_timeLimit) / 1000) { + log("*** " & testcasename() & ": FAIL: DEN message certificate validity period is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // TODO Check duration + log("*** " & testcasename() & ": PASS: Generation of DENM messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_05_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation location when signing certificate + * chain doesn't have any region restriction. + + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * containing toBeSigned + * not containing region + * and issuied by the certificate AA (CERT_IUT_A_AA) + * containing toBeSigned + * not containing region + * and issuied by the certificate RCA (CERT_IUT_A_RCA) + * containing toBeSigned + * not containing region + * } + * ensure that { + * when { + * the IUT is requested to send a DENM + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing headerInfo + * containing generationLocation + * } + * } + *+ * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_06_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_06_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + -, -, -, + omit + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: DEN message contains generationLocation ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_06_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation location which is inside the circular region + * defined by the validity restriction of the certificate pointed by the message signer. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (X_AT_CERTIFICATE) + * containing toBeSigned + * containing region + * containing X_FIELD + * indicating REGION + * } + * ensure that { + * when { + * the IUT is requested to send a DENM + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing headerInfo + * containing generationLocation + * indicating value inside the REGION + * } + * } + *+ * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_07_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_07_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var SignerIdentifier v_signerIdentifier; + var Certificate v_cert; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_B; // PICS_SEC_CIRCULAR_REGION + //vc_hashedId8ToBeUsed := cc_iutCert_C; // PICS_SEC_RECTANGULAR_REGION + //vc_hashedId8ToBeUsed := cc_iutCert_D; // PICS_SEC_POLYGONAL_REGION + //vc_hashedId8ToBeUsed := cc_iutCert_E; // PICS_SEC_IDENTIFIED_REGION + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + -, -, -, + ? + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo) and f_getMsgSignerIdentifier(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier)) { + var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation }; + var integer v_counter; + + for (v_counter := 0; v_counter < lengthof(v_signerIdentifier.certificate); v_counter := v_counter + 1) { + if (f_isLocationInsideRegion(v_signerIdentifier.certificate[v_counter].toBeSigned.region, v_location) == false) { + break; + } + } // End of of for statement + if (v_counter == lengthof(v_signerIdentifier.certificate)) { + log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } else { + log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_07_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation location which is inside the identified + * region defined by the validity restriction of the AA certificate used to sign the certificate + * pointed by the message signer doesn't containing any region restriction. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_CA1_AT) + * containing toBeSigned + * not containing region + * and issuied by the certificate AA (CERT_IUT_CC_AA) + * containing toBeSigned + * containing circularRegion + * indicating REGION + * and issuied by the certificate RCA (CERT_IUT_C_RCA) + * containing toBeSigned + * containing circularRegion + * indicating REGION + * } + * ensure that { + * when { + * the IUT is requested to send a DENM + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing headerInfo + * containing generationLocation + * indicating value inside the REGION + * } + * } + *+ * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_09_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 & 6.4.8 + */ + testcase TC_SEC_ITSS_SND_DENM_09_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var SignerIdentifier v_signerIdentifier; + var Certificate v_at_certificate; + var Certificate v_aa_certificate; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_CA1; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_CA1, v_at_certificate); + f_readCertificate(cc_iutCert_CC_AA, v_aa_certificate); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + v_at_certificate.toBeSigned.appPermissions, + v_at_certificate.toBeSigned.verifyKeyIndicator, + v_at_certificate.toBeSigned.validityPeriod, + omit + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo)) { + var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation }; + + if (f_isLocationInsideRegion(v_at_certificate.toBeSigned.region, v_location) == true) { + log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } else { + log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_09_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation location which is inside the identified + * region defined by the validity restriction of the root certificate when subordinate AA and AT + * certificates don't contain any region restriction. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_CA2_AT) + * containing toBeSigned + * not containing region + * and issuied by the certificate AA (CERT_IUT_CC_AA) + * containing toBeSigned + * containing circularRegion + * indicating REGION + * and issuied by the certificate RCA (CERT_IUT_C_RCA) + * containing toBeSigned + * containing circularRegion + * indicating REGION + * } + * ensure that { + * when { + * the IUT is requested to send a DENM + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing headerInfo + * containing generationLocation + * indicating value inside the REGION + * } + * } + *+ * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_10_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 & 6.4.8 + */ + testcase TC_SEC_ITSS_SND_DENM_10_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var SignerIdentifier v_signerIdentifier; + var Certificate v_at_certificate; + var Certificate v_aa_certificate; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_CA2; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_CA2, v_at_certificate); + f_readCertificate(cc_iutCert_CC_AA, v_aa_certificate); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + v_at_certificate.toBeSigned.appPermissions, + v_at_certificate.toBeSigned.verifyKeyIndicator, + v_at_certificate.toBeSigned.validityPeriod, + omit + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo)) { + var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation }; + + if (f_isLocationInsideRegion(v_at_certificate.toBeSigned.region, v_location) == true) { + log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } else { + log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_10_BV + + /** + * @desc Check that IUT sends the secured DENM containing the 'data' field in signed data payload, + * containing the EtsiTs103097Data of type unsecured, contained the DENM payload + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * contains content + * contains signedData + * containing tbsData + * containing payload + * containing data + * containing content + * containing unsecuredData + * containing not-empty data + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_11_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2 + */ + testcase TC_SEC_ITSS_SND_DENM_11_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_denm + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: DENM received with a well formated payload"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_11_BV + + /** + * @desc Check that the IUT sends the secured DENM signed with the certificate containing appPermisions + * allowing to sign DEN messages + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing signer + * containing certificate + * containing appPermissions + * containing an item of type PsidSsp + * containing psid + * indicating value AID_DENM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_12_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_12_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( // containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_DENM), * } + ) + ) + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: DEN message received with a well formated certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: DEN message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_12_BV + + /** + * @desc Check that IUT sends the secured DENM containing signature; + * Check that the signature is calculated over the right fields + * and using right hash algorythm by cryptographically verifying the signature + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (X_CERTIFICATE) + * containing verifyKeyIndicator + * containing verificationKey + * containing X_KEY + * indicating KEY + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing signedData + * containing signer + * containing certificate + * indicating X_CERTIFICATE + * containing verifyKeyIndicator + * containing verificationKey + * containing X_KEY + * indicating KEY + * and containing signature + * containing X_SIGNATURE + * verifiable using KEY + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_13_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.3.1, 6.3.4, 6.3.29, 6.3.30, 6.3.31 + + */ + testcase TC_SEC_ITSS_SND_DENM_13_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var EtsiTs103097Certificate v_certificate; + var Signature v_signature; + var GeoNetworkingInd v_geoNwInd; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(vc_hashedId8ToBeUsed, v_certificate); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( // or containing containing certificate indicating X_CERTIFICATE + v_certificate + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: DEN message with certificate received ***"); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest( + f_getCertificateIssuer(v_certificate.issuer) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + // Check that the signature is calculated over the right fields and using right hash algorythm by cryptographically verifying the signature + if (f_verifyGnSecuredMessageSignatureWithCertificate(f_getSecuredMessage(v_geoNwInd.msgIn), vc_hashedId8ToBeUsed, v_certificate)) { + log("*** " & testcasename() & ": PASS: Signature verified successfully ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: Signature not verified successfully ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_13_BV + + /** + * @desc Check that the IUT supports at least 8 entries in the rectangular certificate validity region in the AT certificate + *
+ * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_RECTANGULAR_REGION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_C_AT_8) + * containing toBeSigned + * containing region + * containing rectangularRegion + * containing 8 entries + * containing an entry (ENTRY) + * containing current IUT position + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing headerInfo + * containing genrationLocation + * containing appPermissions + * indicating position inside ENTRY + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_14_BV + * @reference IEEE 1609.2 [2], Clauses 6.4.17 + */ + testcase TC_SEC_ITSS_SND_DENM_14_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_RECTANGULAR_REGION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_RECTANGULAR_REGION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_C_AT_8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_C_AT_8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_ac.stop; + + // FIXME Check position inside rectangular area + log("*** " & testcasename() & ": PASS: DEN message received inside the position ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: DEN message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_14_BV + + /** + * @desc Check that the IUT supports at least 8 entries in the rectangular certificate validity region in the AT certificate + *
+ * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_POLYGONAL_REGION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_D_AT_8) + * containing toBeSigned + * containing region + * containing polygonalRegion + * containing 8 entries + * indicating polygon P + * and the IUT's position is inside the polygon P + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing headerInfo + * containing genrationLocation + * containing appPermissions + * indicating position inside P + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_15_BV + * @reference IEEE 1609.2 [2], Clauses 6.4.17 + */ + testcase TC_SEC_ITSS_SND_DENM_15_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_POLYGONAL_REGION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_POLYGONAL_REGION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_D_AT_8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_D_AT_8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_ac.stop; + + // FIXME Check position inside polygonal area + log("*** " & testcasename() & ": PASS: DEN message received inside the position ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: DEN message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_15_BV + + /** + * @desc Check that the IUT supports at least 8 entries in the rectangular certificate validity region in the AT certificate + *
+ * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_IDENTIFIED_REGION + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_E_AT_8) + * containing toBeSigned + * containing region + * containing polygonalRegion + * containing 8 entries + * indicating one of the items (I) + * containing current IUT position + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing headerInfo + * containing genrationLocation + * containing appPermissions + * indicating position inside I + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_16_BV + * @reference IEEE 1609.2 [2], Clauses 6.4.17 + */ + testcase TC_SEC_ITSS_SND_DENM_16_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_IDENTIFIED_REGION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_IDENTIFIED_REGION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_E_AT_8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_E_AT_8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_ac.stop; + + // FIXME Check position inside identified region + log("*** " & testcasename() & ": PASS: DEN message received inside the position ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: DEN message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_16_BV + + /** + * @desc Check that IUT doesn't send secured DENMs if IUT doesn't possess an AT certificate allowing + * sending messages in this location. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_C1_AT) + * containing region + * indicating rectangular region + * not containing current IUT position + * and the IUT has no other installed AT certificates + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT doesn't send DENM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_17_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_17_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_C1; + f_cf01Up(); // Initialise IUT with CERT_IUT_C1_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_17_BV + + /** + * @desc Check that IUT doesn't send the secured DENM if IUT is configured to use an AT certificate + * without region validity restriction and generation location is outside of the region of the + * issuing AA certificate. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_C3_AT) + * not containing region + * and issued by the AA certificate (CERT_IUT_C3_AA) + * containing region + * indicating rectangular region + * not containing current IUT position + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT doesn't send DENM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_18_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_18_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_CA3; + f_cf01Up(); // Initialise IUT with CERT_IUT_CA3_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_18_BV + + /** + * @desc Check that IUT doesn't send secured DENMs if all AT certificates installed on the IUT are expired. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A1_AT) + * containing validityPeriod + * indicating start + duration < CURRENT_TIME + * and the IUT has no other installed AT certificates + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT doesn't send DENM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_19_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_19_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A1; + f_cf01Up(); // Initialise IUT with CERT_IUT_A1_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_19_BV + + /** + * @desc Check that IUT doesn't send secured DENMs if all AT certificates installed on the IUT have the starting time in the future. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A2_AT) + * containing validityPeriod + * indicating start > CURRENT_TIME + * and the IUT has no other installed AT certificates + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT doesn't send DENM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_20_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_20_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A2; + f_cf01Up(); // Initialise IUT with CERT_IUT_A2_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_20_BV + + /** + * @desc Check that IUT doesn't send secured DENMs if IUT doesn't possess an AT certificate allowing + * sending DENM by its appPermissions. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A4_AT) + * containing appPermissions + * not containing PsidSSP + * containing psid + * indicating AID_CAM + * } + * ensure that { + * when { + * the IUT is requested to send a secured DENM + * } then { + * the IUT doesn't send DENM + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_21_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_21_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A4; + f_cf01Up(); // Initialise IUT with CERT_IUT_A4_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_21_BV + + } // End of group denmProfile + + /** + * @desc Sending behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.6 Generic signed message profile + */ + group genericSignedMessageProfile { + + /** + * @desc Check that IUT sends the secured message using signedData container. + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is requested to send a secured Beacon + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing content + * containing signedData + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_01_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The GN message is secured ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_01_BV + + /** + * @desc Check that the sent Secured Message contains HeaderField its_aid that is set to other value then AID_CAM and AID_DENM. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is requested to send a secured Beacon + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing tbsData + * containing headerInfo + * containing psid + * indicating 'AID_GNMGMT' + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_02_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The GN message is secured ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_02_BV + + /** + * @desc Check that IUT sends the secured GeoNetworking message with the headerInfo containing generationTime. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is requested to send a secured Beacon + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing tbsData + * containing headerInfo + * containing generationTime + * and not containing expiryTime + * and not containing generationLocation + * and not containing p2pcdLearningRequest + * and not containing missingCrlIdentifier + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_03_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The GN message is secured ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_03_BV + + /** + * @desc Check that IUT sends the secured GeoNetworking message containing certificate or digest as a signer. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is requested to send a secured Beacon + * } then { + * the IUT sends a Ieee1609Dot2Data + * containing content + * containing signedData + * containing signer + * containing digest + * or containing certificate + * containing toBeSigned + * containing appPermissions + * containing the item of type PsidSsp + * containing psid + * indicating AID_GNMGMT + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_04_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + * @reference IEEE 1609.2 [2] Clause 6.3.4 + */ + testcase TC_SEC_ITSS_SND_GENMSG_04_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_digest // containing digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: Correct secured packet received, containing digest ***"); + repeat; + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_certificate( // or containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_GN), * } + ) + ) + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_04_BV + + /** + * @desc Check that IUT sends the secured GeoNetworking message containing generation time + * and this time is inside the validity period of the signing certificate; + * Check that message generation time value is realistic. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is requested to send a secured Beacon + * containing certificate + * } then { + * the IUT sends a SecuredMessage of type EtsiTs103097Data + * containing headerInfo + * containing generationTime + * indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min) + * and containing signer + * containing certificate + * containing toBeSigned + * containing validityPeriod + * containing start + * indicating value X_START_VALIDITY (X_START_VALIDITY <= GEN_TIME) + * and containing duration + * indicating value > GEN_TIME - X_START_VALIDITY + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_05_BV + * @reference ETSI TS 103 097 [1] Clauses 5.4 & 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_05_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const integer c_timeLimit := 10 * 60 * 1000000; // us + var LongPosVector v_longPosVectorIut; + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var Time64 v_generationTime; + var Time64 v_curTime; + var SignerIdentifier v_signerIdentifier; + var ValidityPeriod v_validityPeriod; + var Certificate v_cert; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_certificate // containing certificate + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First GN message with certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: GN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_certificate // containing certificate + ) + ) + ))) -> value v_geoNwInd { + tc_ac.stop; + f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo); + v_generationTime := v_headerInfo.generationTime; + v_curTime := f_getCurrentTime(); + v_curTime := v_curTime * 1000; // Time64 is in microseconds + log("v_curTime (us)=", v_curTime); + // Check generation time + if (not match(v_generationTime, Time64:(v_curTime - c_timeLimit .. v_curTime + c_timeLimit))) { + log("*** " & testcasename() & ": FAIL: GN generation time is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // Check certificate validity period + f_getMsgSignerIdentifier (f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier); + if (not match(v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_, Time32:(v_curTime - c_timeLimit / 1000000, v_curTime + c_timeLimit / 1000000))) /*In seconds*/{ + log("*** " & testcasename() & ": FAIL: GN certificate validity period is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + log("*** " & testcasename() & ": PASS: Generation of GN messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_digest // containing digest + ) + ) + ))) { + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing digest ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_BV + + /** + * @desc Check that IUT sends the secured message using the 'data' field in signed data payload, + * containing the EtsiTs103097Data of type unsecured, + * containing the data payload or using the extDataHash field containing the SHA256 hash of data payload. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is requested to send a secured Beacon + * } then { + * the IUT sends a message of type EtsiTs103097Data + * contains content + * contains signedData + * containing tbsData + * containing payload + * containing data + * containing content + * containing unsecuredData + * containing not-empty data + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_06_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_06_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: GN received with a well formated payload ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_06_BV + + /** + * @desc Check that the IUT sends the secured messages signed with the certificate + * containing appPermisions allowing to sign these messages. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (CERT_IUT_A_AT) + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is requested to send a secured Beacon + * } then { + * the IUT sends a message of type EtsiTs103097Data + * contains signer + * contains certificate + * containing appPermissions + * containing an item of type PsidSsp + * containing psid + * indicating value AID_GNMGMT + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_07_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + * @reference IEEE 1609.2 [2] Clause 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_GENMSG_07_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_digest // containing digest + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: received with a well formated payload ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_07_BV + + /** + * @desc Check that IUT sends the secured GeoNetworking message containing signature; + * Check that the signature is calculated over the right fields and using right + * hash algorythm by cryptographically verifying the signature. + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is authorized with AT certificate (X_CERTIFICATE) + * } + * ensure that { + * when { + * the IUT is requested to send a secured beacon + * } then { + * the IUT sends a message of type EtsiTs103097Data + * containing signedData + * containing signer + * containing digest + * referencing the certificate X_CERTIFICATE + * or containing certificate + * indicating X_CERTIFICATE + * and containing signature + * containing X_SIGNATURE + * verifiable using KEY + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_08_BV + * @reference ETSI TS 103 097 [1], Clauses 5.2 & 7.1.3 + * @reference IEEE 1609.2 [2], Clauses 5.3.1, 6.3.4, 6.3.29, 6.3.30, 6.3.31 + */ + testcase TC_SEC_ITSS_SND_GENMSG_08_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + var EtsiTs103097Certificate v_certificate; + var Signature v_signature; + var GeoNetworkingInd v_geoNwInd; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(vc_hashedId8ToBeUsed, v_certificate); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_digest( // containing digest referencing the certificate X_CERTIFICATE + f_getCertificateIssuer(v_certificate.issuer) + ) + ) + ) + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: GN message with digest received ***"); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_certificate( // or containing containing certificate indicating X_CERTIFICATE + v_certificate + ) + ) + ) + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: GN message with certificate received ***"); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_08_BV + + } // End of group genericSignedMessageProfile + + } // End of group sendingBehavior + + /** + * @desc Receiver behaviour test cases + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3 Receiver behaviour + */ + group receiverBehavior { + + /** + * @desc Check that IUT acepts a secured message containing protocol version set to a value 3 + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is being authorized with the certificate CERT_IUT_A_AT + * and the IUT current time is inside the time validity period of CERT_TS_A_AT and CERT_IUT_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data + * signed using CERT_TS_A_AT + * and containing protocol_version + * indicating 3 + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_MSG_01_BV + * @reference ETSI TS 103 097 [1] Clause 5.1 + * @reference IEEE1609.2[2] Clause 6.3.2 + */ + testcase TC_SEC_ITSS_RCV_MSG_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_digest), + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_MSG_01_BV + + /** + * @desc Check that IUT discards a secured message containing protocol version set to a value less than 3 + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is being authorized with the certificate CERT_IUT_A_AT + * and the IUT current time is inside the time validity period of CERT_TS_A_AT and CERT_IUT_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data + * signed using CERT_TS_A_AT + * and containing protocol_version + * indicating 2 + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_MSG_01_BV + * @reference ETSI TS 103 097 [1] Clause 5.1 + * @reference IEEE1609.2[2] Clause 6.3.2 + */ + testcase TC_SEC_ITSS_RCV_MSG_01_BO() runs on ItsGeoNetworking system ItsSecSystem { + + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + 2 + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_MSG_01_BO + + /** + * @desc Check that ITS-S sends a Ieee1609Dot2Data containing protocol version greather than 3 + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT is being authorized with the certificate CERT_IUT_A_AT + * and the IUT current time is inside the time validity period of CERT_TS_A_AT and CERT_IUT_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data + * signed using CERT_TS_A_AT + * and containing protocol_version + * indicating 4 + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_MSG_02_BV + * @reference ETSI TS 103 097 [1] Clause 5.1 + * @reference IEEE1609.2[2] Clause 6.3.2 + */ + testcase TC_SEC_ITSS_RCV_MSG_02_BO() runs on ItsGeoNetworking system ItsSecSystem { + + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + 4 + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_MSG_02_BO + + /** + * @desc Receiving behaviour test cases for CAM profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3.2 CAM Profile + */ + group recvCamProfile { + + /** + * @desc Check that IUT accepts a valid secured CAM message signed with certificate + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * containing protocolVersion + * indicating 3 + * and containing content.signedData + * containing hashId + * indicating hash algorithm of the verification key of CERT_TS_A_AT + * and containing tbsData + * containing payload + * containing data + * containing protocolVersion + * indicating 3 + * and containing content.unsecuredData + * containing CAM payload + * and containing headerInfo + * containing psid + * indicating CAM AID value + * and containing generationTime + * indicating time within 2sec around the CUR_TIME + * and NOT containing other headers + * and containing signer + * containing certificate + * containing 1 item of type EtsiTs103097Certificate + * indicating CERT_TS_A_AT + * and containing signature + * containing ecdsaNistP256Signature + * containing rSig.x-only + * calculated over the MSG.content.signedData.tbsData + * using verification key of CERT_TS_A_AT + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_01_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_taCert_A, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_01_BV + + /** + * @desc Check that IUT accepts a valid secured CAM message signed with certificate + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * and the IUT has already received the message signed with CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV + * and containing content.signedData.signer + * containing digest + * referencing CERT_TS_A_AT + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_02_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_digest), + f_getTsStationId() + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_digest), + f_getTsStationId() + ); + + vc_utInds := {}; + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_02_BV + + /** + * @desc Check that IUT accepts a valid secured CAM message signed with compressed signature + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV + * and containing content.signedData.signature + * containing ecdsaNistP256Signature + * containing rSig.compressed-y-0 + * or containing rSig.compressed-y-1 + * calculated over the MSG.content.signedData.tbsData + * using verification key of CERT_TS_A_AT + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_03_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_digest), + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_03_BV + + /** + * @desc Check that IUT accepts a valid secured CAM message signed with compressed signature + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * and the IUT current position is inside the region restriction of X_AT_CERTIFICATE + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV + * and containing content.signedData + * containing signer + * containing certificate + * containing 1 item of type EtsiTs103097Certificate + * indicating X_AT_CERTIFICATE + * containing toBeSigned.region + * containing X_FIELD + * and containing signature + * containing ecdsaNistP256Signature + * containing rSig.x-only + * calculated over the MSG.content.signedData.tbsData + * using verification key of X_AT_CERTIFICATE + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_04_BV_XX + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_04_BV_XX() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(PX_AT_CERTIFICATE, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + PX_AT_CERTIFICATE, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_04_BV_XX + + /** + * @desc Check that IUT accepts a valid secured CAM message signed using the brainpoolP256r1 algorithm + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P256R1 + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_B_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV + * and containing content.signedData + * containing signer + * containing certificate + * containing 1 item of type EtsiTs103097Certificate + * indicating CERT_TS_A_B_AT + * containing toBeSigned.verifyKeyIndicator.verificationKey + * containing ecdsaBrainpoolP256r1 + * and containing signature + * containing ecdsaBrainpoolP256r1Signature + * containing rSig.x-only + * calculated over the MSG.content.signedData.tbsData + * using verification key of CERT_TS_A_B_AT + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_05_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_05_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY) or not(PICS_SEC_BRAINPOOL_P256R1)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P256R1' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_iutCert_A_B, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A_B, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_05_BV + + /** + * @desc Check that IUT accepts a valid secured CAM message signed using the brainpoolP384r1 algorithm + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P384R1 + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_B_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV + * and containing content.signedData + * containing signer + * containing certificate + * containing 1 item of type EtsiTs103097Certificate + * indicating CERT_TS_A_B_AT + * containing toBeSigned.verifyKeyIndicator.verificationKey + * containing ecdsaBrainpoolP384r1 + * and containing signature + * containing ecdsaBrainpoolP384r1Signature + * containing rSig.x-only + * calculated over the MSG.content.signedData.tbsData + * using verification key of CERT_TS_A_B_AT + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_06_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_06_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY) or not(PICS_SEC_BRAINPOOL_P384R1)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P384R1' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_iutCert_A_B3, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A_B3, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_06_BV + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field an invalid Psid value + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * not indicating CAM AID value + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_01_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_01_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + true // Wrong AtsAid + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_01_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo does not contains the header field generationLocation + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating CAM AID value + * and containing generationLocation + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_02_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_02_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + true // Add generationLocation + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_02_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field expiryTime + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating CAM AID value + * and containing expiryTime + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_03_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_03_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + true // Add expiryTime + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_03_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field p2pcdLearningRequest + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating CAM AID value + * and containing p2pcdLearningRequest + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_04_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_04_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + true // Add p2pcdLearningRequest + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_04_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field missingCrlIdentifier + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating CAM AID value + * and containing missingCrlIdentifier + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_05_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_05_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + true// Add missingCrlIdentifier + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_05_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field encryptionKey + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating CAM AID value + * and containing encryptionKey + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_06_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_06_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + true// Add encryptionKey + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_06_BO + + /** + * @desc Check that IUT discards a secured CAM if the ‘SignedData' contains an invalid signature algorithm + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV + * and containing SignedData + * containing Signature + * indicating wrong signature algorithm + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_07_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_07_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + true // Alter signature algorithm + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_07_BO + + /** + * @desc Check that IUT discards a secured CAM if the ‘SignerIdentifier' contains an invalid choice + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV + * and containing SignedData + * containing SignerIdentifier + * indicating 'self' + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_08_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_08_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + -, // Alter signature algorithm + true // Alter SignerIdentifier + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_08_BO + + /** + * @desc Check that IUT discards a secured CAM if the Signature cannot be verified + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV + * and containing Signature + * indicating an altered value + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_09_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_09_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + -, // Alter signature algorithm + -, // Alter SignerIdentifier + true // Alter Signature + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_09_BO + + } // End of group recvCamProfile + + /** + * @desc Receiving behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3.3 DENM Profile + */ + group recvDenmProfile { + + /** + * @desc Check that IUT accepts a valid secured DENM message signed with certificate + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * containing protocolVersion + * indicating 3 + * and containing content.signedData + * containing hashId + * indicating hash algorithm of the verification key of CERT_TS_A_AT + * and containing tbsData + * containing payload + * containing data + * containing protocolVersion + * indicating 3 + * and containing content.unsecuredData + * containing DENM payload + * and containing headerInfo + * containing psid + * indicating DENM AID value + * and containing generationTime + * indicating time within 2sec around the CUR_TIME + * and containing generationLocation + * and NOT containing other headers + * and containing signer + * containing certificate + * containing 1 item of type EtsiTs103097Certificate + * indicating CERT_TS_A_AT + * and containing signature + * containing ecdsaNistP256Signature + * containing rSig.x-only + * calculated over the MSG.content.signedData.tbsData + * using verification key of CERT_TS_A_AT + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_01_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_taCert_A, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredDenm( + cc_taCert_A, + valueof(m_headerInfo_denm( + -, + (f_getCurrentTime() * 1000)/*us*/, + m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + ) + )), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_01_BV + + /** + * @desc Check that IUT accepts a valid secured DENM message signed with certificate containing region restriction + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of X_AT_CERTIFICATE + * and the IUT current position is inside the region restriction of X_AT_CERTIFICATE + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_01_BV + * and containing content.signedData + * containing hashId + * indicating hash algorithm of the verification key of CERT_TS_A_AT + * and containing tbsData + * containing headerInfo + * containing generationLocation + * indicating location inside the X_AT_CERTIFICATE region restriction + * and containing signer + * containing certificate + * containing 1 item of type EtsiTs103097Certificate + * indicating X_AT_CERTIFICATE + * containing toBeSigned.region + * containing X_FIELD + * and containing signature + * containing ecdsaNistP256Signature + * containing rSig.x-only + * calculated over the MSG.content.signedData.tbsData + * using verification key of X_AT_CERTIFICATE + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_02_BV_XX + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_02_BV_XX() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(PX_AT_CERTIFICATE, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredDenm( + PX_AT_CERTIFICATE, + valueof(m_headerInfo_denm( + -, + (f_getCurrentTime() * 1000)/*us*/, + m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + ) + )), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_02_BV_XX + + /** + * @desc Check that IUT accepts a valid secured DENM message signed using the brainpoolP256r1 algorithm + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P256R1 + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_B_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_01_BV + * and containing content.signedData + * containing signer + * containing certificate + * containing 1 item of type EtsiTs103097Certificate + * indicating CERT_TS_A_B_AT + * containing toBeSigned.verifyKeyIndicator.verificationKey + * containing ecdsaBrainpoolP256r1 + * and containing signature + * containing ecdsaBrainpoolP256r1Signature + * containing rSig.x-only + * calculated over the MSG.content.signedData.tbsData + * using verification key of CERT_TS_A_B_AT + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_03_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + + // Test adapter configuration + if (not(PICS_GN_SECURITY) or not(PICS_SEC_BRAINPOOL_P256R1)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P256R1' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_iutCert_A_B, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredDenm( + cc_taCert_A_B, + valueof(m_headerInfo_denm( + -, + (f_getCurrentTime() * 1000)/*us*/, + m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + ) + )), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_03_BV + + /** + * @desc Check that IUT accepts a valid secured DENM message signed using the brainpoolP384r1 algorithm + *
+ * Pics Selection: PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P384R1 + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_B3_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_01_BV + * and containing content.signedData + * containing signer + * containing certificate + * containing 1 item of type EtsiTs103097Certificate + * indicating CERT_TS_A_B3_AT + * containing toBeSigned.verifyKeyIndicator.verificationKey + * containing ecdsaBrainpoolP384r1 + * and containing signature + * containing ecdsaBrainpoolP384r1Signature + * containing rSig.x-only + * calculated over the MSG.content.signedData.tbsData + * using verification key of CERT_TS_A_B3_AT + * } then { + * the IUT accepts the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_DENM_04_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_04_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + + // Test adapter configuration + if (not(PICS_GN_SECURITY) or not(PICS_SEC_BRAINPOOL_P384R1)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P384R1' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_iutCert_A_B3, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredDenm( + cc_taCert_A_B3, + valueof(m_headerInfo_denm( + -, + (f_getCurrentTime() * 1000)/*us*/, + m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + ) + )), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_04_BV + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field an invalid Psid value + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * not indicating DENM AID value + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_01_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_01_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + true // Wrong AtsAid + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_01_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo does not contains the header field generationLocation + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating DENM AID value + * and containing generationLocation + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_02_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_02_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + true // Add generationLocation + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_02_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field expiryTime + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating DENM AID value + * and containing expiryTime + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_03_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_03_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + true // Add expiryTime + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_03_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field p2pcdLearningRequest + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating DENM AID value + * and containing p2pcdLearningRequest + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_04_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_04_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + true // Add p2pcdLearningRequest + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_04_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field missingCrlIdentifier + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating DENM AID value + * and containing missingCrlIdentifier + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_05_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_05_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + true// Add missingCrlIdentifier + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_05_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field encryptionKey + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV + * and containing SignedData + * containing ToBeSignedData + * containing HeaderInfo + * containing Psid + * indicating DENM AID value + * and containing encryptionKey + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_06_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_06_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + true// Add encryptionKey + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_06_BO + + /** + * @desc Check that IUT discards a secured DENM if the ‘SignedData' contains an invalid signature algorithm + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV + * and containing SignedData + * containing Signature + * indicating wrong signature algorithm + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_07_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_07_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + true // Alter signature algorithm + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_07_BO + + /** + * @desc Check that IUT discards a secured DENM if the Signature cannot be verified + *
+ * Pics Selection: PICS_GN_SECURITY + * Config Id: CF01 + * Initial conditions: + * with { + * the IUT being in the 'authorized' state + * and the IUT current time is inside the time validity period of CERT_TS_A_AT + * } + * Expected behaviour: + * ensure that { + * when { + * the IUT is receiving a message of type EtsiTs103097Data (MSG) + * indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV + * and containing Signature + * indicating an altered value + * } then { + * the IUT discards the SecuredMessage + * } + * } + *+ * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_09_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_09_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + -, // Alter signature algorithm + -, // Alter SignerIdentifier + true // Alter Signature + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_09_BO + + } // End of group recvDenmProfile + + /** + * @desc Receiving behaviour test cases for Other profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3.4 Generic Signed Message Profile + */ + group recvOtherProfile { + + /** + * @desc Function used to verify the IUT has forwarded or discarded the received secured message sent by the TA + */ + group commonFunctions { + +// /** +// * @desc Behavior function for NodeD in case of forwarding is expected +// * @see TC_GEONW_PON_GBC_BV_01 +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD() runs on ItsGeoNetworking { +// +// // Local variables +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdict(c_prDone, e_success); +// +// // Test Body +// tc_ac.start; +// alt { +// [] geoNetworkingPort.receive( +// mw_geoNwInd( +// mw_geoNwSecPdu( +// mw_ieee1609Dot2Data_dummy, +// mw_geoNwBroadcastPacketWithArea( +// mw_longPosVectorPosition( +// v_longPosVectorNodeB +// ), +// ?, +// f_getGeoBroadcastArea(c_area1) +// )))) { +// tc_ac.stop; +// log("*** " & testcasename() & ": PASS: Beacon message was forwarded ***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// [] geoNetworkingPort.receive( +// mw_geoNwInd( +// mw_geoNwSecPdu( +// mw_ieee1609Dot2Data_dummy +// ))) { +// // Do not restart tc_ac timer +// log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); +// repeat; +// } +// [] tc_ac.timeout { +// log("*** " & testcasename() & ": FAIL: GBC message not received ***"); +// f_selfOrClientSyncAndVerdict(c_tbDone, e_error); +// } +// } +// +// // Postamble +// f_poNeighbour(); +// +// } // End of function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD +// +// /** +// * @desc Behavior function for NodeD in case of forwarding is not expected +// * @see TC_GEONW_PON_GBC_BV_01 +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD() runs on ItsGeoNetworking { +// +// // Local variables +// var LongPosVector v_longPosVectorIut := f_getPosition(c_compIut); +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdict(c_prDone, e_success); +// +// // Test Body +// tc_noac.start; +// alt { +// [] geoNetworkingPort.receive( +// mw_geoNwInd( +// mw_geoNwSecPdu( +// mw_ieee1609Dot2Data_dummy, +// mw_geoNwBroadcastPacketWithArea( +// mw_longPosVectorPosition( +// v_longPosVectorIut +// ), +// ?, +// f_getGeoBroadcastArea(c_area1) +// )))) { +// tc_noac.stop; +// log("*** " & testcasename() & ": FAIL: Beacon message shall ot be forwarded ***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// [] geoNetworkingPort.receive( +// mw_geoNwInd( +// mw_geoNwSecPdu( +// mw_ieee1609Dot2Data_dummy +// ))) { +// // Do not restart tc_ac timer +// log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); +// repeat; +// } +// [] tc_noac.timeout { +// log("*** " & testcasename() & ": PASS: Secured message was discarded ***"); +// f_selfOrClientSyncAndVerdict(c_tbDone, e_success); +// } +// } +// +// // Postamble +// f_poNeighbour(); +// +// } // End of function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD + + } // End of goup commonFunctions + +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate without region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Expected behavior: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields[0] +// * containing type +// * indicating 'signer_info' +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_AT_A) +// * containing subject_info.subject_type +// * indicating 'authorization_ticket' (2) +// * and containing subject_attributes['verification key'] (KEY) +// * and containing validity_restrictions['time_start_and_end'] +// * indicating CERT_TS_AT_TIME_VALIDITY +// * and not containing validity_restrictions['region'] +// * and containing header_fields [1] +// * containing type +// * indicating 'generation_time' +// * containing generation_time +// * indicating CURRENT_TIME +// * inside CERT_TS_AT_TIME_VALIDITY +// * and containing header_fields [2] +// * containing type +// * indicating 'generation_location' +// * containing generation_location +// * and containing generation_location +// * and containing header_fields[3] +// * containing type +// * indicating 'its_aid' +// * and containing its_aid +// * indicating 'AID_BEACON' +// * and containing payload_field +// * containing type +// * indicating 'signed' +// * containing data +// * indicating length > 0 +// * and containing trailer_fields +// * containing single instance of type TrailerField +// * containing type +// * indicating 'signature' +// * containing signature +// * verifiable using KEY +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_01_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_01_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_A)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_01_BV +// +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a circular region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Expected behavior: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_B_AT +// * and the IUT current location is inside the region validity period of CERT_TS_B_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing protocol_version +// * indicating value '2' +// * and containing header_fields[0] +// * containing type +// * indicating 'signer_info' +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_B_AT) +// * containing subject_info.subject_type +// * indicating 'authorization_ticket' (2) +// * and containing subject_attributes['verification key'] (KEY) +// * and containing validity_restrictions['time_start_and_end'] +// * indicating CERT_TS_AT_TIME_VALIDITY +// * and containing validity_restrictions['region'] +// * containing region +// * containing region_type +// * indicating 'circle' +// * and containing circular_region +// * indicating REGION +// * and containing header_fields [1] +// * containing type +// * indicating 'generation_time' +// * containing generation_time +// * indicating CURRENT_TIME +// * and containing header_fields [2] +// * containing type +// * indicating 'generation_location' +// * and containing generation_location +// * and containing header_fields[3] +// * containing type +// * indicating 'its_aid' +// * and containing its_aid +// * indicating 'AID_BEACON' +// * and containing payload_field +// * containing type +// * indicating 'signed' +// * containing data +// * indicating length > 0 +// * and containing trailer_fields +// * containing single instance of type TrailerField +// * containing type +// * indicating 'signature' +// * containing signature +// * verifiable using KEY +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_02_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_02_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_B)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_02_BV +// +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Expected behavior: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_C_AT +// * and the IUT current location is inside the region validity period of CERT_TS_C_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing protocol_version +// * indicating value '2' +// * and containing header_fields[0] +// * containing type +// * indicating 'signer_info' +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_C_AT) +// * containing subject_info.subject_type +// * indicating 'authorization_ticket' (2) +// * and containing subject_attributes['verification key'] (KEY) +// * and containing validity_restrictions['time_start_and_end'] +// * indicating CERT_TS_AT_TIME_VALIDITY +// * and containing validity_restrictions['region'] +// * containing region +// * containing region_type +// * indicating 'rectangle' +// * and containing rectangular_region +// * indicating REGION +// * and containing header_fields [1] +// * containing type +// * indicating 'generation_time' +// * containing generation_time +// * indicating CURRENT_TIME +// * and containing header_fields [2] +// * containing type +// * indicating 'generation_location' +// * and containing generation_location +// * and containing header_fields[3] +// * containing type +// * indicating 'its_aid' +// * and containing its_aid +// * indicating 'AID_BEACON' +// * and containing payload_field +// * containing type +// * indicating 'signed' +// * containing data +// * indicating length > 0 +// * and containing trailer_fields +// * containing single instance of type TrailerField +// * containing type +// * indicating 'signature' +// * containing signature +// * verifiable using KEY +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_03_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_03_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_C)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_03_BV +// +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Expected behavior: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_D_AT +// * and the IUT current location is inside the region validity period of CERT_TS_D_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing protocol_version +// * indicating value '2' +// * and containing header_fields[0] +// * containing type +// * indicating 'signer_info' +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_D_AT) +// * containing subject_info.subject_type +// * indicating 'authorization_ticket' (2) +// * and containing subject_attributes['verification key'] (KEY) +// * and containing validity_restrictions['time_start_and_end'] +// * indicating CERT_TS_AT_TIME_VALIDITY +// * and containing validity_restrictions['region'] +// * containing region +// * containing region_type +// * indicating 'polygon' +// * and containing polygonal_region +// * indicating REGION +// * and containing header_fields [1] +// * containing type +// * indicating 'generation_time' +// * containing generation_time +// * indicating CURRENT_TIME +// * and containing header_fields [2] +// * containing type +// * indicating 'generation_location' +// * and containing generation_location +// * and containing header_fields[3] +// * containing type +// * indicating 'its_aid' +// * and containing its_aid +// * indicating 'AID_BEACON' +// * and containing payload_field +// * containing type +// * indicating 'signed' +// * containing data +// * indicating length > 0 +// * and containing trailer_fields +// * containing single instance of type TrailerField +// * containing type +// * indicating 'signature' +// * containing signature +// * verifiable using KEY +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_04_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_04_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_D)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_04_BV +// +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Expected behavior: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_E_AT +// * and the IUT current location is inside the region validity period of CERT_TS_E_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing protocol_version +// * indicating value '2' +// * and containing header_fields[0] +// * containing type +// * indicating 'signer_info' +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_E_AT) +// * containing subject_info.subject_type +// * indicating 'authorization_ticket' (2) +// * and containing subject_attributes['verification key'] (KEY) +// * and containing validity_restrictions['time_start_and_end'] +// * indicating CERT_TS_AT_TIME_VALIDITY +// * and containing validity_restrictions['region'] +// * containing region +// * containing region_type +// * indicating 'id_region' +// * and containing id_region +// * indicating REGION +// * and containing header_fields [1] +// * containing type +// * indicating 'generation_time' +// * containing generation_time +// * indicating CURRENT_TIME +// * and containing header_fields [2] +// * containing type +// * indicating 'generation_location' +// * and containing generation_location +// * and containing header_fields[3] +// * containing type +// * indicating 'its_aid' +// * and containing its_aid +// * indicating 'AID_BEACON' +// * and containing payload_field +// * containing type +// * indicating 'signed' +// * containing data +// * indicating length > 0 +// * and containing trailer_fields +// * containing single instance of type TrailerField +// * containing type +// * indicating 'signature' +// * containing signature +// * verifiable using KEY +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_05_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_05_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_E)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_05_BV +// +// group g_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB( +// in charstring p_taCert +// ) runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdict(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredBeacon(p_taCert, omit, e_certificate); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of function f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV +// +// /** +// * @desc Check that IUT discards a Secured GN Message containing protocol version set to a value less than 2 +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Expected behavior: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing protocol_version +// * indicating 1 +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_02_01_BO +// * @reference ETSI TS 103 097 [1] Clause 5.1 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_02_01_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB(PX_WRONG_PROTOCOL_VERSION)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_02_01_BO +// +// /** +// * @desc Check that IUT discards a Secured GN Message containing protocol version set to a value greater than 2 +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Expected behavior: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing protocol_version +// * indicating 3 +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_02_02_BO +// * @reference ETSI TS 103 097 [1] Clause 5.1 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_02_02_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB(PX_WRONG_PROTOCOL_VERSION)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_02_02_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB( +// in UInt8 p_protocolVersion +// ) runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdict(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredBeacon_Bo(cc_taCert_A, p_protocolVersion); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of function f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_02_0x_BV +// +// /** +// * @desc Check that IUT discards a secured GN Message if the header_fields contains more than one header field of type 'signer_info' +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'signer_info' +// * and containing header_fields[2].type +// * indicating 'generation_time' +// * and containing header_fields[3].type +// * indicating ''generation_location'' +// * and containing header_fields[4].type +// * containing its_aid +// * indicating 'AID_BEACON' +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_01_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_01_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_01_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_signer_info( +// m_signerIdentifier_certificate( +// vc_aaCertificate +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_01_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the header_fields does not contain the header field of type 'signer_info' +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * and containing header_fields[0].type +// * indicating 'generation_time' +// * and containing header_fields[1].type +// * indicating 'generation_location' +// * and containing header_fields[2].type +// * indicating 'signer_info' +// * and containing header_fields[3].type +// * containing its_aid +// * indicating 'AID_BEACON' +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_02_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_02_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_02_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_02_BO +// +// /** +// * @desc Check that IUT is able to receive a secured GN Message if the signer_info header field is not encoded first. +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * and containing header_fields[0].type +// * indicating 'generation_time' +// * and containing header_fields[1].type +// * indicating 'generation_location' +// * and containing header_fields[2].type +// * containing its_aid +// * indicating 'AID_BEACON' +// * and containing header_fields[3].type +// * indicating 'signer_info' +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_03_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_03_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_03_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other, +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )) +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_03_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_time' +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'generation_time' +// * and containing header_fields[2].type +// * indicating 'generation_time' +// * and containing header_fields[3].type +// * indicating 'generation_time' +// * and containing header_fields[4].type +// * containing its_aid +// * indicating 'AID_BEACON' +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_04_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_04_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_04_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_04_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_time(1000 * f_getCurrentTime() - 1), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_04_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message does not contain the header field of type 'generation_time' +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'generation_time' +// * and containing header_fields[2].type +// * containing its_aid +// * indicating 'AID_BEACON' +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_05_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_05_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_05_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_05_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_05_BO +// +// /** +// * @desc Check that IUT discards a Secured GN Message if the message contains more than one header field of type 'its_aid' +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'generation_time' +// * and containing header_fields[2].type +// * indicating 'generation_location' +// * and containing header_fields[3] +// * containing type +// * indicating 'its_aid' +// * containing its_aid +// * indicating 'AID_BEACON' +// * and containing header_fields[4].type +// * containing its_aid +// * indicating 'AID_BEACON' +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_06_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_06_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_06_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_06_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other, +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_06_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message does not contain the header field of type 'its_aid' +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'generation_time' +// * and containing header_fields[2].type +// * indicating 'generation_location' +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_06a_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_06a_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_06a_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ) +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_location' +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'generation_time' +// * and containing header_fields[2].type +// * indicating 'generation_location' +// * and containing header_fields[3].type +// * indicating 'generation_location' +// * and containing header_fields[4] +// * containing type +// * indicating 'its_aid' +// * containing its_aid +// * indicating 'AID_BEACON' +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_07_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_07_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_07_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_07_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0100'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_07_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_location' +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'generation_time' +// * and containing header_fields[2].type +// * and containing header_fields[4].type +// * indicating 'its_aid' +// * containing its_aid +// * indicating 'AID_BEACON' +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_08_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_08_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_08_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_08_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_08_BO +// +// /** +// * @desc Check that IUT is able to receive a Secured GN Beacon if the header fields are not in the ascending order according to the numbering of the enumeration +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'its_aid' +// * and containing header_fields[2].type +// * indicating 'generation_time' +// * and containing header_fields[3].type +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_09_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_09_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_09_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_09_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_its_aid_Other, +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ) +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_09_BO +// +// /** +// * @desc Check that IUT accepts a GN Secured Message containing optional header field of type 'expiry_time' +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'its_aid' +// * and containing header_fields[2].type +// * indicating 'generation_time' +// * and containing header_fields[3].type +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_11_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_11_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_11_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_11_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_expiry_time( +// 1000 * (3600 + f_getCurrentTime()) // In us +// ), +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_11_BO +// +// /** +// * @desc Check that IUT accepts the Secured GN Message containing additional non-standard HeaderInfo +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) +// * containing header_fields[0].type +// * indicating 'signer_info' +// * and containing header_fields[1].type +// * indicating 'generation_time' +// * and containing header_fields[2].type +// * and containing header_fields[3].type +// * indicating 'its_aid' +// * and containing header_fields[4] +// * containing type +// * indicating non-standard header field type (1000) +// * and containing other_header +// * indicating non-empty data +// * and not containing other header fields +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_12_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_12_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_12_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_12_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_expiry_time( +// 1000 * (3600 + f_getCurrentTime()) // In us +// ), +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other, +// m_header_info_unspecify +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_12_BO +// + } // End of group recvOtherProfile + + /** + * @desc Receiving behaviour test cases for certificates profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3.5 Profiles for certificates + */ + group recvCertificatesProfile { + +// /** +// * @desc Check that IUT discards the AT certificate with version 3 +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_01_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'].signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_01_01_BO_AT) +// * containing version +// * indicating '3' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_01_01_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 & 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_01_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0101_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_01_01_BO +// +// /** +// * @desc Check that IUT discards the AT certificate with version 1 +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_01_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'].signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_01_02_BO_AT) +// * containing version +// * indicating '1' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_01_02_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 & 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_01_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0102_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_01_02_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with version 3 +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_01_03_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'].signer +// * containing type +// * indicating 'certificate_chain' +// * and containing certificate[0] (CERT_TS_01_03_BO_AA) +// * containing version +// * indicating '3' +// * and containing certificate[1] (CERT_TS_01_03_BO_AT) +// * containing signer_info.type +// * indicating 'certificate_digest_with_sha256' +// * and containing signer_info.digest +// * referencing to CERT_TS_01_03_BO_AA +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_01_03_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 & 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_01_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0103_BO, -, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_01_03_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with version 1 +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_01_04_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'].signer +// * containing type +// * indicating 'certificate_chain' +// * and containing certificate[0] (CERT_TS_01_04_BO_AA) +// * containing version +// * indicating '1' +// * and containing certificate[1] (CERT_TS_01_04_BO_AT) +// * and containing signer_info.digest +// * referencing to CERT_TS_01_04_BO_AA +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_01_04_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 & 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_01_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// if (PICS_DEBUG_ADDON) { +// f_sendCertificateAndWaitForCertificateChainRequest(cc_taCert_F, f_generateDefaultCam()); +// } +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0104_BO, -, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_01_04_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_credential' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_02_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'].signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_02_01_BO_AT) +// * containing signer_info.type +// * indicating 'certificate_digest_with_sha256' +// * and containing signer_info.digest +// * referencing to certificate (CERT_TS_A_EC) +// * containing subject_info.subject_type +// * indicating 'enrolment_credential' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_02_01_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0201_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_02_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_credential' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_02_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'].signer +// * containing type +// * indicating 'certificate_chain' +// * and containing certificates[0] (CERT_TS_02_02_BO_AA) +// * containing signer_info.digest +// * referencing to certificate CERT_TS_A_EC +// * containing subject_info.subject_type +// * indicating 'enrolment_credential' +// * and containing certificates[1] (CERT_TS_02_02_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_02_02_BO_AA +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_02_02_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_02_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0202_BO, omit, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_02_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_authority' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_02_03_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'].signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_02_03_BO_AT) +// * containing signer_info.type +// * indicating 'certificate_digest_with_sha256' +// * and containing signer_info.digest +// * referencing to certificate (CERT_TS_A_EA) +// * containing subject_info.subject_type +// * indicating 'enrolment_authority' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_02_03_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_02_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0203_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_02_03_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_authority' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_02_04_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'].signer +// * containing type +// * indicating 'certificate_chain' +// * and containing certificates[0] (CERT_TS_02_04_BO_AA) +// * containing signer_info.digest +// * referencing to certificate CERT_TS_A_EA +// * containing subject_info.subject_type +// * indicating 'enrolment_authority' +// * and containing certificates[1] (CERT_TS_02_04_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_02_04_BO_AA +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_02_04_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_02_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0204_BO, omit, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_02_04_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization ticket certificate contains the subject type 'authorization_ticket' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_03_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer +// * containing certificate (CERT_TS_03_01_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_03_BO_CA +// * containing subject_info.subject_type +// * indicating 'authorization_ticket' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_03_01_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_03_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0301_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_03_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization authority certificate contains the subject type 'authorization_ticket' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_03_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer +// * containing type +// * indicating 'certificate_chain' +// * and containing certificates[0] (CERT_TS_03_02_BO_AA) +// * containing signer_info.digest +// * referencing to CERT_TS_03_BO_CA +// * containing subject_info.subject_type +// * indicating 'authorization_ticket' +// * and containing certificates[1] (CERT_TS_03_02_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_03_02_BO_AA +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_03_02_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_03_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0302_BO, omit, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_03_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the AA certificate contains the subject type 'authorization_authority' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_04_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer +// * containing type +// * indicating 'certificate_chain' +// * and containing certificates[0] (CERT_TS_04_01_BO_AA) +// * containing signer_info.digest +// * referencing to CERT_TS_A_AA +// * and containing certificates[1] (CERT_TS_04_01_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_04_01_BO_AA +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_04_01_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_04_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0401_BO, omit, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_04_01_BO +// +// /** +// * @desc Check that IUT discards the message when signing AT certificate has an invalid signature +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer +// * containing type +// * containing certificate +// * and containing certificates (CERT_TS_A_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_A_AA +// * and containing signature +// * NOT verifiable with CERT_TS_A_AA.subject_attributes['verification_key'].key +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_05_01_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_05_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredCam_Bo( +// cc_taCert_A, +// -, +// 1, +// -, +// e_certificate, +// true, +// true +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_05_01_BO +// +// /** +// * @desc Check that IUT discards the message when the issuing AA certificate of the signing AT certificate has an invalid signature +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_A_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer +// * containing type +// * indicating 'certificate_chain' +// * and containing certificates[0] (CERT_TS_A_AT) +// * containing signer_info.digest +// * referencing to CERT_ROOT +// * and containing signature +// * NOT verifiable with CERT_ROOT.subject_attributes['verification_key'].key +// * and containing certificates[1] (CERT_TS_A_AT) +// * containing signer_info.digest +// * referencing to a CERT_TS_A_AA +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_05_02_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_05_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredCam_Bo( +// cc_taCert_A, +// -, +// 1, +// -, +// e_certificate_chain, +// true, +// false, +// true +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(valueof(v_securedGnPdu.gnPacket.packet.payload)); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_05_02_BO +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the same circular region validity restriction as its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_06_01_BV_AT +// * and the IUT current location is inside the CURCULAR_REGION_AA +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_06_01_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * containing circular_region +// * indicating CURCULAR_REGION_AA +// * and containing signer_info.digest +// * referencing to a CERT_TS_B_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * and containing circular_region +// * indicating CURCULAR_REGION_AA +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_01_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0601_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_01_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_06_02_BV_AT +// * and the IUT current location is inside the CURCULAR_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_06_02_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * containing circular_region +// * indicating CURCULAR_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_B_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * and containing circular_region +// * indicating CURCULAR_REGION_AA +// * fully covering CURCULAR_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_02_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_02_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0602_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_02_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_06_03_BV_AT +// * and the IUT current location is inside the CURCULAR_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_06_03_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * containing circular_region +// * indicating CURCULAR_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_C_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * and containing rectangular_region[0] +// * indicating RECT_REGION_AA +// * fully covering CURCULAR_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_03_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_03_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0603_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_03_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_06_04_BV_AT +// * and the IUT current location is inside the CURCULAR_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_06_04_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * containing circular_region +// * indicating CURCULAR_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_D_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * and containing polygonal_region +// * indicating POLYGON_REGION_AA +// * fully covering CURCULAR_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_04_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_04_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0604_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_04_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_06_05_BV_AT +// * and the IUT current location is inside the CURCULAR_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_06_05_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * containing circular_region +// * indicating CURCULAR_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_E_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing local_region +// * indicating 0 +// * and containing region_identifier +// * indicating ID_REGION_AT +// * fully covering CURCULAR_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_05_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_05_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0605_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_05_BV +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the circular region validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_06_06_BO_AT +// * and the IUT current location is inside the CURCULAR_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_06_06_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * containing circular_region +// * indicating CURCULAR_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_B_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * and containing circular_region +// * indicating CURCULAR_REGION_AT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_06_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_06_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0606_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_06_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is outside of the circular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_06_07_BO_AT +// * and the IUT current location is inside the CURCULAR_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_06_07_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * containing circular_region +// * indicating CURCULAR_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_06_07_BO_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * and containing circular_region +// * indicating CURCULAR_REGION_AA_OUTSIDE +// * not including CURCULAR_REGION_AT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_07_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_07_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0607_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_07_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is not fully covered by the the circular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_06_08_BO_AT +// * and the IUT current location is inside the CURCULAR_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_06_08_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * containing circular_region +// * indicating CURCULAR_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_06_08_BO_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * and containing circular_region +// * indicating CURCULAR_REGION_AA_INTERSECT +// * including partially CURCULAR_REGION_AT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_08_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_08_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0608_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_08_BO +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the same rectangular region validity restriction as its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_07_01_BV_AT +// * and the IUT current location is inside the RECT_REGION_AA +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_07_01_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * containing rectangular_region[0] +// * indicating RECT_REGION_AA +// * and containing signer_info.digest +// * referencing to a CERT_TS_C_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * and containing rectangular_region[0] +// * indicating RECT_REGION_AA +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_01_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0701_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_01_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_07_02_BV_AT +// * and the IUT current location is inside the RECT_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_07_02_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * containing rectangular_region[0] +// * indicating RECT_REGION_AA +// * and containing signer_info.digest +// * referencing to a CERT_TS_B_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * and containing circular_region +// * indicating CURCULAR_REGION_AA +// fully covering the RECT_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_02_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_02_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0702_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_02_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the validity restriction with rectangular region which is fully inside in the rectangular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_07_03_BV_AT +// * and the IUT current location is inside the RECT_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_07_03_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * containing rectangular_region[0] +// * indicating RECT_REGION_AA +// * and containing signer_info.digest +// * referencing to a CERT_TS_B_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * and containing rectangular_region +// * indicating RECT_REGION_AA +// fully covering RECT_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_03_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_03_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0703_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_03_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_07_04_BV_AT +// * and the IUT current location is inside the RECT_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_07_04_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * containing rectangular_region[0] +// * indicating RECT_REGION_AA +// * and containing signer_info.digest +// * referencing to a CERT_TS_D_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * and containing polygonal_region +// * indicating POLYGON_REGION_AA +// fully covering RECT_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_04_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_04_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0704_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_04_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_07_05_BV_AT +// * and the IUT current location is inside the RECT_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_07_05_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * containing rectangular_region[0] +// * indicating RECT_REGION_AA +// * and containing signer_info.digest +// * referencing to a CERT_TS_E_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing local_region +// * indicating 0 +// * and containing region_identifier +// * indicating ID_REGION_AT +// fully covering RECT_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_05_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_05_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0705_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_05_BV +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the rectangular region validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_07_06_BO_AT +// * and the IUT current location is inside the RECT_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_07_06_BO_AT) +// * not containing validity_restrictions['region'] +// * and containing signer_info.digest +// * referencing to a CERT_TS_C_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_06_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_06_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0706_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_06_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is outside of the rectangular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_07_07_BO_AT +// * and the IUT current location is inside the RECT_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_07_07_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * containing rectangular_region[0] +// * indicating RECT_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_07_07_BO_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * and containing rectangular_region[0] +// * indicating RECT_REGION_AA_OUTSIDE +// * not including RECT_REGION_AT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_07_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_07_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0707_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_07_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is not fully covered by the the rectangular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_07_08_BO_AT +// * and the IUT current location is inside the RECT_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_07_08_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * containing rectangular_region[0] +// * indicating RECT_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_07_08_BO_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * and containing rectangular_region[0] +// * indicating RECT_REGION_AA_INTERSECT +// * not partialy RECT_REGION_AT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_08_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_08_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0708_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_08_BO +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the same polygonal region validity restriction as its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_08_01_BV_AT +// * and the IUT current location is inside the POLYGON_REGION_AA +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_08_01_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * containing polygonal_region +// * indicating POLYGON_REGION_AA +// * and containing signer_info.digest +// * referencing to a CERT_TS_D_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * and containing polygonal_region +// * indicating POLYGON_REGION_AA +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_01_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0801_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_01_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_08_02_BV_AT +// * and the IUT current location is inside the POLYGON_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_08_02_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * containing polygonal_region +// * indicating POLYGON_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_B_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * and containing circular_region +// * indicating CURCULAR_REGION_AA +// * fully including POLYGON_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_02_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_02_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0802_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_02_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_08_03_BV_AT +// * and the IUT current location is inside the POLYGON_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_08_03_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * containing polygonal_region +// * indicating POLYGON_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_C_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * and containing rectangular_region[0] +// * indicating RECT_REGION_AA +// * fully including POLYGON_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_03_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_03_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0803_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_03_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_08_04_BV_AT +// * and the IUT current location is inside the POLYGON_REGION_AA +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_08_04_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * containing polygonal_region +// * indicating POLYGON_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_D_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * and containing polygonal_region[0] +// * indicating POLYGON_REGION_AA +// * fully including POLYGON_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_04_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_04_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0804_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_04_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_08_05_BV_AT +// * and the IUT current location is inside the POLYGON_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_08_05_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * containing polygonal_region +// * indicating POLYGON_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_D_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing local_region +// * indicating 0 +// * and containing region_identifier +// * indicating ID_REGION_AT +// * fully including POLYGON_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_05_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_05_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0805_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_05_BV +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the polygonal region validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_08_06_BO_AT +// * and the IUT current location is inside the POLYGON_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_08_06_BO_AT) +// * not containing validity_restrictions['region'] +// * and containing signer_info.digest +// * referencing to a CERT_TS_C_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_06_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_06_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0806_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_06_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the polygonal region validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_08_07_BO_AT +// * and the IUT current location is inside the POLYGON_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_08_07_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * containing polygonal_region (POLYGON_REGION_08_04_BO) +// * indicating length = 2 +// * and containing signer_info.digest +// * referencing to a CERT_TS_D_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * and containing polygonal_region +// * indicating POLYGON_REGION_AA +// * fully covering all points of POLYGON_REGION_08_04_BO +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_07_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_07_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0807_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_07_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is outside of the polygonal region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_08_08_BO_AT +// * and the IUT current location is inside the POLYGON_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_08_08_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * containing polygonal_region +// * indicating POLYGON_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_D_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * and containing polygonal_region +// * indicating POLYGON_REGION_AA_OUTSIDE +// * not including POLYGON_REGION_AT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_08_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_08_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0808_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_08_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is not fully covered by the the polygonal region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_08_09_BO_AT +// * and the IUT current location is inside the POLYGON_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_08_09_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * containing polygonal_region +// * indicating POLYGON_REGION_AT +// * and containing signer_info.digest +// * referencing to a CERT_TS_08_08_BO_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * and containing polygonal_region +// * indicating POLYGON_REGION_AA_INTERSECT +// * including partialy POLYGON_REGION_AT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_09_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_09_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0809_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_09_BO +// +// /** +// * @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and without local area definition +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_01_BV_AT +// * and the IUT current location is inside the ID_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_01_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * and containing signer_info.digest +// * referencing to a CERT_TS_E_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_01_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0901_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_01_BV +// +// /** +// * @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and with local area definition +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_02_BV_AT +// * and the IUT current location is inside the ID_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_02_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating ID_LOCAL_REGION_1 +// * and containing signer_info.digest +// * referencing to a CERT_TS_E_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_02_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0902_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_02_BV +// +// /** +// * @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction fully containing in the circular validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_03_BV_AT +// * and the IUT current location is inside the ID_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_03_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * and containing signer_info.digest +// * referencing to a CERT_TS_09_03_BV_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'circle' +// * and containing circular_region +// * fully covering ID_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_03_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_03_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0903_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_03_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_04_BV_AT +// * and the IUT current location is inside the ID_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_04_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * and containing signer_info.digest +// * referencing to a CERT_TS_E_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'rectangle' +// * and containing rectangular_region[0] +// * fully covering ID_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_04_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_04_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0904_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_04_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_05_BV_AT +// * and the IUT current location is inside the ID_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_05_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * and containing signer_info.digest +// * referencing to a CERT_TS_E_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'polygon' +// * and containing polygonal_region +// * fully covering ID_REGION_AT +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_05_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_05_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0905_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_05_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of the message contains the identified region validity restriction with the identified region which is fully covered by the identified region of the validity restriction of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_06_BV_AT +// * and the IUT current location is inside the ID_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_06_BV_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * and containing signer_info.digest +// * referencing to a CERT_TS_E_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'un_stats' +// * and containing region_identifier +// * indicating ID_REGION_AA_UNSTATS +// * which includes ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * } then { +// * the IUT accepts the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_06_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_06_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0906_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_06_BV +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the identified region validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_07_BO_AT +// * and the IUT current location is inside the ID_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_07_BO_AT) +// * not containing validity_restrictions['region'] +// * and containing signer_info.digest +// * referencing to a CERT_TS_E_AA +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_07_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_07_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0907_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_07_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate and its issuing certificate are both containing the identified region validity restrictions with the same region id but different local regions +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_08_BO_AT +// * and the IUT current location is inside the ID_REGION_AA, local region 1 +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_08_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating ID_LOCAL_REGION_1 +// * and containing signer_info.digest +// * referencing to a CERT_TS_09_08_BO_AA +// * containing validity_restrictions['region'] +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AA +// * and containing local_region +// * indicating ID_LOCAL_REGION_2 +// * not equal to ID_LOCAL_REGION_1 +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_08_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_08_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0908_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_08_BO +// +// /** +// * @desc Check that the IUT discards a message when the identified region of the validity restriction of its signing certificate is different and not fully covered by the one in the issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_09_BO_AT +// * and the IUT current location is inside the ID_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_09_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * and containing signer_info.digest +// * referencing to a CERT_TS_09_09_BO_AA +// * containing validity_restrictions['region'] +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AA_OTHER +// * other than ID_REGION_AT +// * and containing local_region +// * indicating 0 +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_09_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_09_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0909_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_09_BO +// +// /** +// * @desc Check that the IUT discards a message when the identified region validity restriction of its signing certificate contains unknown area code +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_10_BO_AT +// * and the IUT current location is inside the ID_REGION_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_10_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_UNKNOWN +// * and containing local_region +// * indicating 0 +// * and containing signer_info.digest +// * referencing to a CERT_TS_A_AA +// * not containing validity_restrictions['region'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_10_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_10_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0910_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_10_BO +// +// /** +// * @desc Check that the IUT discards a message when the validity restriction of its signing certificate contains the identified region of type iso-3166-1 but region code is from the UN-Stats dictionary +// *
+// * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_09_11_BO_AT +// * and the IUT current location is inside the ID_REGION_AA_UNSTATS +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_09_11_BO_AT) +// * containing validity_restrictions['region'] +// * containing region_type +// * indicating 'id' +// * and containing id_region +// * containing region_dictionary +// * indicating 'iso_3166_1' +// * and containing region_identifier +// * indicating ID_REGION_AA_UNSTATS +// * and containing local_region +// * indicating 0 +// * and containing signer_info.digest +// * referencing to a CERT_TS_A_AA +// * not containing validity_restrictions['region'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_11_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_11_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0911_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_11_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate does not contain the time validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_10_01_BO_AT +// * and the IUT current location is inside the CERT_TS_10_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_10_01_BO_AT) +// * containing validity_restrictions['time_start_and_end'] +// * and not containing validity_restrictions['time_end'] +// * and not containing validity_restrictions['time_start_and_duration'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1001_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_01_BO +// +// /** +// * @desc Check that the IUT discards a message when the issuing certificate of the message signing certificate does not contain the time validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current location is inside the CERT_TS_10_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_10_02_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_10_02_BO_AA +// * containing validity_restrictions['time_start_and_end'] +// * and not containing validity_restrictions['time_end'] +// * and not containing validity_restrictions['time_start_and_duration'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1002_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_02_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate contains 'time_end' validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is less then time_end validity restricyion of CERT_TS_10_03_BO_AT +// * and the IUT current location is inside the CERT_TS_10_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_10_03_BO_AT) +// * containing validity_restrictions['time_end'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_03_BO +// * @reference ETSI TS 103 097 [1] Clauses 7.4.2 & 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1003_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_03_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_10_04_BO_AT +// * and the IUT current location is inside the CERT_TS_10_04_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_10_04_BO_AT) +// * containing validity_restrictions['time_start_and_duration'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_04_BO +// * @reference ETSI TS 103 097 [1] Clauses 7.4.2 & 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1004_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_04_BO +// +// /** +// * @desc Check that the IUT discards a message when the issuing certificate of the message signing certificate contains 'time_end' validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is less then time_end validity restricyion of CERT_TS_10_05_BO_AT +// * and the IUT current location is inside the CERT_TS_10_05_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_10_05_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_10_05_BO_AA +// * containing validity_restrictions['time_end'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_05_BO +// * @reference ETSI TS 103 097 [1] Clauses 7.4.2 & 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_05_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1005_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_05_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is less then time_end validity restricyion of CERT_TS_10_06_BO_AT +// * and the IUT current location is inside the CERT_TS_10_06_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields['signer_info'] +// * and containing signer +// * containing type +// * containing certificate +// * and containing certificate (CERT_TS_10_06_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_10_06_BO_AA +// * containing validity_restrictions['time_start_and_duration'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_06_BO +// * @reference ETSI TS 103 097 [1] Clauses 7.4.2 & 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_06_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1006_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_06_BO +// +// /** +// * @desc Check that the IUT discards a message when the validity period of the signing certificate ends after the validity period of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_01_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_A_AA +// * containing validity_restrictions['time_start_and_end'] +// * containing start_validity +// * indicating START_VALIDITY_AA +// * and containing end_validity +// * indicating END_VALIDITY_AA +// * and containing validity_restrictions['time_start_and_end'] +// * containing start_validity +// * indicating START_VALIDITY_AA +// * and containing end_validity +// * indicating END_VALIDITY_AA + 1d +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_11_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_11_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1101_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_11_01_BO +// +// /** +// * @desc Check that the IUT discards a message when the validity period of its signing certificate starts before the validity period of the issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_02_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_A_AA +// * containing validity_restrictions['time_start_and_end'] +// * containing start_validity +// * indicating START_VALIDITY_AA +// * and containing end_validity +// * indicating END_VALIDITY_AA +// * and containing validity_restrictions['time_start_and_end'] +// * containing start_validity +// * indicating START_VALIDITY_AA - 1d +// * and containing end_validity +// * indicating END_VALIDITY_AA +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_11_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_11_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1102_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_11_02_BO +// +// /** +// * @desc Check that the IUT discards a message when the issuing certificate of signing certificate is expired but the signing certificate is not expired yet. +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_03_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_A_AA +// * containing validity_restrictions['time_start_and_end'] +// * containing start_validity +// * indicating START_VALIDITY_AA - 365d +// * and containing end_validity +// * indicating END_VALIDITY_AA - 1d +// * and containing validity_restrictions['time_start_and_end'] +// * containing start_validity +// * indicating START_VALIDITY_AA - 365d +// * and containing end_validity +// * indicating END_VALIDITY_AA +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_11_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_11_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1103_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_11_03_BO +// +// /** +// * @desc Check that the IUT discards a message when the validity period of the signing certificate is after the validity period of its issuing certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_04_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_A_AA +// * containing validity_restrictions['time_start_and_end'] +// * containing start_validity +// * indicating START_VALIDITY_AA +// * and containing end_validity +// * indicating END_VALIDITY_AA + 365d +// * and containing validity_restrictions['time_start_and_end'] +// * containing start_validity +// * indicating START_VALIDITY_AA +// * and containing end_validity +// * indicating END_VALIDITY_AA + 365d +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_11_04_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_11_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1104_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_11_04_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate does not contain the SSP-AID subject attribute +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_12_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Ieee1609Dot2Data +// * containing header_fields ['signer_info'].signer.certificate (CERT_TS_12_01_BO_AT) +// * not containing subject_attributes['its_aid_ssp_list'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_12_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_12_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1201_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_12_01_BO +// +// /** +// * @desc Check that the IUT discards a Secured CAM when its signing certificate does not contain a record with AID_CAM in the its_aid_ssp_list subject attribute +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_12_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['its_aid'] +// * containing its_aid +// * indicating 'AID_CAM' +// * and containing header_fields ['signer_info'] +// * containing signer +// * containing certificate +// * indicating CERT_TS_12_02_BO_AT +// * containing subject_attributes['its_aid_ssp_list'] +// * not containing an item +// * containing its_aid +// * indicating 'AID_CAM' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_12_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_12_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1202_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_12_02_BO +// +// /** +// * @desc Check that the IUT discards a Secured DENM when its signing certificate does not contain a record with AID_DENM in the its_aid_ssp_list subject attribute +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_12_03_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured DENM (MSG_SEC_RCV_DENM_A) +// * containing header_fields ['its_aid'] +// * containing its_aid +// * indicating 'AID_DENM' +// * and containing header_fields ['signer_info'] +// * containing signer +// * containing certificate +// * indicating CERT_TS_12_03_BO_AT +// * containing subject_attributes['its_aid_ssp_list'] +// * not containing an item +// * containing its_aid +// * indicating 'AID_DENM' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_12_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_12_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredDenm(cc_taCert1203_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_12_03_BO +// +// /** +// * @desc Check that the IUT discards a Secured CAM when its signing certificate contains two records with AID_CAM in the its_aid_ssp_list subject attribute +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA +// * and the IUT current location is inside the CERT_TS_12_04_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['its_aid'] +// * containing its_aid +// * indicating 'AID_CAM' +// * and containing header_fields ['signer_info'] +// * containing signer +// * containing certificate +// * indicating CERT_TS_12_04_BO_AT +// * containing subject_attributes['its_aid_ssp_list'] +// * containing item [0].its_aid +// * indicating 'AID_CAM' +// * and containing item [1].its_aid +// * indicating 'AID_CAM' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_12_04_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_12_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1204_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_12_04_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing AT certificate contains a CAM AID-SSP record whereas the issuing AA certificate does not contain the record with AID_CAM +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_13_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_01_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_13_01_BO_AA +// * containing validity_restrictions['its_aid_list'] +// * not containing 'AID_CAM' +// * and containing validity_restrictions['its_aid_ssp_list'] +// * containing a record +// * containing its_aid +// * indicating 'AID_CAM' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_13_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_13_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1301_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_13_01_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing AT certificate contains a DENM AID-SSP record whereas the issuing AA certificate does not contain the AID record with AID_DENM +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_13_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured DENM (MSG_SEC_RCV_DENM_A) +// * containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_02_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_13_02_BO_AA +// * containing validity_restrictions['its_aid_list'] +// * not containing 'AID_DENM' +// * and containing validity_restrictions['its_aid_ssp_list'] +// * containing a record +// * containing its_aid +// * indicating 'AID_DENM' +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_13_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_13_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredDenm(cc_taCert1302_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_13_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the AA certificate does not contain a subject_attribute of type its_aid_list +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_13_03_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_03_BO_AT) +// * containing signer_info.digest +// * referencing to CERT_TS_13_03_BO_AA +// * not containing validity_restrictions['its_aid_list'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_13_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_13_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredDenm(cc_taCert1303_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_13_03_BO +// +// /** +// * @desc Check that IUT discards the AT certificate with signer info of type 'certificate' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_14_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_14_01_BO_AT) +// * containing signer_info.type +// * containing certificate +// * and containing certificate +// * indicating CERT_TS_AA_A +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_14_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_14_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1401_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_14_01_BO +// +// /** +// * @desc Check that IUT discards the AT certificate with signer info of type 'certificate_chain' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_14_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_14_02_BO_AT) +// * containing signer_info.type +// * indicating 'certificate_chain' +// * and containing certificates[0] +// * indicating certificate (CERT_TEST_ROOT) +// * and containing certificates[1] +// * indicating certificate (CERT_TS_AA_A) +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_14_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_14_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1402_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_14_02_BO +// +// /** +// * @desc Check that IUT discards the AT certificate with signer info of type 'certificate_digest_with_other_algorithm' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_14_03_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_14_03_BO_AT) +// * containing signer_info.type +// * indicating 'certificate_digest_with_other_algorithm' +// * and containing digest +// * referencing CERT_TS_AA_A +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_14_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_14_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1403_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_14_03_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with signer info of type 'certificate' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_15_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_15_01_BO_AT) +// * containing signer_info.digest +// * referencing to certificate (CERT_TS_15_01_BO_AA) +// * containing signer_info +// * containing type +// * containing certificate +// * and containing certificate +// * indicating CERT_TEST_ROOT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_15_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_15_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1501_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_15_01_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with signer info of type 'certificate_chain' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_15_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_15_02_BO_AT) +// * containing signer_info.type +// * indicating 'certificate_chain' +// * and containing certificates[0] +// * indicating certificate (CERT_TEST_ROOT) +// * and containing certificates[1] +// * indicating certificate (CERT_TS_15_02_BO_CA) +// * containing signer_info +// * containing type +// * indicating 'certificate_digest_with_sha256' +// * and containing digest +// * referencing to CERT_TEST_ROOT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_15_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_15_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1502_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_15_02_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with signer info of type 'certificate_digest_with_other_algorithm' +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_15_03_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_15_03_BO_AT) +// * containing signer_info.type +// * indicating 'certificate_digest_with_other_algorithm' +// * and containing digest +// * referencing CERT_TEST_ROOT +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_15_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_15_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1503_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_15_03_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject_name of the AT certificate is not an empty name field +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_16_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_16_01_BO_AT) +// * containing signer_info.digest +// * referencing to certificate (CERT_TS_16_01_BO_AA) +// * containing signer_infosubject_name +// * indicating non-empty string ('Invalid name') +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_16_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_16_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1601_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_16_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject attribute of type assurance_level is missing in the AT certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_17_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_17_01_BO_AT) +// * not containing subject_attributes['assurance_level'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_17_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_17_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1701_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_17_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject attribute of type assurance_level is missing in the AA certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_17_02_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_17_02_BO_AT) +// * containing signer_info.digest +// * referencing to certificate (CERT_TS_17_02_BO_AA) +// * not containing subject_attributes['assurance_level'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_17_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_17_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1702_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_17_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the assurance level of issuing certificate is less then assurance level of subordinate certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_17_03_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_17_03_BO_AT) +// * containing subject_attributes['assurance_level'] +// * containing assurance_level +// * indicating 0x80 (assurance level=4, confidence=0) +// * and containing signer_info.digest +// * referencing to certificate (CERT_TS_A_AA) +// * containing subject_attributes['assurance_level'] +// * containing assurance_level +// * indicating 0x60 (assurance level=3, confidence=0) +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_17_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_17_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1703_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_17_03_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the assurance level of issuing certificate is equal to the assurance level of the subordinate certificate but the confidence of subject assurance of issuing certificate is less then the confidence of the subordinate certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_17_04_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_17_04_BO_AT) +// * containing subject_attributes['assurance_level'] +// * containing assurance_level +// * indicating 0x61 (assurance level=3, confidence=1) +// * and containing signer_info.digest +// * referencing to certificate (CERT_TS_A_AA) +// * containing subject_attributes['assurance_level'] +// * containing assurance_level +// * indicating 0x60 (assurance level=3, confidence=0) +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_17_04_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_17_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1704_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_17_04_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject attribute of type verification_key is missing in the AT certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_18_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_18_01_BO_AT) +// * not containing subject_attributes['verification_key'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_18_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_18_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1801_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_18_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject attribute of type verification_key is missing in the AA certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * and the IUT current time is inside the time validity period of CERT_TS_18_01_BO_AT +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.type +// * containing certificate +// * and containing certificate (CERT_TS_18_02_BO_AT) +// * containing signer_info.digest +// * referencing to certificate (CERT_TS_18_02_BO_AA) +// * not containing subject_attributes['verification_key'] +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_18_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_18_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1802_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_18_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the reserved region type has been used in region validity restriction of the AT certificate +// *
+// * Pics Selection: PICS_GN_SECURITY +// * Config Id: CF01 +// * Initial conditions: +// * with { +// * the IUT being in the 'authorized' state +// * } +// * ensure that { +// * when { +// * the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01) +// * containing header_fields ['signer_info'].signer.certificate (CERT_TS_19_01_BO_AT) +// * containing region_type +// * indicating 240 +// * } then { +// * the IUT discards the message +// * } +// * } +// *+// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_19_01_BO +// * @reference ETSI TS 103 097 [1] Clause 4.2.2.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_19_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1901_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_19_01_BO +// + } // End of group recvCertificatesProfile +// + } // End of group receiverbehavior + +} // End of module ItsSecurity_TestCase diff --git a/ItsSecurity_TestControl.ttcn b/ItsSecurity_TestControl.ttcn new file mode 100644 index 0000000000000000000000000000000000000000..7292128394084bef40abb82414ffede24de244fc --- /dev/null +++ b/ItsSecurity_TestControl.ttcn @@ -0,0 +1,104 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 + * @version $Url$ + * $Id$ + * @desc Test Control file for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module ItsSecurity_TestControl { + + // LibItsGeoNetworking + import from LibItsGeoNetworking_Pics all; + + // ItsSecurity + import from ItsSecurity_TestCases all; + import from LibItsSecurity_Pics all; + + // Test Execution + control { + + /** + * @desc Sending behaviour test cases + * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2 Sending behaviour + */ + if (PICS_GN_SECURITY) { + execute(TC_SEC_ITSS_SND_MSG_01_BV()); + + /** + * @desc Sending behaviour test cases for CAM profile + * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.4 CAM profile + */ + execute(TC_SEC_ITSS_SND_CAM_01_BV()); + execute(TC_SEC_ITSS_SND_CAM_02_BV()); + execute(TC_SEC_ITSS_SND_CAM_03_BV()); + execute(TC_SEC_ITSS_SND_CAM_04_BV()); + execute(TC_SEC_ITSS_SND_CAM_05_BV()); + execute(TC_SEC_ITSS_SND_CAM_06_BV()); + execute(TC_SEC_ITSS_SND_CAM_07_BV()); + execute(TC_SEC_ITSS_SND_CAM_08_BV()); + execute(TC_SEC_ITSS_SND_CAM_09_BV()); + execute(TC_SEC_ITSS_SND_CAM_10_BV()); + execute(TC_SEC_ITSS_SND_CAM_11_01_BV()); + execute(TC_SEC_ITSS_SND_CAM_11_02_BV()); + execute(TC_SEC_ITSS_SND_CAM_12_BV()); + execute(TC_SEC_ITSS_SND_CAM_13_BV()); + execute(TC_SEC_ITSS_SND_CAM_14_BV()); + execute(TC_SEC_ITSS_SND_CAM_15_BV()); + execute(TC_SEC_ITSS_SND_CAM_16_BV()); + execute(TC_SEC_ITSS_SND_CAM_17_BV()); + execute(TC_SEC_ITSS_SND_CAM_18_BV()); + execute(TC_SEC_ITSS_SND_CAM_19_BV()); + execute(TC_SEC_ITSS_SND_CAM_20_BV()); + execute(TC_SEC_ITSS_SND_CAM_21_BV()); + execute(TC_SEC_ITSS_SND_CAM_22_BV()); + execute(TC_SEC_ITSS_SND_CAM_23_BV()); + execute(TC_SEC_ITSS_SND_CAM_24_BV()); + execute(TC_SEC_ITSS_SND_CAM_25_BV()); + execute(TC_SEC_ITSS_SND_CAM_26_BV()); + execute(TC_SEC_ITSS_SND_CAM_27_BV()); + + /** + * @desc Sending behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.5 DENM profile + */ + execute(TC_SEC_ITSS_SND_DENM_01_BV()); + execute(TC_SEC_ITSS_SND_DENM_02_BV()); + execute(TC_SEC_ITSS_SND_DENM_03_BV()); + execute(TC_SEC_ITSS_SND_DENM_04_BV()); + execute(TC_SEC_ITSS_SND_DENM_05_BV()); + execute(TC_SEC_ITSS_SND_DENM_06_BV()); + execute(TC_SEC_ITSS_SND_DENM_07_BV()); + //execute(TC_SEC_ITSS_SND_DENM_08_BV()); Removed + execute(TC_SEC_ITSS_SND_DENM_09_BV()); + execute(TC_SEC_ITSS_SND_DENM_10_BV()); + execute(TC_SEC_ITSS_SND_DENM_11_BV()); + execute(TC_SEC_ITSS_SND_DENM_12_BV()); + execute(TC_SEC_ITSS_SND_DENM_13_BV()); + execute(TC_SEC_ITSS_SND_DENM_14_BV()); + execute(TC_SEC_ITSS_SND_DENM_15_BV()); + execute(TC_SEC_ITSS_SND_DENM_16_BV()); + execute(TC_SEC_ITSS_SND_DENM_17_BV()); + execute(TC_SEC_ITSS_SND_DENM_18_BV()); + + /** + * @desc Sending behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.6 Generic signed message profile + */ + execute(TC_SEC_ITSS_SND_GENMSG_01_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_02_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_03_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_04_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_05_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_06_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_07_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_08_BV()); + + } + + } // End of 'control' statement + +} // End of module ItsSecurity_TestControl diff --git a/ItsSecurity_TestSystem.ttcn b/ItsSecurity_TestSystem.ttcn new file mode 100644 index 0000000000000000000000000000000000000000..5ac3be84cec41e1f57a970d673cb3eb05b5b2a05 --- /dev/null +++ b/ItsSecurity_TestSystem.ttcn @@ -0,0 +1,40 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF538 / STF545 + * @version $Url: https://oldforge.etsi.org/svn/ITS/tags/20170222_STF527_Final/ttcn/AtsSecurity/ItsSecurity_TestSystem.ttcn $ + * $Id: ItsSecurity_TestSystem.ttcn 2655 2017-01-26 10:46:08Z filatov $ + * @desc Module containing t fest system description for the secured GN ATS + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module ItsSecurity_TestSystem { + + import from LibItsCam_TestSystem all; + import from LibItsDenm_TestSystem all; + import from LibItsGeoNetworking_TestSystem all; + + /** + * @desc Secured GN test system description + * @member acPort Test Adapter control port + * @member geoNetworkingPort GeoNetworking port + * @member utPort GeoNetworking UT port + * @member denmUtPort DENM UT port + * @member cammUtPort CAM UT port + */ + type component ItsSecSystem { + + port LibItsGeoNetworking_TestSystem.AdapterControlPort acPort; + + // NT2 ports + port LibItsGeoNetworking_TestSystem.UpperTesterPort utPort; + port GeoNetworkingPort geoNetworkingPort; + + // FA ports + port LibItsDenm_TestSystem.UpperTesterPort denmUtPort; + port LibItsCam_TestSystem.UpperTesterPort camUtPort; + + } // End of ItsSecSystem + +} // End of module ItsSecurity_TestSystem diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000000000000000000000000000000000000..3e059d376f2fde5331f5f7160ee6291b634d3764 --- /dev/null +++ b/LICENSE @@ -0,0 +1,23 @@ +Copyright 2021 ETSI + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: +1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. +3. Neither the name of the copyright holder nor the names of its contributors + may be used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/lib/LibItsSecurity_EncdecDeclarations.ttcn b/lib/LibItsSecurity_EncdecDeclarations.ttcn new file mode 100644 index 0000000000000000000000000000000000000000..8c562aa6ec9b63ca08bf98c81920c36bc25f4519 --- /dev/null +++ b/lib/LibItsSecurity_EncdecDeclarations.ttcn @@ -0,0 +1,59 @@ +module LibItsSecurity_EncdecDeclarations { + + // LibIts + //import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; + //import from EtsiTs103097Module language "ASN.1:1997" all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + + /** + * @desc Encoding function for EtsiTs103097Certificate certificate + * @param p The certificate to encode + * @return The encode message in OER format + */ + external function fx_enc_CertificateBase(in Ieee1609Dot2.CertificateBase p) return bitstring + with {extension "prototype(convert) encode(PER)"} + + external function fx_dec_CertificateBase(inout bitstring b, out Ieee1609Dot2.CertificateBase p) return integer + with {extension "prototype(sliding) decode(PER)"} + + /** + * @desc Encoding function for Ieee1609Dot2.ToBeSignedCertificate + * @param p The ToBeSign part of the certificate + * @return The encode message in OER format + */ + external function fx_enc_ToBeSignedCertificate(in Ieee1609Dot2.ToBeSignedCertificate p) return bitstring + with {extension "prototype(convert) encode(PER)"} + + /** + * @desc Encoding function for Ieee1609Dot2.Ieee1609Dot2Data + * @param p The Ieee1609Dot2Data part of the certificate + * @return The encode message in OER format + */ + external function fx_enc_Ieee1609Dot2Data(in Ieee1609Dot2.Ieee1609Dot2Data p) return bitstring + with {extension "prototype(convert) encode(PER)"} + + external function fx_dec_Ieee1609Dot2Data(inout bitstring p_data, out Ieee1609Dot2.Ieee1609Dot2Data p_ieee1609Dot2Data) return integer + with {extension "prototype(sliding) decode(PER)"} + + external function fx_enc_Ieee1609Dot2ToBeSignedData(in Ieee1609Dot2.ToBeSignedData p) return bitstring + with {extension "prototype(convert) encode(PER)"} + + external function fx_dec_Ieee1609Dot2ToBeSignedData(inout bitstring p_data, out Ieee1609Dot2.ToBeSignedData p_toBeSignedData) return integer + with {extension "prototype(sliding) decode(PER)"} + + external function fx_enc_SspCAM (LibItsSecurity_TypesAndValues.SspCAM p_ssp) return bitstring + with {extension "prototype(convert) encode(LibItsSecurity)"} + + external function fx_dec_SspCAM (inout bitstring p_data, out LibItsSecurity_TypesAndValues.SspCAM p_ssp) return integer + with {extension "prototype(sliding) decode(LibItsSecurity)"} + + external function fx_enc_SspDENM (LibItsSecurity_TypesAndValues.SspDENM p_ssp) return bitstring + with {extension "prototype(convert) encode(LibItsSecurity)"} + + external function fx_dec_SspDENM (inout bitstring p_data, out LibItsSecurity_TypesAndValues.SspDENM p_ssp) return integer + with {extension "prototype(sliding) decode(LibItsSecurity)"} + +} // End of module LibItsSecurity_EncdecDeclarations diff --git a/lib/LibItsSecurity_Pics.ttcn b/lib/LibItsSecurity_Pics.ttcn new file mode 100644 index 0000000000000000000000000000000000000000..ce71b5629b50b22f77b1b718fd04bb098aee27d0 --- /dev/null +++ b/lib/LibItsSecurity_Pics.ttcn @@ -0,0 +1,97 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 + * @version $Url: https://oldforge.etsi.org/svn/LibIts/tags/20170222_STF527_Final/ttcn/Security/LibItsSecurity_Pics.ttcn3 $ + * $Id: LibItsSecurity_Pics.ttcn3 1318 2017-01-26 10:20:53Z filatov $ + * @desc Module containing Pics for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module LibItsSecurity_Pics { + + // LibIts + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + + /** + * Does the IUT support SHA-256 digest + */ + modulepar boolean PICS_SEC_SHA256 := true; + + /** + * Does the IUT support SHA-384 digest + */ + modulepar boolean PICS_SEC_SHA384 := false; + + /** + * Does the IUT support NIST P256 algorithm + */ + modulepar boolean PICS_SEC_NIST_P256 := true; + + /** + * Does the IUT support Brainpool P256r1 algorithm + */ + modulepar boolean PICS_SEC_BRAINPOOL_P256R1 := false; + + /** + * Does the IUT support Brainpool P384r1 algorithm + */ + modulepar boolean PICS_SEC_BRAINPOOL_P384R1 := false; + + /** + * Is the IUT able to distribute AT certificates + */ + modulepar boolean PICS_SEC_P2P_AT_DISTRIBUTION := true; + + /** + * Is the IUT able to distribute AA certificates + */ + modulepar boolean PICS_SEC_P2P_AA_DISTRIBUTION := true; + + /** + * Is the IUT support certificates pushing + */ + modulepar boolean PICS_SEC_CERTIFICATE_SELECTION := true; + + /** + * Is the IUT support circular region geographical restriction + */ + modulepar boolean PICS_SEC_CIRCULAR_REGION := true; + + /** + * Does the IUT support rectangular region geographical restriction + */ + modulepar boolean PICS_SEC_RECTANGULAR_REGION := true; + + /** + * Does the IUT support polygonal region geographical restriction + */ + modulepar boolean PICS_SEC_POLYGONAL_REGION := true; + + /** + * Is the IUT support identified region geographical restriction + */ + modulepar boolean PICS_SEC_IDENTIFIED_REGION := true; + + /** + * Does the IUT support identified region/UN geographical restriction + */ + //TODO Remove modulepar boolean PICS_SEC_UN_STATS_REGION_DICTIONARY := true; + + /** + * Does the IUT support identified region/ISO31661 geographical restriction + */ + //TODO Remove modulepar boolean PICS_ISO31661_REGION_DICTIONARY := true; + + /** + * Does the IUT support ITS-AID for Generic profile? + */ + modulepar boolean PICS_SEC_ITS_AID_OTHER := true; + +} // End of module LibItsSecurity_Pics diff --git a/lib/LibItsSecurity_Pixits.ttcn b/lib/LibItsSecurity_Pixits.ttcn new file mode 100644 index 0000000000000000000000000000000000000000..4d62565e12e9bf1de408d67cea2a67be77adbe59 --- /dev/null +++ b/lib/LibItsSecurity_Pixits.ttcn @@ -0,0 +1,65 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF538 + * @version $Url: https://oldforge.etsi.org/svn/LibIts/tags/20170222_STF527_Final/ttcn/Security/LibItsSecurity_Pixits.ttcn3 $ + * $Id: LibItsSecurity_Pixits.ttcn3 1318 2017-01-26 10:20:53Z filatov $ + * @desc Module containing Pixits for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module LibItsSecurity_Pixits { + + // LibCommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_DataStrings all; + + // LibIts + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + /** + * @desc Root path to access certificate stored in files, identified by certficate ID + */ + modulepar charstring PX_CERTIFICATE_POOL_PATH := "data/v3/certificates"; + + /** + * @desc Configuration sub-directory to access certificate stored in files + */ + modulepar charstring PX_IUT_SEC_CONFIG_NAME := ""; + + /** + * @desc The certficate the IUT should use. Default: CERT_IUT_A_AT + * @remark If the IUT cannot use the test certificates, set this PIXIT to CERT_NONE + */ + modulepar charstring PX_IUT_DEFAULT_CERTIFICATE := "CERT_IUT_A_AT"; + + /** + * @desc The certficate the IUT should use. Default: CERT_TS_B_AT + * @remark Possible values: CERT_TS_C_AT, CERT_TS_D_AT, or CERT_TS_E_AT + */ + modulepar charstring PX_AT_CERTIFICATE := "CERT_TS_B_AT"; + + /** + * @desc ITS-AID value for other profile. Default: 38 + */ + modulepar Psid PX_OTHER_ITS_AID := 141; // Assign to GN-MGMT, Other than CA, DEN, MAP, SPAT, IVI, SRE, SSE & GN-MGMT: 38 + + /** + * @desc Invalid protocol version. Default: 3 + */ + modulepar UInt8 PX_WRONG_PROTOCOL_VERSION := 4; + + /** + * @desc Invalid WGS longitude + */ + modulepar SecLongitude PX_WGSLONGITUDE := 0; + + /** + * @desc Invalid WGS latitude. Default: 1 + */ + modulepar SecLatitude PX_WGSLATITUDE := 0; + +} // End of module LibItsSecurity_Pixits diff --git a/lib/LibItsSecurity_Templates.ttcn b/lib/LibItsSecurity_Templates.ttcn new file mode 100644 index 0000000000000000000000000000000000000000..3f034975f06c4cb4142e659688d8905af34d3a55 --- /dev/null +++ b/lib/LibItsSecurity_Templates.ttcn @@ -0,0 +1,2101 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF538 / STF545 + * @version $Url$ + * $Id$ + * @desc Module containing templates for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module LibItsSecurity_Templates { + + // LibCommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_DataStrings all; + + // LibItsCommon + import from LibItsCommon_TypesAndValues all; + + // LibItsGeoNetworking + import from LibItsGeoNetworking_TypesAndValues all; + + // LibIts + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + import from LibItsSecurity_Pixits all; + + /** + * @desc Constants declaration + */ + group constants { + + /** + * @desc Protocol version + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.1 Ieee1609Dot2Data + */ + const UInt8 c_protocol_version := 3; + + /** + * @desc Certificate version + * @see Draft ETSI TS 103 097 V1.3.1 Clause 6.1 Certificate + */ + const UInt8 c_certificate_version := 3; + + /** + * @desc Its AID for Other + * @see Draft ETSI TS 103 097 V1.3.1 Clause 7.3 Security profile for DENMs + */ + template Psid c_its_aid_Other := PX_OTHER_ITS_AID; + + /** + * @desc Minimal value of Longitude + */ + const SecLongitude c_minLongitude := -1799999999; // TODO Use constant from Ieee1609Dot2BaseTypes + + /** + * @desc Maximal value of Longitude + */ + const SecLongitude c_maxLongitude := 1800000000; // TODO Use constant from Ieee1609Dot2BaseTypes + + /** + * @desc Minimal value of Latitude + */ + const SecLatitude c_minLatitude := -900000000; // TODO Use constant from Ieee1609Dot2BaseTypes + + /** + * @desc Maximal value of Latitude + */ + const SecLatitude c_maxLatitude := 900000000; // TODO Use constant from Ieee1609Dot2BaseTypes + + /** + * @desc List of ISO-3166 country codes + */ + const SequenceOfUint16 c_iso3166Codes := { + 4, 8, 10, 12, 16, 20, 24, 28, 31, 32, 36, 40, 44, 48, 50, 51, 52, 56, + 60, 64, 68, 70, 72, 74, 76, 84, 86, 90, 92, 96, 100, 104, 108, 112, 116, 120, + 124, 132, 136, 140, 144, 148, 152, 156, 158, 162, 166, 170, 174, 175, 178, 180, 184, 188, + 191, 192, 196, 203, 204, 208, 212, 214, 218, 222, 226, 231, 232, 233, 234, 238, 239, 242, + 246, 248, 250, 254, 258, 260, 262, 266, 268, 270, 275, 276, 288, 292, 296, 300, 304, 308, + 312, 316, 320, 324, 328, 332, 334, 336, 340, 344, 348, 352, 356, 360, 364, 368, 372, 376, + 380, 384, 388, 392, 398, 400, 404, 408, 410, 414, 417, 418, 422, 426, 428, 430, 434, 438, + 440, 442, 446, 450, 454, 458, 462, 466, 470, 474, 478, 480, 484, 492, 496, 498, 499, 500, + 504, 508, 512, 516, 520, 524, 528, 531, 533, 534, 535, 540, 548, 554, 558, 562, 566, 570, + 574, 578, 580, 581, 583, 584, 585, 586, 591, 598, 600, 604, 608, 612, 616, 620, 624, 626, + 630, 634, 638, 642, 643, 646, 652, 654, 659, 660, 662, 663, 666, 670, 674, 678, 682, 686, + 688, 690, 694, 702, 703, 704, 705, 706, 710, 716, 724, 728, 729, 732, 740, 744, 748, 752, + 756, 760, 762, 764, 768, 772, 776, 780, 784, 788, 792, 795, 796, 798, 800, 804, 807, 810, + 818, 826, 831, 832, 833, 834, 840, 850, 854, 858, 860, 862, 876, 882, 887, 894 + }; + + /** + * @desc List of United Nations Statistics Division country codes + */ + const SequenceOfUint16 c_unStatsAdditionalCodes := { + 1, 2, 5, 9, 11, 13, 14, 15, 17, 18, 19, 21, 29, 30, 34, 35, 39, 53, + 54, 57, 61, 142, 143, 145, 150, 151, 154, 155, 199, 419, 432, 680, 722, 830 + }; + + } // End of group constants + + /** + * @desc Dummy send/receive templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4 Basic format elements + */ + group dummyBasicFormatElements { + + /** + * @desc Dummy receive templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2 Specification of basic format elements + */ + group dummyBasicFormatElementsRecv { + + /** + * @desc Dummy receive template for TwoDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.19 TwoDLocation + */ + template (present) TwoDLocation mw_twoDLocation_dummy := { + latitude := ?, + longitude := ? + } // End of template mw_twoDLocation_dummy + + /** + * @desc Dummy send template for ThreeDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @param p_elevation Elevation relative to the WGS-84 ellipsoid in decimetres + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.20 ThreeDLocation + */ + template (present) ThreeDLocation mw_threeDLocation_dummy := { + latitude := ?, + longitude := ?, + elevation := ? + } // End of template mw_threeDLocation_dummy + + } // End of group dummyBasicFormatElementsRecv + + } // End of group dummyBasicFormatElements + + /** + * @desc Send/receive templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4 Basic format elements + */ + group basicFormatElements { + + /** + * @desc Send templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2 Specification of basic format elements + */ + group basicFormatElementsSend { + + /** + * @desc Send templates for Signature description + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.9 Signature + * @see Draft ETSI TS 103 097 V1.3.1 Table 2: Derivation of field sizes depending on the used algorithm + */ + group signatures { + + /** + * @desc Send template for signatures based on ECDSA algorithm + * @member p_ecdsaSignature The ECDSA based signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.9 Signature + */ + template (value) Signature m_signature( + in template (value) EcdsaP256Signature p_ecdsaSignature + ):= { + ecdsaNistP256Signature := p_ecdsaSignature + } // End of template m_signature_ecdsa + + /** + * @desc Send template for ECDSA based signature + * @member p_r The coordinate of the elliptic curve point resulting from multiplying the generator element by the ephemeral private key + * @member p_s The signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.10 EcdsaP256Signature + */ + template (value) EcdsaP256Signature m_ecdsaSignature( + in template (value) EccP256CurvePoint p_rSig, + in template (value) octetstring p_sSig + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template m_ecdsaSignature + + } // End of group signatures + + group signerInfos { + + /** + * @desc Send template for self signed message + */ + template (value) SignerIdentifier m_signerIdentifier_self := { + self_ := NULL + } // End of template m_signerIdentifier_self + + /** + * @desc Send template for certificate signed message + */ + template (value) SignerIdentifier m_signerIdentifier_certificate( + in template (value) Certificate p_certificate // TODO Use SingleEtsiTs103097Certificate + ) := { + certificate := { p_certificate } // Only one + } // End of template m_signerIdentifier_certificate + + /** + * @desc Send template for digest signed message + */ + template (value) SignerIdentifier m_signerIdentifier_digest( + in template (value) HashedId8 p_digest := '0000000000000000'O + ) := { + digest := p_digest + } // End of template m_signerIdentifier_digest + + /** + * @desc Send template for certificate signed message + */ + template (value) SignerIdentifier m_signerIdentifier_certificates( + in template (value) SequenceOfCertificate p_certificates := {} + ) := { + certificate := p_certificates + } // End of template m_signerIdentifier_certificates + + } // End of group signerInfos + + /** + * @desc Send template for TwoDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.19 TwoDLocation + */ + template (value) TwoDLocation m_twoDLocation( + in template (value) SecLatitude p_latitude, + in template (value) SecLongitude p_longitude + ) := { + latitude := p_latitude, + longitude := p_longitude + } // End of template m_twoDLocation + + /** + * @desc Send template for ThreeDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @param p_elevation Elevation relative to the WGS-84 ellipsoid in decimetres + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.20 ThreeDLocation + */ + template (value) ThreeDLocation m_threeDLocation( + in template (value) SecLatitude p_latitude, + in template (value) SecLongitude p_longitude, + in template (value) SecElevation p_elevation + ) := { + latitude := p_latitude, + longitude := p_longitude, + elevation := p_elevation + } // End of template m_threeDLocation + + /** + * @desc Send template circular geographic region + * @param p_center Circle center + * @param p_radius Circle radius + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (value) GeographicRegion m_geographicRegion_circle( + in template (value) TwoDLocation p_center, + in template (value) UInt16 p_radius + ) := { + circularRegion := { + center := p_center, + radius := p_radius + } + } // End of template m_geographicRegion_circle + + /** + * @desc Send template rectangular geographic region + * @param p_northwest Upper left corner + * @param p_southeast Lower rigth corner + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (value) GeographicRegion m_geographicRegion_rectangular( + in template (value) TwoDLocation p_northwest, + in template (value) TwoDLocation p_southeast + ) := { + rectangularRegion := { + { + northWest := p_northwest, + southEast := p_southeast + } + } + } // End of template m_geographicRegion_rectangular + + /** + * @desc Send template polygonial geographic region + * @param p_polygonal_region Polygonial region description + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (value) GeographicRegion m_geographicRegion_polygonial( + in template (value) PolygonalRegion p_polygonal_region + ) := { + polygonalRegion := p_polygonal_region + } // End of template m_geographicRegion_polygonial + + /** + * @desc Send template for geographic identified region + * @param p_identifiedRegion Indentified region + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (value) GeographicRegion m_geographicRegion_identifiedRegion( + in template (value) SequenceOfIdentifiedRegion p_identifiedRegions + ) := { + identifiedRegion := p_identifiedRegions + } // End of template m_geographicRegion_identifiedRegion + + template (value) IdentifiedRegion m_identifiedRegion_country_only( + in template (value) CountryOnly p_countryOnly + ) := { + countryOnly := p_countryOnly + } // End of template m_identifiedRegion_country_only + + template (value) IdentifiedRegion m_identifiedRegion_country_and_region( + in template (value) CountryOnly p_countryOnly, + in template (value) SequenceOfUint8 p_regions + ) := { + countryAndRegions := { + countryOnly := p_countryOnly, + regions := p_regions + } + } // End of template m_identifiedRegion_country_and_region + + } // End of group basicFormatElementsSend + + /** + * @desc Receive templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2 Specification of basic format elements + */ + group basicFormatElementsRecv { + + group signerIdentifiers { + + /** + * @desc Recv template for message signed with digest + */ + template (present) SignerIdentifier mw_signerIdentifier_digest( + template (present) HashedId8 p_digest := ? + ) := { + digest := p_digest + } // End of template mw_signerIdentifier_digest + + template (present) SignerIdentifier mw_signerIdentifier_certificate( + template (present) EtsiTs103097Certificate p_certificate := ? + ) := { + certificate := { p_certificate } + } // End of template m_signerIdentifier_certificate + + template (present) SignerIdentifier mw_signerIdentifier_certificates( + template (present) SequenceOfCertificate p_certificates := ? + ) := { + certificate := p_certificates + } // End of template mw_signerIdentifier_certificates + + } // End of group signerIdentifiers + + /** + * @desc Receive templates for Signature description + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.9 Signature + * @see Draft ETSI TS 103 097 V1.3.1 Table 2: Derivation of field sizes depending on the used algorithm + */ + group signatures { + + /** + * @desc Receive template for signatures based on ECDSA algorithm + * @member p_ecdsaSignature The ECDSA based signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.9 Signature + */ + template (present) Signature mw_signature( + template (present) EcdsaP256Signature p_ecdsaSignature := ? + ):= { + ecdsaNistP256Signature := p_ecdsaSignature + } // End of template mw_signature + + /** + * @desc Receive template for ECDSA based signature + * @member p_r The coordinate of the elliptic curve point resulting from multiplying the generator element by the ephemeral private key + * @member p_s The signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.10 EcdsaP256Signature + */ + template (present) EcdsaP256Signature mw_ecdsaSignature( + template (present) EccP256CurvePoint p_rSig := ?, + template (present) octetstring p_sSig := ? + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template mw_ecdsaSignature + + } // End of group signatures + + /** + * @desc Receive template for TwoDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.19 TwoDLocation + */ + template (present) TwoDLocation mw_twoDLocation( + template (present) SecLatitude p_latitude, + template (present) SecLongitude p_longitude + ) := { + latitude := p_latitude, + longitude := p_longitude + } // End of template mw_twoDLocation + + /** + * @desc Receive template for ThreeDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @param p_elevation Elevation relative to the WGS-84 ellipsoid in decimetres + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.20 ThreeDLocation + */ + template (present) ThreeDLocation mw_threeDLocation( + template (present) SecLatitude p_latitude, + template (present) SecLongitude p_longitude, + template (present) SecElevation p_elevation + ) := { + latitude := p_latitude, + longitude := p_longitude, + elevation := p_elevation + } // End of template mw_threeDLocation + + /** + * @desc Receive template circular geographic region + * @param p_center Circle center + * @param p_radius Circle radius + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (present) GeographicRegion mw_geographicRegion_circle( + template (present) TwoDLocation p_center := ?, + template (present) UInt16 p_radius := ? + ) := { + circularRegion := { + center := p_center, + radius := p_radius + } + } // End of template mw_geographicRegion_circle + + /** + * @desc Basic receive template rectangular geographic region + * @param p_northwest Upper left corner + * @param p_southeast Lower rigth corner + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (present) GeographicRegion mw_geographicRegion_rectangular := { + rectangularRegion := ? + } // End of template mw_geographicRegion_rectangular + + /** + * @desc Receive template polygonial geographic region + * @param p_polygonal_region Polygonial region description + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (present) GeographicRegion mw_geographicRegion_polygonal( + template (present) PolygonalRegion p_polygonal_region := ? + ) := { + polygonalRegion := p_polygonal_region + } // End of template mw_geographicRegion_polygonial + + /** + * @desc Receive template for geographic identified region + * @param p_identifiedRegion Indentified region + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (present) GeographicRegion mw_geographicRegion_identified( + template (present) SequenceOfIdentifiedRegion p_identifiedRegion := ? + ) := { + identifiedRegion := p_identifiedRegion + } // End of template mw_geographicRegion_identifiedRegion + + template (present) IdentifiedRegion mw_identifiedRegion_country_only + := { + countryOnly := ?// FIXME ((all from c_iso3166Codes), (all from c_unStatsAdditionalCodes)) + } + + template (present) IdentifiedRegion mw_identifiedRegion_country_and_region := { + countryAndRegions := { + countryOnly := ?, // FIXME ((all from c_iso3166Codes), (all from c_unStatsAdditionalCodes)), + regions := ? + } + } + + } // End of group basicFormatElementsRecv + + } // End of group dummyBasicFormatElements + + /** + * @desc Send templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.1 EtsiTs103097Data + */ + group etsiTs103097Data { + + /** + * @desc Generic send template for EtsiTs103097Data message + */ + template (value) EtsiTs103097Data m_etsiTs103097Data( + in template (value) Ieee1609Dot2Content p_content + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template m_etsiTs103097Data + + /** + * @desc Generic receive template for EtsiTs103097Data message + */ + template (present) EtsiTs103097Data mw_etsiTs103097Data( + template (present) Ieee1609Dot2Content p_content := ? + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template mw_etsiTs103097Data + + template (value) EtsiTs103097Data m_etsiTs103097Data_unsecured( + in template (value) Opaque p_unsecuredData + ) := { + protocolVersion := c_protocol_version, + content := { unsecuredData := p_unsecuredData } + } // End of template m_secured_data_unsecured + + template (value) EtsiTs103097Data m_etsiTs103097Data_signed( + in template (value) SignedData p_signedData + ) := { + protocolVersion := c_protocol_version, + content := { signedData := p_signedData } + } // End of template m_secured_data_signed + + template (present) EtsiTs103097Data mw_etsiTs103097Data_signed( + template (present) SignedData p_signedData := ? + ) := { + protocolVersion := c_protocol_version, + content := { signedData := p_signedData } + } // End of template mw_secured_data_signed + + template (value) EtsiTs103097Data m_etsiTs103097Data_encrypted( + in template (value) EncryptedData p_encryptedData + ) := { + protocolVersion := c_protocol_version, + content := { encryptedData := p_encryptedData } + } // End of template m_etsiTs103097Data_encrypted + + template (present) EtsiTs103097Data mw_etsiTs103097Data_encrypted( + template (present) EncryptedData p_encryptedData := ? + ) := { + protocolVersion := c_protocol_version, + content := { encryptedData := p_encryptedData } + } // End of template mw_etsiTs103097Data_encrypted + + /** + * @desc Generic send template for EtsiTs103097Data message + */ + template (value) EtsiTs103097Data m_etsiTs103097Data_wrong_protocol( + in template (value) UInt8 p_protocol_version, + in template (value) Ieee1609Dot2Content p_content + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template m_etsiTs103097Data_wrong_protocol + + } // End of group etsiTs103097Data + + /** + * @desc Send templates for ToBeSignedData header + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 SignedData + */ + group signedData { + + template (value) SignedData m_signedData( + in template (value) HashAlgorithm p_hashId, + in template (value) ToBeSignedData p_tbsData, + in template (value) SignerIdentifier p_signer, + in template (value) Signature p_signature_ + ) := { + hashId := p_hashId, + tbsData := p_tbsData, + signer := p_signer, + signature_ := p_signature_ + } // End of template m_signedData + + template (present) SignedData mw_signedData( + template (present) HashAlgorithm p_hashId := ?, + template (present) ToBeSignedData p_tbsData := ?, + template (present) SignerIdentifier p_signer := ?, + template (present) Signature p_signature_ := ? + ) := { + hashId := p_hashId, + tbsData := p_tbsData, + signer := p_signer, + signature_ := p_signature_ + } // End of template mw_signedData + + template (value) ToBeSignedData m_toBeSignedData( + in template (value) SignedDataPayload p_payload, + in template (value) HeaderInfo p_headerInfo + ) := { + payload := p_payload, + headerInfo := p_headerInfo + } // End of template m_toBeSignedData + + template (present) ToBeSignedData mw_toBeSignedData( + template (present) SignedDataPayload p_payload := ?, + template (present) HeaderInfo p_headerInfo := ? + ) := { + payload := p_payload, + headerInfo := p_headerInfo + } // End of template mw_toBeSignedData + + template (value) SignedDataPayload m_signedDataPayload( + in template (value) Ieee1609Dot2Data p_data + ) := { + data := p_data, + extDataHash := omit + } // End of template m_signedDataPayload + + template (present) SignedDataPayload mw_signedDataPayload( + template (present) Ieee1609Dot2Data p_data := ? + ) := { + data := p_data, + extDataHash := * + } // End of template mw_signedDataPayload + + template (value) SignedDataPayload m_signedDataPayload_ext( + in template (value) Oct32 p_extDataHash + ) := { + data := omit, + extDataHash := { sha256HashedData := p_extDataHash } + } // End of template m_signedDataPayload_ext + + } // End of group signedData + + /** + * @desc Send templates for ToBeSignedData header + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.3 EncryptedData + */ + group encryptedData { + + template (value) EncryptedData m_encryptedData( + in template (value) SequenceOfRecipientInfo p_recipients, + in template (value) SymmetricCiphertext p_ciphertex + ) := { + recipients := p_recipients, + ciphertext := p_ciphertex + } // End of template m_encryptedData + + template (present) EncryptedData mw_encryptedData( + template (present) SequenceOfRecipientInfo p_recipients := ?, + template (present) SymmetricCiphertext p_ciphertex := ? + ) := { + recipients := p_recipients, + ciphertext := p_ciphertex + } // End of template mw_encryptedData + + template (value) RecipientInfo m_recipientInfo_pskRecipInfo( + in template (value) PreSharedKeyRecipientInfo p_pskRecipInfo + ) := { + pskRecipInfo := p_pskRecipInfo + } // End of template m_recipientInfo_pskRecipInfo + + template (present) RecipientInfo mw_recipientInfo_pskRecipInfo( + template (present) PreSharedKeyRecipientInfo p_pskRecipInfo := ? + ) := { + pskRecipInfo := p_pskRecipInfo + } // End of template mw_recipientInfo_pskRecipInfo + + template (value) RecipientInfo m_recipientInfo_symmRecipInfo( + in template (value) SymmRecipientInfo p_symmRecipInfo + ) := { + symmRecipInfo := p_symmRecipInfo + } // End of template m_recipientInfo_symmRecipInfo + + template (value) RecipientInfo m_recipientInfo_certRecipInfo( + in template (value) PKRecipientInfo p_certRecipInfo + ) := { + certRecipInfo := p_certRecipInfo + } // End of template m_recipientInfo_certRecipInfo + + template (present) RecipientInfo mw_recipientInfo_certRecipInfo( + template (present) PKRecipientInfo p_certRecipInfo := ? + ) := { + certRecipInfo := p_certRecipInfo + } // End of template mw_recipientInfo_certRecipInfo + + template (value) RecipientInfo m_recipientInfo_signedDataRecipInfo( + in template (value) PKRecipientInfo p_signedDataRecipInfo + ) := { + signedDataRecipInfo := p_signedDataRecipInfo + } // End of template m_recipientInfo_signedDataRecipInfo + + template (value) RecipientInfo m_recipientInfo_rekRecipInfo( + in template (value) PKRecipientInfo p_rekRecipInfo + ) := { + rekRecipInfo := p_rekRecipInfo + } // End of template m_recipientInfo_rekRecipInfo + + template (value) PKRecipientInfo m_pKRecipientInfo( + in template (value) HashedId8 p_recipientId, + in template (value) EncryptedDataEncryptionKey p_encKey + ) := { + recipientId := p_recipientId, + encKey := p_encKey + } // End of template m_pKRecipientInfo + + template (present) PKRecipientInfo mw_pKRecipientInfo( + template (present) HashedId8 p_recipientId := ?, + template (present) EncryptedDataEncryptionKey p_encKey := ? + ) := { + recipientId := p_recipientId, + encKey := p_encKey + } // End of template mw_pKRecipientInfo + + template (value) EciesP256EncryptedKey m_evciesP256EncryptedKey( + in template (value) EccP256CurvePoint p_v, + in template (value) Oct16 p_c, + in template (value) Oct16 p_t + ) :={ + v := p_v, + c := p_c, + t := p_t + } // End of template m_evciesP256EncryptedKey + + template (present) EciesP256EncryptedKey mw_evciesP256EncryptedKey( + template (present) EccP256CurvePoint p_v := ?, + template (present) Oct16 p_c := ?, + template (present) Oct16 p_t := ? + ) :={ + v := p_v, + c := p_c, + t := p_t + } // End of template mw_evciesP256EncryptedKey + + template (value) EncryptedDataEncryptionKey m_encryptedDataEncryptionKey_eciesNistP256( + in template (value) EciesP256EncryptedKey p_eciesNistP256 + ) := { + eciesNistP256 := p_eciesNistP256 + } // End of template m_encryptedDataEncryptionKey_eciesNistP256 + + template (present) EncryptedDataEncryptionKey mw_encryptedDataEncryptionKey_eciesNistP256( + template (present) EciesP256EncryptedKey p_eciesNistP256 := ? + ) := { + eciesNistP256 := p_eciesNistP256 + } // End of template mw_encryptedDataEncryptionKey_eciesNistP256 + + template (value) EncryptedDataEncryptionKey m_encryptedDataEncryptionKey_eciesBrainpoolP256r1( + in template (value) EciesP256EncryptedKey p_eciesBrainpoolP256r1 + ) := { + eciesBrainpoolP256r1 := p_eciesBrainpoolP256r1 + } // End of template m_encryptedDataEncryptionKey_eciesBrainpoolP256r1 + + template (present) EncryptedDataEncryptionKey mw_encryptedDataEncryptionKey_eciesBrainpoolP256r1( + template (present) EciesP256EncryptedKey p_eciesBrainpoolP256r1 := ? + ) := { + eciesBrainpoolP256r1 := p_eciesBrainpoolP256r1 + } // End of template mw_encryptedDataEncryptionKey_eciesBrainpoolP256r1 + + template (value) SymmetricCiphertext m_SymmetricCiphertext_aes128ccm( + in template (value) AesCcmCiphertext p_aes128ccm + ) := { + aes128ccm := p_aes128ccm + } // End of template m_SymmetricCiphertext_aes128ccm + + template (present) SymmetricCiphertext mw_SymmetricCiphertext_aes128ccm( + template (present) AesCcmCiphertext p_aes128ccm := ? + ) := { + aes128ccm := p_aes128ccm + } // End of template mw_SymmetricCiphertext_aes128ccm + + template (value) AesCcmCiphertext m_aesCcmCiphertext( + in template (value) Oct12 p_nonce, + in template (value) Opaque p_ccmCiphertext + ) := { + nonce := p_nonce, + ccmCiphertext := p_ccmCiphertext + } // End of template m_aesCcmCiphertext + + template (present) AesCcmCiphertext mw_aesCcmCiphertext( + template (present) Oct12 p_nonce := ?, + template (present) Opaque p_ccmCiphertext := ? + ) := { + nonce := p_nonce, + ccmCiphertext := p_ccmCiphertext + } // End of template mw_aesCcmCiphertext + + } // End of group encryptedData + + /** + * @desc Send/Receive templates for Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + group ieee1609Dot2Data { + + /** + * @desc Send template for Ieee1609Dot2Data + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (value) Ieee1609Dot2Data m_ieee1609Dot2Data( + in template (value) Ieee1609Dot2Content p_content + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template m_ieee1609Dot2Data + + /** + * @desc Receive template for Ieee1609Dot2Data + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (present) Ieee1609Dot2Data mw_ieee1609Dot2Data( + template (present) Ieee1609Dot2Content p_content := ? + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template mw_ieee1609Dot2Data + + /** + * @desc Send template for 'unsecured' Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (value) Ieee1609Dot2Content m_ieee1609Dot2Data_unsecured( + in template (value) Opaque p_unsecuredData + ) := { + unsecuredData := p_unsecuredData + } // End of template m_ieee1609Dot2Data_unsecured + + /** + * @desc Receive template for 'unsecured' Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (present) Ieee1609Dot2Content mw_ieee1609Dot2Data_unsecured( + template (present) Opaque p_unsecuredData := ? + ) := { + unsecuredData := p_unsecuredData + } // End of template mw_ieee1609Dot2Data_unsecured + + /** + * @desc Send template for 'signed' Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (value) Ieee1609Dot2Content m_ieee1609Dot2Data_signed( + in template (value) SignedData p_signedData + ) := { + signedData := p_signedData + } // End of template m_ieee1609Dot2Data_signed + + /** + * @desc Send template for 'signed' Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (present) Ieee1609Dot2Content mw_ieee1609Dot2Data_signed( + template (present) SignedData p_signedData := ? + ) := { + signedData := p_signedData + } // End of template mw_ieee1609Dot2Data_signed + + } // End of group ieee1609Dot2Data + + /** + * @desc Send/Receive templates for HeaderInfo + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.4 HeaderInfo + */ + group headerFields { + + /** + * @desc Basic send HeaderInfo template with ETSI ITS restrction + */ + template (omit) HeaderInfo m_ieee1609Dot2_headerInfo( + in template (value) Psid p_psid + ) := { + psid := p_psid, + generationTime := omit, + expiryTime := omit, + generationLocation := omit, + p2pcdLearningRequest := omit, + missingCrlIdentifier := omit, + encryptionKey := omit, + inlineP2pcdRequest := omit, + requestedCertificate := omit + } // End of template m_ieee1609Dot2_headerInfo + + /** + * @desc Basic receive HeaderInfo template with ETSI ITS restrction + */ + template (present) HeaderInfo mw_ieee1609Dot2_headerInfo( + template (present) Psid p_psid := ? + ) := { + psid := p_psid, + generationTime := *, + expiryTime := *, + generationLocation := *, + p2pcdLearningRequest := omit, + missingCrlIdentifier := omit, + encryptionKey := omit, + inlineP2pcdRequest := omit, + requestedCertificate := omit + } // End of template mw_ieee1609Dot2_headerInfo + + /** + * @desc Basic receive HeaderInfo template with ETSI ITS restrction + */ + template (present) HeaderInfo mw_ieee1609Dot2_headerInfo_request_certificate( + template (present) Psid p_psid := ?, + template (present) Certificate p_requestedCertificate := ? + ) modifies mw_ieee1609Dot2_headerInfo := { + psid := p_psid, + generationTime := *, + expiryTime := *, + generationLocation := *, + p2pcdLearningRequest := omit, + missingCrlIdentifier := omit, + encryptionKey := omit, + inlineP2pcdRequest := omit, + requestedCertificate := p_requestedCertificate + } // End of template mw_ieee1609Dot2_headerInfo + + /** + * @desc CAM specific send HeaderInfo template with ETSI ITS restrction + * + * @see Clause 7.1.1 Security profile for CAMs + */ + template (omit) HeaderInfo m_headerInfo_cam( + in template (value) Psid p_psid := c_its_aid_CAM, + in template (value) Time64 p_generationTime, + in template (omit) Time64 p_expiryTime := omit, + in template (omit) SequenceOfHashedId3 p_inlineP2pcdRequest := omit + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := p_expiryTime, + generationLocation := omit, + inlineP2pcdRequest := p_inlineP2pcdRequest + } // End of template m_headerInfo_cam + + /** + * @desc CAM specific receive HeaderInfo template with ETSI ITS restrction + * + * Clause 7.1.1 Security profile for CAMs + */ + template (present) HeaderInfo mw_headerInfo_cam( + template (present) Psid p_psid := c_its_aid_CAM, + template (present) Time64 p_generationTime := ?, + template SequenceOfHashedId3 p_inlineP2pcdRequest := omit, + template Certificate p_requestedCertificate := omit + ) modifies mw_ieee1609Dot2_headerInfo := { + psid := c_its_aid_CAM, + generationTime := p_generationTime, + expiryTime := omit, + generationLocation := omit, + inlineP2pcdRequest := p_inlineP2pcdRequest, + requestedCertificate := p_requestedCertificate + } // End of template mw_headerInfo_cam + + /** + * + * Clause 7.1.2 Security profile for DENMs + */ + template (omit) HeaderInfo m_headerInfo_denm( + in template (value) Psid p_psid := c_its_aid_DENM, + in template (value) Time64 p_generationTime, + in template (value) ThreeDLocation p_generationLocation, + in template (omit) Time64 p_expiryTime := omit + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := p_expiryTime, + generationLocation := p_generationLocation + } // End of template m_headerInfo_denm + + /** + * + * Clause 7.1.2 Security profile for DENMs + */ + template (present) HeaderInfo mw_headerInfo_denm( + template (present) Psid p_psid := c_its_aid_DENM, + template (present) Time64 p_generationTime := ?, + template (present) ThreeDLocation p_generationLocation := ?, + template Time64 p_expiryTime := omit + ) modifies mw_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := p_expiryTime, + generationLocation := p_generationLocation + } // End of template mw_headerInfo_denm + + /** + * + * Clause 7.1.3 Generic security profile for other signed messages + */ + template (omit) HeaderInfo m_headerInfo_gn( + in template (value) Psid p_psid := c_its_aid_GN, + in template (value) Time64 p_generationTime + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime + } // End of template m_headerInfo_gn + + /** + * + * Clause 7.1.3 Generic security profile for other signed messages + */ + template (present) HeaderInfo mw_headerInfo_gn( + template (present) Psid p_psid := c_its_aid_GN, + template (present) Time64 p_generationTime := ? + ) modifies mw_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := *, + generationLocation := *, + encryptionKey := *, + inlineP2pcdRequest := *, + requestedCertificate := * + } // End of template mw_headerInfo_gn + + template (omit) HeaderInfo m_headerInfo_inner_pki_request( + in template (value) Psid p_psid := c_its_aid_SCR, + in template (value) Time64 p_generationTime + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime + }; + + template (omit) HeaderInfo m_headerInfo_inner_pki_response( + in template (value) Psid p_psid := c_its_aid_SCR, + in template (value) Time64 p_generationTime + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime + }; + + template (present) HeaderInfo mw_headerInfo_inner_pki_request( + template (present) Psid p_psid := c_its_aid_SCR, + template (present) Time64 p_generationTime := ? + ) modifies mw_headerInfo_gn := {}; + + template HeaderInfo mw_headerInfo_inner_pki_response( + template (present) Psid p_psid := c_its_aid_SCR, + template Time64 p_generationTime := * + ) modifies mw_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := omit, + generationLocation := omit + } + + } // End of group headerFields + + group signatures { + + template (value) Signature m_signature_ecdsaNistP256( + in template (value) EcdsaP256Signature p_ecdsaNistP256Signature + ) := { + ecdsaNistP256Signature := p_ecdsaNistP256Signature + } // End of template m_signature_ecdsaNistP256 + + template (present) Signature mw_signature_ecdsaNistP256( + template (present) EcdsaP256Signature p_ecdsaNistP256Signature := ? + ) := { + ecdsaNistP256Signature := p_ecdsaNistP256Signature + } // End of template mw_signature_ecdsaNistP256 + + template (value) Signature m_signature_ecdsaBrainpoolP256r1( + in template (value) EcdsaP256Signature p_ecdsaBrainpoolP256r1Signature + ) := { + ecdsaBrainpoolP256r1Signature := p_ecdsaBrainpoolP256r1Signature + } // End of template m_signature_ecdsaBrainpoolP256r1 + + template (present) Signature mw_signature_ecdsaBrainpoolP256r1( + template (present) EcdsaP256Signature p_ecdsaBrainpoolP256r1Signature := ? + ) := { + ecdsaBrainpoolP256r1Signature := p_ecdsaBrainpoolP256r1Signature + } // End of template m_signature_ecdsaBrainpoolP256r1 + + template (value) Signature m_signature_ecdsaBrainpoolP384r1( + in template (value) EcdsaP384Signature p_ecdsaBrainpoolP384r1Signature + ) := { + ecdsaBrainpoolP384r1Signature := p_ecdsaBrainpoolP384r1Signature + } // End of template m_signature_ecdsaBrainpoolP384r1 + + template (present) Signature mw_signature_ecdsaBrainpoolP384r1( + template (present) EcdsaP384Signature p_ecdsaBrainpoolP384r1Signature := ? + ) := { + ecdsaBrainpoolP384r1Signature := p_ecdsaBrainpoolP384r1Signature + } // End of template mw_signature_ecdsaBrainpoolP384r1 + + template (value) EcdsaP256Signature m_ecdsaP256Signature( + in template (value) EccP256CurvePoint p_rSig, + in template (value) Oct32 p_sSig + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template m_ecdsaP256Signature + + template (present) EcdsaP256Signature mw_ecdsaP256Signature( + template (present) EccP256CurvePoint p_rSig := ?, + template (present) Oct32 p_sSig := ? + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template mw_ecdsaP256Signature + + template (value) EcdsaP384Signature m_ecdsaP384Signature( + in template (value) EccP384CurvePoint p_rSig, + in template (value) Oct48 p_sSig + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template m_ecdsaP384Signature + + template (present) EcdsaP384Signature mw_ecdsaP384Signature( + template (present) EccP384CurvePoint p_rSig := ?, + template (present) Oct48 p_sSig := ? + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template mw_ecdsaP384Signature + + template (value) EccP256CurvePoint m_eccP256CurvePoint_x_only( + in template (value) Oct32 p_x_only + ) := { + x_only := p_x_only + } // End of template m_eccP256CurvePoint_x_only + + template (present) EccP256CurvePoint mw_eccP256CurvePoint_x_only( + template (present) Oct32 p_x_only := ? + ) := { + x_only := p_x_only + } // End of template mw_eccP256CurvePoint_x_only + + template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_y_0( + in template (value) Oct32 p_compressed_y_0 + ) := { + compressed_y_0 := p_compressed_y_0 + } // End of template m_eccP256CurvePoint_compressed_y_0 + + template (present) EccP256CurvePoint mw_eccP256CurvePoint_compressed_y_0( + template (present) Oct32 p_compressed_y_0 := ? + ) := { + compressed_y_0 := p_compressed_y_0 + } // End of template mw_eccP256CurvePoint_compressed_y_0 + + template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_y_1( + in template (value) Oct32 p_compressed_y_1 + ) := { + compressed_y_1 := p_compressed_y_1 + } // End of template m_eccP256CurvePoint_compressed_y_1 + + template (present) EccP256CurvePoint mw_eccP256CurvePoint_compressed_y_1( + template (present) Oct32 p_compressed_y_1 := ? + ) := { + compressed_y_1 := p_compressed_y_1 + } // End of template mw_eccP256CurvePoint_compressed_y_1 + + template (value) EccP256CurvePoint m_eccP256CurvePoint_uncompressed( + in template (value) Oct32 p_x, + in template (value) Oct32 p_y + ) := { + uncompressedP256 := { + x := p_x, + y := p_y + } + } // End of template m_eccP256CurvePoint_uncompressed + + template (present) EccP256CurvePoint mw_eccP256CurvePoint_uncompressed( + template (present) Oct32 p_x := ?, + template (present) Oct32 p_y := ? + ) := { + uncompressedP256 := { + x := p_x, + y := p_y + } + } // End of template mw_eccP256CurvePoint_uncompressed + + template (value) EccP384CurvePoint m_eccP384CurvePoint_x_only( + in template (value) Oct48 p_x_only + ) := { + x_only := p_x_only + } // End of template m_eccP384CurvePoint_x_only + + template (present) EccP384CurvePoint mw_eccP384CurvePoint_x_only( + template (present) Oct48 p_x_only := ? + ) := { + x_only := p_x_only + } // End of template mw_eccP384CurvePoint_x_only + + template (value) EccP384CurvePoint m_eccP384CurvePoint_compressed_y_0( + in template (value) Oct48 p_compressed_y_0 + ) := { + compressed_y_0 := p_compressed_y_0 + } // End of template m_eccP384CurvePoint_compressed_y_0 + + template (present) EccP384CurvePoint mw_eccP384CurvePoint_compressed_y_0( + template (present) Oct48 p_compressed_y_0 := ? + ) := { + compressed_y_0 := p_compressed_y_0 + } // End of template mw_eccP384CurvePoint_compressed_y_0 + + template (value) EccP384CurvePoint m_eccP384CurvePoint_compressed_y_1( + in template (value) Oct48 p_compressed_y_1 + ) := { + compressed_y_1 := p_compressed_y_1 + } // End of template m_eccP384CurvePoint_compressed_y_1 + + template (present) EccP384CurvePoint mw_eccP384CurvePoint_compressed_y_1( + template (present) Oct48 p_compressed_y_1 := ? + ) := { + compressed_y_1 := p_compressed_y_1 + } // End of template mw_eccP384CurvePoint_compressed_y_1 + + template (value) EccP384CurvePoint m_eccP384CurvePoint_uncompressed( + in template (value) Oct48 p_x, + in template (value) Oct48 p_y + ) := { + uncompressedP384 := { + x := p_x, + y := p_y + } + } // End of template m_eccP384CurvePoint_uncompressed + + template (present) EccP384CurvePoint mw_eccP384CurvePoint_uncompressed( + template (present) Oct48 p_x := ?, + template (present) Oct48 p_y := ? + ) := { + uncompressedP384 := { + x := p_x, + y := p_y + } + } // End of template mw_eccP384CurvePoint_uncompressed + + } // End of group signatures + + /** + * @desc Dummy send/receive templates for certificates + * @see Draft ETSI TS 103 097 V1.3.1 Clause 6 Specification of certificate format + */ + group certificates { + + /** + * @desc Send certificate template of type explicit (signature is included) + * @member p_signer_info Signer information + * @member p_subject_info The subject information + * @member p_subject_attributes List of subject attribute + * @member p_validity_restrictions List of validity restriction + * @member p_signature The signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 6.1 Certificate + */ + template (omit) EtsiTs103097Certificate m_etsiTs103097Certificate( + in template (value) IssuerIdentifier p_issuer, + in template (value) ToBeSignedCertificate p_toBeSigned, + in template (omit) Signature p_signature_ := omit, + in template (value) CertificateType p_type_ := explicit + ) := { + version := c_certificate_version, + type_ := p_type_, + issuer := p_issuer, + toBeSigned := p_toBeSigned, + signature_ := p_signature_ + } // End of template m_etsiTs103097Certificate + + /** + * @desc Send certificate template of type explicit (signature is included) + * @member p_signer_info Signer information + * @member p_subject_info The subject information + * @member p_subject_attributes List of subject attribute + * @member p_validity_restrictions List of validity restriction + * @member p_signature The signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 6.1 Certificate + */ + template (present) EtsiTs103097Certificate mw_etsiTs103097Certificate( + template (present) IssuerIdentifier p_issuer := ?, + template (present) ToBeSignedCertificate p_toBeSigned := ?, + template Signature p_signature_ := ?, + template (present) CertificateType p_type_ := explicit + ) := { + version := c_certificate_version, + type_ := p_type_, + issuer := p_issuer, + toBeSigned := p_toBeSigned, + signature_ := p_signature_ + } // End of template mw_etsiTs103097Certificate + + } // End of group certificates + + group issuerIdentifier { + + template (value) IssuerIdentifier m_issuerIdentifier_self( + in template (value) HashAlgorithm p_self := sha256 + ) := { + self_ := p_self + } // End of template m_issuerIdentifier_self + + template (present) IssuerIdentifier mw_issuerIdentifier_self( + template (present) HashAlgorithm p_self := ? + ) := { + self_ := p_self + } // End of template mw_issuerIdentifier_self + + template (value) IssuerIdentifier m_issuerIdentifier_sha256AndDigest( // FIXME Add opque field for unknown issuer? + in template (value) HashedId8 p_sha256AndDigest + ) := { + sha256AndDigest := p_sha256AndDigest + } // End of template m_issuerIdentifier_sha256AndDigest + + template (present) IssuerIdentifier mw_issuerIdentifier_sha256AndDigest( // FIXME Add opque field for unknown issuer? + template (present) HashedId8 p_sha256AndDigest := ? + ) := { + sha256AndDigest := p_sha256AndDigest + } // End of template mw_issuerIdentifier_sha256AndDigest + + template (value) IssuerIdentifier m_issuerIdentifier_sha384AndDigest( + in template (value) HashedId8 p_sha384AndDigest + ) := { + sha384AndDigest := p_sha384AndDigest + } // End of template m_issuerIdentifier_sha384AndDigest + + template (present) IssuerIdentifier mw_issuerIdentifier_sha384AndDigest( + template (present) HashedId8 p_sha384AndDigest := ? + ) := { + sha384AndDigest := p_sha384AndDigest + } // End of template mw_issuerIdentifier_sha384AndDigest + + } // End of group issuerIdentifier + + group toBeSignedCertificate { + + /** + * @desc Send template for ToBeSignedCertificate with CA restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.3 Root CA certificate + */ + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_ca( + in template (value) CertificateId p_id, + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) SequenceOfPsidGroupPermissions p_certIssuePermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (omit) ValidityPeriod p_validityPeriod := omit, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := p_certIssuePermissions, // ETSI TS 103 097 V1.3.1 Clause 7.2.3 Root CA certificates Bullet 4 + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_ca + + /** + * @desc Receive template for ToBeSignedCertificate with CA restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.3 Root CA certificate + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_ca( + template (present) CertificateId p_id := ?, + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) SequenceOfPsidGroupPermissions p_certIssuePermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template SequenceOfPsidGroupPermissions p_certRequestPermissions := *, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := p_id, + cracaId := '000000'O, + crlSeries := 0, + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := ?, + certIssuePermissions := p_certIssuePermissions, + certRequestPermissions := p_certRequestPermissions, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate_ca + + /** + * @desc Send template for ToBeSignedCertificate with Enrolment credential restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.2 Enrolment credential + */ + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_ea( + in template (value) CertificateId p_id, + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (value) ValidityPeriod p_validityPeriod, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_ea + + /** + * @desc Send template for ToBeSignedCertificate with Enrolment credential restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.2 Enrolment credential + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_ea( + template (present) CertificateId p_id := ?, + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate_ea + + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_ec( + in template (value) CertificateId p_id, + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (value) ValidityPeriod p_validityPeriod, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_ec + + /** + * @desc Send template for ToBeSignedCertificate with Enrolment credential restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.2 Enrolment credential + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_ec( + template (present) CertificateId p_id := ?, + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate_ec + + /** + * @desc Send template for ToBeSignedCertificate with Authorization authority restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.4 Subordinate certification authority certificates + */ + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_aa( + in template (value) CertificateId p_id, + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (value) ValidityPeriod p_validityPeriod, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_aa + + /** + * @desc Send template for ToBeSignedCertificate with Authorization authority restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.4 Subordinate certification authority certificates + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_aa( + template (present) CertificateId p_id := ?, + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate_aa + + template (present) CertificateId mw_certificateId_name( + template (present) charstring p_name := ? + ) := { + name := p_name + } // End of template mw_certificateId_name + + template CertificateId mw_certificateId_none := { + none_ := NULL + } // End of template mw_certificateId_none + + /** + * @desc Send template for ToBeSignedCertificate with AT restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.1 Authorization tickets + */ + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_at( + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (omit) ValidityPeriod p_validityPeriod := omit, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := { none_ := NULL }, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_at + + /** + * @desc Send template for ToBeSignedCertificate with AT restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.1 Authorization tickets + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_at( + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := { none_ := NULL }, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate_at + + } // End of group toBeSignedCertificate + + group verificationKeys { + + template (value) VerificationKeyIndicator m_verificationKeyIndicator_verificationKey( + in template (value) PublicVerificationKey p_verificationKey + ) := { + verificationKey := p_verificationKey + } // End of template m_verificationKeyIndicator_verificationKey + + template (present) VerificationKeyIndicator mw_verificationKeyIndicator_verificationKey( + template (present) PublicVerificationKey p_verificationKey := ? + ) := { + verificationKey := p_verificationKey + } // End of template mw_verificationKeyIndicator_verificationKey + + template (value) VerificationKeyIndicator m_verificationKeyIndicator_reconstructionValue( + in template (value) EccP256CurvePoint p_reconstructionValue + ) := { + reconstructionValue := p_reconstructionValue + } // End of template m_verificationKeyIndicator_reconstructionValue + + template (present) VerificationKeyIndicator mw_verificationKeyIndicator_reconstructionValue( + template (present) EccP256CurvePoint p_reconstructionValue := ? + ) := { + reconstructionValue := p_reconstructionValue + } // End of template mw_verificationKeyIndicator_reconstructionValue + + template (value) PublicVerificationKey m_publicVerificationKey_ecdsaNistP256( + in template (value) EccP256CurvePoint p_ecdsaNistP256 + ) := { + ecdsaNistP256 := p_ecdsaNistP256 + } // End of template m_publicVerificationKey_ecdsaNistP256 + + template (present) PublicVerificationKey mw_publicVerificationKey_ecdsaNistP256( + template (present) EccP256CurvePoint p_ecdsaNistP256 := ? + ) := { + ecdsaNistP256 := p_ecdsaNistP256 + } // End of template mw_publicVerificationKey_ecdsaNistP256 + + template (value) PublicVerificationKey m_publicVerificationKey_ecdsaBrainpoolP256r1( + in template (value) EccP256CurvePoint p_ecdsaBrainpoolP256r1 + ) := { + ecdsaBrainpoolP256r1 := p_ecdsaBrainpoolP256r1 + } // End of template m_publicVerificationKey_ecdsaBrainpoolP256r1 + + template (present) PublicVerificationKey mw_publicVerificationKey_ecdsaBrainpoolP256r1( + template (present) EccP256CurvePoint p_ecdsaBrainpoolP256r1 := ? + ) := { + ecdsaBrainpoolP256r1 := p_ecdsaBrainpoolP256r1 + } // End of template mw_publicVerificationKey_ecdsaBrainpoolP256r1 + + template (value) PublicVerificationKey m_publicVerificationKey_ecdsaBrainpoolP384r1( + in template (value) EccP384CurvePoint p_ecdsaBrainpoolP384r1 + ) := { + ecdsaBrainpoolP384r1 := p_ecdsaBrainpoolP384r1 + } // End of template m_publicVerificationKey_ecdsaBrainpoolP384r1 + + template (present) PublicVerificationKey mw_publicVerificationKey_ecdsaBrainpoolP384r1( + template (present) EccP384CurvePoint p_ecdsaBrainpoolP384r1 := ? + ) := { + ecdsaBrainpoolP384r1 := p_ecdsaBrainpoolP384r1 + } // End of template mw_publicVerificationKey_ecdsaBrainpoolP384r1 + + } // End of group verificationKeys + + group encryptionKey { + + template (value) EncryptionKey m_encryptionKey_public( + in template (value) PublicEncryptionKey p_encryptionKey + ) := { + public_ := p_encryptionKey + } + + template (present) EncryptionKey mw_encryptionKey_public( + template (present) PublicEncryptionKey p_encryptionKey := ? + ) := { + public_ := p_encryptionKey + } + + template (value) PublicEncryptionKey m_encryptionKey( + in template (value) SymmAlgorithm p_supportedSymmAlg := aes128Ccm, + in template (value) BasePublicEncryptionKey p_publicKey + ) := { + supportedSymmAlg := p_supportedSymmAlg, + publicKey := p_publicKey + } // End of template m_encryptionKey + + template (present) PublicEncryptionKey mw_encryptionKey( + template (present) SymmAlgorithm p_supportedSymmAlg := aes128Ccm, + template (present) BasePublicEncryptionKey p_publicKey := ? + ) := { + supportedSymmAlg := p_supportedSymmAlg, + publicKey := p_publicKey + } // End of template mw_encryptionKey + + template (value) BasePublicEncryptionKey m_publicEncryptionKey_eciesNistP256( + in template (value) EccP256CurvePoint p_eciesNistP256 + ) := { + eciesNistP256 := p_eciesNistP256 + } // End of template m_publicEncryptionKey_eciesNistP256 + + template (present) BasePublicEncryptionKey mw_publicEncryptionKey_eciesNistP256( + template (present) EccP256CurvePoint p_eciesNistP256 := ? + ) := { + eciesNistP256 := p_eciesNistP256 + } // End of template mw_publicEncryptionKey_eciesNistP256 + + template (value) BasePublicEncryptionKey m_publicEncryptionKey_eciesBrainpoolP256r1( + in template (value) EccP256CurvePoint p_eciesBrainpoolP256r1 + ) := { + eciesBrainpoolP256r1 := p_eciesBrainpoolP256r1 + } // End of template m_publicEncryptionKey_eciesBrainpoolP256r1 + + template (present) BasePublicEncryptionKey mw_publicEncryptionKey_eciesBrainpoolP256r1( + template (present) EccP256CurvePoint p_eciesBrainpoolP256r1 := ? + ) := { + eciesBrainpoolP256r1 := p_eciesBrainpoolP256r1 + } // End of template mw_publicEncryptionKey_eciesBrainpoolP256r1 + + } // End of group encryptionKey + + group appPermissions { + + template (omit) PsidSsp m_appPermissions( + in template (value) Psid p_psid, + in template (omit) ServiceSpecificPermissions p_ssp := omit + ) := { + psid := p_psid, + ssp := p_ssp + } // End of template m_appPermissions + + template PsidSsp mw_appPermissions( + template (present) Psid p_psid := ?, + template ServiceSpecificPermissions p_ssp := * + ) := { + psid := p_psid, + ssp := p_ssp + } // End of template mw_appPermissions + + template (value) PsidSspRange m_psidSspRange( + in Psid p_psid, + in template (value) SspRange p_sspRange := m_SspRange_all + ) := { + psid := p_psid, + sspRange := p_sspRange + } // End of template m_psidSspRange + + template (value) SspRange m_SspRange_all := { + all_ := NULL + } // End of template m_SspRange_all + + template (value) SspRange m_SspRange_opaque( + in template (value) SequenceOfOctetString p_opaque + ) := { + opaque := p_opaque + } // End of template m_SspRange_opaque + + template (value) SspRange m_SspRange_bitmapSspRange( + in template (value) BitmapSspRange p_bitmapSspRange + ) := { + bitmapSspRange := p_bitmapSspRange + } // End of template m_SspRange_bitmapSspRange + + template (value) PsidGroupPermissions m_psidGroupPermissions( + in template (value) SubjectPermissions p_subjectPermissions, + in integer p_minChainLength := 1, + in integer p_chainLengthRange := 0, + in EndEntityType p_eeType := oct2bit('00'O) + ) := { + subjectPermissions := p_subjectPermissions, + minChainLength := p_minChainLength, + chainLengthRange := p_chainLengthRange, + eeType := p_eeType + } // End of template m_psidGroupPermissions + + template (present) PsidGroupPermissions mw_psidGroupPermissions( + template (present) SubjectPermissions p_subjectPermissions := ?, + integer p_minChainLength := 1, + integer p_chainLengthRange := 0, + template (present) EndEntityType p_eeType := ? + ) := { + subjectPermissions := p_subjectPermissions, + minChainLength := p_minChainLength, + chainLengthRange := p_chainLengthRange, + eeType := p_eeType + } // End of template mw_psidGroupPermissions + + template (value) SubjectPermissions m_subjectPermissions_explicit( + in template (value) SequenceOfPsidSspRange p_certIssuePermissions + ) := { + explicit := p_certIssuePermissions + } // End of template m_subjectPermissions_explicit + + template (present) SubjectPermissions mw_subjectPermissions_explicit( + template (present) SequenceOfPsidSspRange p_certIssuePermissions := ? + ) := { + explicit := p_certIssuePermissions + } // End of template mw_subjectPermissions_explicit + + template (value) SubjectPermissions m_subjectPermissions_all := { + all_ := NULL + } // End of template m_subjectPermissions_all + + } // End of group appPermissions + + + group validityRestriction { + + template (value) ValidityPeriod m_validityPeriod( + in template (value) Time32 p_start_, + in template (value) Duration p_duration + ) := { + start_ := p_start_, + duration := p_duration + } // End of template m_validityPeriod + + template (present) ValidityPeriod mw_validityPeriod( + template (present) Time32 p_start_ := ?, + template (present) Duration p_duration := ? + ) := { + start_ := p_start_, + duration := p_duration + } // End of template mw_validityPeriod + + /** + * @desc Send template for Duration (in seconds) + * @param p_duration The duration value + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.18 Duration + */ + template (value) Duration m_duration_in_seconds( + in template (value) Int16 p_duration + ) := { + seconds := p_duration + } // End of template m_duration_in_seconds + + /** + * @desc Send template for Duration (in hours) + * @param p_duration The duration value + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.18 Duration + */ + template (value) Duration m_duration_in_hours( + in template (value) Int16 p_duration + ) := { + hours := p_duration + } // End of template m_duration_in_hours + + /** + * @desc Receive template for Duration (in seconds) + * @param p_duration The duration value + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.18 Duration + */ + template (present) Duration mw_duration_in_seconds( + template (present) Int16 p_duration := ? + ) := { + seconds := p_duration + } // End of template mw_duration_in_seconds + + template (value) Duration m_duration_years( + in template (value) Uint16 p_years + ) := { + years := p_years + } // End of template m_duration_years + + template (present) Duration mw_duration_years( + template (present) Uint16 p_years := ? + ) := { + years := p_years + } // End of template mw_duration_years + + } // End of group validityRestriction + + group ssp { + + group sspCam { + + group sspCamSend { + + template (value) SspCAM m_sspCAMContainer_sign_all := { + cenDsrcTollingZone := '1'B, + publicTransport := '1'B, + specialTransport := '1'B, + dangerousGoods := '1'B, + roadwork := '1'B, + rescue := '1'B, + emergency := '1'B, + safetyCar := '1'B, + closedLanes := '1'B, + requestForRightOfWay := '1'B, + requestForFreeCrossingAtATrafficLight := '1'B, + noPassing := '1'B, + noPassingForTrucks := '1'B, + speedLimit := '1'B, + reserved := '000000000000000000'B + } // End of template m_sspCAMContainer_sign_all + + template (value) SspCAM m_sspCAMContainer_vehicle + modifies m_sspCAMContainer_sign_all := { + cenDsrcTollingZone := '0'B, + closedLanes := '0'B, + noPassing := '0'B, + noPassingForTrucks := '0'B, + speedLimit := '0'B + } // End of template m_sspCAMContainer_vehicle + + template (value) ServiceSpecificPermissions m_sspCAM( + in template (value) BitmapSsp p_bitmapSsp + ) := { + bitmapSsp := p_bitmapSsp + } // End of template m_sspCAM + + } // End of group sspCamSend + + group sspCamRecv { + + template (present) SspCAM mw_sspCAMContainer_dummy := { + cenDsrcTollingZone := ?, + publicTransport := ?, + specialTransport := ?, + dangerousGoods := ?, + roadwork := ?, + rescue := ?, + emergency := ?, + safetyCar := ?, + closedLanes := ?, + requestForRightOfWay := ?, + requestForFreeCrossingAtATrafficLight := ?, + noPassing := ?, + noPassingForTrucks := ?, + speedLimit := ?, + reserved := '000000000000000000'B + } // End of template mw_sspCAMContainer_dummy + + template (present) ServiceSpecificPermissions mw_sspCAM_dummy := { + bitmapSsp := ? + } // End of template mw_sspCAM_dummy + + } // End of group sspCamRecv + + } // End of group sspCam + + group sspDenm { + + group sspDenmSend { + + template (value) SspDENM m_sspDENMContainer_sign_all := { + trafficCondition := '1'B, + accident := '1'B, + roadworks := '1'B, + adverseWeatherCondition_Adhesion := '1'B, + hazardousLocation_SurfaceCondition := '1'B, + hazardousLocation_ObstacleOnTheRoad := '1'B, + hazardousLocation_AnimalOnTheRoad := '1'B, + humanPresenceOnTheRoad := '1'B, + wrongWayDriving := '1'B, + rescueAndRecoveryWorkInProgress := '1'B, + adverseWeatherCondition_ExtremeWeatherCondition := '1'B, + adverseWeatherCondition_Visibility := '1'B, + adverseWeatherCondition_Precipitation := '1'B, + slowVehicle := '1'B, + dangerousEndOfQueue := '1'B, + vehicleBreakdown := '1'B, + postCrash := '1'B, + humanProblem := '1'B, + stationaryVehicle := '1'B, + emergencyVehicleApproaching := '1'B, + hazardousLocation_DangerousCurve := '1'B, + collisionRisk := '1'B, + signalViolation := '1'B, + dangerousSituation := '1'B, + reserved := '00000000'B + } // End of template m_sspDENMContainer_sign_all + + template (value) SspDENM m_sspDENMContainer_vehicle + modifies m_sspDENMContainer_sign_all:= { + trafficCondition := '0'B, + accident := '0'B, + roadworks := '0'B, + adverseWeatherCondition_Adhesion := '0'B, + hazardousLocation_SurfaceCondition := '0'B, + hazardousLocation_ObstacleOnTheRoad := '0'B, + hazardousLocation_AnimalOnTheRoad := '0'B, + slowVehicle := '0'B, + dangerousEndOfQueue := '0'B, + vehicleBreakdown := '0'B, + stationaryVehicle := '0'B + } // End of template m_sspDENMContainer_sign_all + + template (value) SspDENM m_sspDENMContainer_roadSideUnit + modifies m_sspDENMContainer_sign_all:= { + trafficCondition := '0'B, + accident := '0'B, + roadworks := '0'B, + adverseWeatherCondition_Adhesion := '0'B, + hazardousLocation_SurfaceCondition := '0'B, + hazardousLocation_ObstacleOnTheRoad := '0'B, + hazardousLocation_AnimalOnTheRoad := '0'B, + humanPresenceOnTheRoad := '0'B, + wrongWayDriving := '0'B, + rescueAndRecoveryWorkInProgress := '0'B, + adverseWeatherCondition_ExtremeWeatherCondition := '0'B, + adverseWeatherCondition_Visibility := '0'B, + adverseWeatherCondition_Precipitation := '0'B, + postCrash := '0'B, + humanProblem := '0'B, + stationaryVehicle := '0'B, + hazardousLocation_DangerousCurve := '0'B, + collisionRisk := '0'B, + dangerousSituation := '0'B + } // End of template m_sspDENMContainer_roadSideUnit + + template (value) ServiceSpecificPermissions m_sspDENM( + in template (value) BitmapSsp p_bitmapSsp + ) := { + bitmapSsp := p_bitmapSsp + } // End of template m_sspDENM + + } // End of group sspDenmSend + + group sspDenmRecv { + + template (present) SspDENM mw_sspDENMContainer_dummy := { + trafficCondition := ?, + accident := ?, + roadworks := ?, + adverseWeatherCondition_Adhesion := ?, + hazardousLocation_SurfaceCondition := ?, + hazardousLocation_ObstacleOnTheRoad := ?, + hazardousLocation_AnimalOnTheRoad := ?, + humanPresenceOnTheRoad := ?, + wrongWayDriving := ?, + rescueAndRecoveryWorkInProgress := ?, + adverseWeatherCondition_ExtremeWeatherCondition := ?, + adverseWeatherCondition_Visibility := ?, + adverseWeatherCondition_Precipitation := ?, + slowVehicle := ?, + dangerousEndOfQueue := ?, + vehicleBreakdown := ?, + postCrash := ?, + humanProblem := ?, + stationaryVehicle := ?, + emergencyVehicleApproaching := ?, + hazardousLocation_DangerousCurve := ?, + collisionRisk := ?, + signalViolation := ?, + dangerousSituation := ?, + reserved := '00000000'B + } // End of template mw_sspDENMContainer_dummy + + template (present) SspDENM mw_sspDENMContainer_vehicle + modifies mw_sspDENMContainer_dummy := { + trafficCondition := '0'B, + accident := '0'B, + roadworks := '0'B, + adverseWeatherCondition_Adhesion := '0'B, + hazardousLocation_SurfaceCondition := '0'B, + hazardousLocation_ObstacleOnTheRoad := '0'B, + hazardousLocation_AnimalOnTheRoad := '0'B, + slowVehicle := '0'B, + dangerousEndOfQueue := '0'B, + vehicleBreakdown := '0'B, + stationaryVehicle := '0'B + } // End of template mw_sspDENMContainer_vehicle + + template (present) SspDENM mw_sspDENMContainer_roadSideUnit + modifies mw_sspDENMContainer_dummy := { + trafficCondition := '0'B, + accident := '0'B, + roadworks := '0'B, + adverseWeatherCondition_Adhesion := '0'B, + hazardousLocation_SurfaceCondition := '0'B, + hazardousLocation_ObstacleOnTheRoad := '0'B, + hazardousLocation_AnimalOnTheRoad := '0'B, + humanPresenceOnTheRoad := '0'B, + wrongWayDriving := '0'B, + rescueAndRecoveryWorkInProgress := '0'B, + adverseWeatherCondition_ExtremeWeatherCondition := '0'B, + adverseWeatherCondition_Visibility := '0'B, + adverseWeatherCondition_Precipitation := '0'B, + postCrash := '0'B, + humanProblem := '0'B, + stationaryVehicle := '0'B, + hazardousLocation_DangerousCurve := '0'B, + collisionRisk := '0'B, + dangerousSituation := '0'B + } // End of template m_sspDENMContainer_roadSideUnit + + } // End of group sspDenmRecv + + } // End of group sspDenm + + } // End of group ssp + + group utPrimitives { + + template (value) UtGnInitialize m_secGnInitialize( + in Oct8 p_hashedId8 + ) := { + hashedId8 := p_hashedId8 + } // End of template m_secGnInitialize + + } // End of group utPrimitives + +} // End of module LibItsSecurity_Templates diff --git a/lib/LibItsSecurity_TypesAndValues.ttcn b/lib/LibItsSecurity_TypesAndValues.ttcn new file mode 100644 index 0000000000000000000000000000000000000000..1fcaad2f22e045d11efc33971f294d3598d1057a --- /dev/null +++ b/lib/LibItsSecurity_TypesAndValues.ttcn @@ -0,0 +1,314 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 + * @version $Url: https://oldforge.etsi.org/svn/LibIts/tags/20170222_STF527_Final/ttcn/Security/LibItsSecurity_TypesAndValues.ttcn3 $ + * $Id: LibItsSecurity_TypesAndValues.ttcn3 1318 2017-01-26 10:20:53Z filatov $ + * @desc Module containing types and values for Security Protocol + * @see Draft ETSI TS 103 097 V1.1.14 + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + */ +module LibItsSecurity_TypesAndValues { + + // LibCommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_DataStrings all; + + // LibItsCommon + import from LibItsCommon_Pixits all; + + // LibIts + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + /** + * @desc Sequence of HashedId8 + */ + type record of HashedId8 HashedId8s; + // Test Adapter certificates & private keys - Valid behavior + const charstring cc_taCert_A := PX_CERT_FOR_TS; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_A_AA := "CERT_TS_A_AA"; + const charstring cc_taCert_A_EA := "CERT_TS_A_EA"; + const charstring cc_taCert_A1 := "CERT_TS_A_A1_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_A2 := "CERT_TS_A_A2_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_A3 := "CERT_TS_A_A3_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_B := "CERT_TS_B_AT"; /** Default certificate, with circular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_B1 := "CERT_TS_B_1_AT"; + const charstring cc_taCert_B_AA := "CERT_TS_B_1_AA"; + const charstring cc_taCert_A_B := "CERT_TS_A_B_AT"; + const charstring cc_taCert_A_B3 := "CERT_TS_A_B3_AT"; + const charstring cc_taCert_C := "CERT_TS_C_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_C1 := "CERT_TS_C1_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_CA1 := "CERT_TS_CA1_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_D := "CERT_TS_D_AT"; /** Certificate with a polygonal region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_E := "CERT_TS_E_AT"; /** Certificate with a region identifier, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_F := "CERT_TS_F_AT"; /** Certificate that can be used as an unknown certificate for IUT. */ + const charstring cc_taCert_F3 := "CERT_TS_F3_AT"; /** Certificate that can be used as an unknown certificate for IUT with BrainpoolP384 curve. */ + const charstring cc_taCert_G := "CERT_TS_G_AT"; /** to be defined */ + const charstring cc_taCert_EC := "CERT_TS_A_EC"; /** Certificate with a subject type indicating 'enrolment_credentials', to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_AA := "CERT_TS_A_AA"; /** Certificate with a subject type indicating 'authorisation_authority', to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_EA := "CERT_TS_A_EA"; /** Certificate with a subject type indicating 'enrolment_authority', to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_CA := "CERT_TS_A_CA"; /** Certificate with a subject type indicating 'root_ca', to be used when secured messages are sent from TA to IUT */ + // Test Adapter certificates & private keys - Inoportune behavior + const charstring cc_taCert_B_BO := "CERT_TS_B_BO_AT"; /** Certificate with a circular region, the IUT position is outside of the region */ + const charstring cc_taCert_C_BO := "CERT_TS_C_BO_AT"; /** Certificate with a rectangular region, the IUT position is outside of the region */ + const charstring cc_taCert_D_BO := "CERT_TS_D_BO_AT"; /** Certificate with a polygonal region, the IUT position is outside of the region */ + const charstring cc_taCert_E_BO := "CERT_TS_E_BO_AT"; /** Certificate with a region identifier, the IUT position is outside of the region */ + const charstring cc_taCert0101_BO := "CERT_TS_01_01_BO_AT"; /** Check that IUT discards the AT certificate with version 3 */ + const charstring cc_taCert0102_BO := "CERT_TS_01_02_BO_AT"; /** Check that IUT discards the AT certificate with version 1 */ + const charstring cc_taCert0103_BO := "CERT_TS_01_03_BO_AT"; /** Check that IUT discards the AA certificate with version 3 */ + const charstring cc_taCert0104_BO := "CERT_TS_01_04_BO_AT"; /** Check that IUT discards the AA certificate with version 1 */ + const charstring cc_taCert0201_BO := "CERT_TS_02_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_credential' */ + const charstring cc_taCert0202_BO := "CERT_TS_02_02_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_credential' */ + const charstring cc_taCert0203_BO := "CERT_TS_02_03_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_authority' */ + const charstring cc_taCert0204_BO := "CERT_TS_02_04_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_authority' */ + const charstring cc_taCert0301_BO := "CERT_TS_03_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'authorization_ticket' */ + const charstring cc_taCert0302_BO := "CERT_TS_03_02_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'authorization_ticket' */ + const charstring cc_taCert0601_BO := "CERT_TS_06_01_BO_AT"; /** Check that IUT discards a SecuredMessage containing generation_time before the message signing certificate validity period */ + const charstring cc_taCert0602_BO := "CERT_TS_06_02_BO_AT"; /** Check that IUT discards a SecuredMessage containing generation_time after the message signing certificate validity period */ + const charstring cc_taCert0401_BO := "CERT_TS_04_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the AA certificate contains the subject type 'authorization_authority' */ + const charstring cc_taCertMsg1301_BO := "CERT_TS_MSG_13_01_BO_AT"; /** Check that IUT discards secured CAM signed with the not yet valid certificate */ + const charstring cc_taCertMsg1302_BO := "CERT_TS_MSG_13_02_BO_AT"; /** Check that IUT discards secured CAM signed with the expired certificate */ + const charstring cc_taCertMsg1303_BO := "CERT_TS_MSG_13_03_BO_AT"; /** Check that IUT discards secured CAM when IUT location is outside the circular validity restriction of the signing certificatee */ + const charstring cc_taCertMsg1304_BO := "CERT_TS_MSG_13_04_BO_AT"; /** Check that IUT discards secured CAM when IUT location is outside the rectangular validity restriction of the signing certificate */ + const charstring cc_taCertMsg1305_BO := "CERT_TS_MSG_13_05_BO_AT"; /** Check that IUT discards secured CAM when IUT location is outside the polygonal validity restriction of the signing certificate */ + const charstring cc_taCertMsg1306_BO := "CERT_TS_MSG_13_06_BO_AT"; /** Check that IUT discards secured CAM when IUT location is outside the identified validity restriction of the signing certificate */ + const charstring cc_taCert0601_BV := "CERT_TS_06_01_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the same circular region validity restriction as its issuing certificate */ + const charstring cc_taCert0602_BV := "CERT_TS_06_02_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0603_BV := "CERT_TS_06_03_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0604_BV := "CERT_TS_06_04_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0605_BV := "CERT_TS_06_05_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate */ + const charstring cc_taCert0606_BO := "CERT_TS_06_06_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the circular region validity restriction */ + const charstring cc_taCert0607_BO := "CERT_TS_06_07_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is outside of the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0608_BO := "CERT_TS_06_08_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is not fully covered by the the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0701_BV := "CERT_TS_07_01_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the same rectangular region validity restriction as its issuing certificate */ + const charstring cc_taCert0702_BV := "CERT_TS_07_02_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0703_BV := "CERT_TS_07_03_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the validity restriction with rectangular region which is fully inside in the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0704_BV := "CERT_TS_07_04_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0705_BV := "CERT_TS_07_05_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate */ + const charstring cc_taCert0706_BO := "CERT_TS_07_06_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the rectangular region validity restriction */ + const charstring cc_taCert0707_BO := "CERT_TS_07_07_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is outside of the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0708_BO := "CERT_TS_07_08_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is not fully covered by the the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0801_BV := "CERT_TS_08_01_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the same polygonal region validity restriction as its issuing certificate */ + const charstring cc_taCert0802_BV := "CERT_TS_08_02_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0803_BV := "CERT_TS_08_03_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0804_BV := "CERT_TS_08_04_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0805_BV := "CERT_TS_08_05_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate */ + const charstring cc_taCert0806_BO := "CERT_TS_08_06_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the polygonal region validity restriction */ + const charstring cc_taCert0807_BO := "CERT_TS_08_07_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is outside of the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0808_BO := "CERT_TS_08_08_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is outside of the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0809_BO := "CERT_TS_08_09_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is not fully covered by the the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0901_BV := "CERT_TS_09_01_BV_AT"; /** Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and without local area definition */ + const charstring cc_taCert0902_BV := "CERT_TS_09_02_BV_AT"; /** Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and with local area definition */ + const charstring cc_taCert0903_BV := "CERT_TS_09_03_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0904_BV := "CERT_TS_09_04_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0905_BV := "CERT_TS_09_05_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0906_BV := "CERT_TS_09_06_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of the message contains the identified region validity restriction with the identified region which is fully covered by the identified region of the validity restriction of its issuing certificate */ + const charstring cc_taCert0907_BO := "CERT_TS_09_07_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the identified region validity restriction */ + const charstring cc_taCert0908_BO := "CERT_TS_09_08_BO_AT"; /** Check that the IUT discards a message when the signing certificate and its issuing certificate are both containing the identified region validity restrictions with the same region id but different local regions */ + const charstring cc_taCert0909_BO := "CERT_TS_09_09_BO_AT"; /** Check that the IUT discards a message when the identified region of the validity restriction of its signing certificate is different and not fully covered by the one in the issuing certificate */ + const charstring cc_taCert0910_BO := "CERT_TS_09_10_BO_AT"; /** Check that the IUT discards a message when the identified region validity restriction of its signing certificate contains unknown area code */ + const charstring cc_taCert0911_BO := "CERT_TS_09_11_BO_AT"; /** Check that the IUT discards a message when the identified region validity restriction of its signing certificate contains invalid area code */ + const charstring cc_taCert1001_BO := "CERT_TS_10_01_BO_AT"; /** Check that the IUT discards a message when its signing certificate does not contain the time validity restriction */ + const charstring cc_taCert1002_BO := "CERT_TS_10_02_BO_AT"; /** Check that the IUT discards a message when the issuing certificate of the message signing certificate does not contain the time validity restriction */ + const charstring cc_taCert1003_BO := "CERT_TS_10_03_BO_AT"; /** Check that the IUT discards a message when its signing certificate contains 'time_end' validity restriction */ + const charstring cc_taCert1004_BO := "CERT_TS_10_03_BO_AT"; /** Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction */ + const charstring cc_taCert1005_BO := "CERT_TS_10_03_BO_AT"; /** Check that the IUT discards a message when the issuing certificate of the message signing certificate contains 'time_end' validity restriction */ + const charstring cc_taCert1006_BO := "CERT_TS_10_03_BO_AT"; /** Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction */ + const charstring cc_taCert1101_BO := "CERT_TS_11_01_BO_AT"; /** Check that the IUT discards a message when the validity period of the signing certificate ends after the validity period of its issuing certificate */ + const charstring cc_taCert1102_BO := "CERT_TS_11_02_BO_AT"; /** Check that the IUT discards a message when the validity period of its signing certificate starts before the validity period of the issuing certificate */ + const charstring cc_taCert1103_BO := "CERT_TS_11_03_BO_AT"; /** Check that the IUT discards a message when the issuing certificate of signing certificate is expired but the signing certificate is not expired yet */ + const charstring cc_taCert1104_BO := "CERT_TS_11_04_BO_AT"; /** Check that the IUT discards a message when the validity period of the signing certificate is after the validity period of its issuing certificate */ + const charstring cc_taCert1201_BO := "CERT_TS_12_01_BO_AT"; /** Check that the IUT discards a message when its signing certificate does not contain the SSP-AID subject attribute */ + const charstring cc_taCert1202_BO := "CERT_TS_12_02_BO_AT"; /** Check that the IUT discards a Secured CAM when its signing certificate does not contain a record with AID_CAM in the its_aid_ssp_list subject attribute */ + const charstring cc_taCert1203_BO := "CERT_TS_12_03_BO_AT"; /** Check that the IUT discards a Secured DENM when its signing certificate does not contain a record with AID_DENM in the its_aid_ssp_list subject attribute */ + const charstring cc_taCert1204_BO := "CERT_TS_12_04_BO_AT"; /** Check that the IUT discards a Secured CAM when its signing certificate contains two records with AID_CAM in the its_aid_ssp_list subject attribute */ + const charstring cc_taCert1301_BO := "CERT_TS_13_01_BO_AT"; /** Check that the IUT discards a message when the signing AT certificate contains a CAM AID-SSP record whereas the issuing AA certificate does not contain the record with AID_CAM */ + const charstring cc_taCert1302_BO := "CERT_TS_13_02_BO_AT"; /** Check that the IUT discards a message when the signing AT certificate contains a DENM AID-SSP record whereas the issuing AA certificate does not contain the AID record with AID_DENM */ + const charstring cc_taCert1303_BO := "CERT_TS_13_03_BO_AT"; /** Check that IUT discards a SecuredMessage if the AA certificate does not contain a subject_attribute of type its_aid_list */ + const charstring cc_taCert1401_BO := "CERT_TS_14_01_BO_AT"; /** Check that IUT discards the AT certificate with signer info of type 'certificate' */ + const charstring cc_taCert1402_BO := "CERT_TS_14_02_BO_AT"; /** Check that IUT discards the AT certificate with signer info of type 'certificate_chain' */ + const charstring cc_taCert1403_BO := "CERT_TS_14_03_BO_AT"; /** Check that IUT discards the AT certificate with signer info of type 'certificate_digest_with_other_algorithm' */ + const charstring cc_taCert1501_BO := "CERT_TS_15_01_BO_AT"; /** Check that IUT discards the AA certificate with signer info of type 'certificate' */ + const charstring cc_taCert1502_BO := "CERT_TS_15_02_BO_AT"; /** Check that IUT discards the AA certificate with signer info of type 'certificate_chain' */ + const charstring cc_taCert1503_BO := "CERT_TS_15_03_BO_AT"; /** Check that IUT discards the AA certificate with signer info of type 'certificate_digest_with_other_algorithm' */ + const charstring cc_taCert1601_BO := "CERT_TS_16_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject_name of the AT certificate is not an empty name field */ + const charstring cc_taCert1701_BO := "CERT_TS_17_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject attribute of type assurance_level is missing in the AT certificate */ + const charstring cc_taCert1702_BO := "CERT_TS_17_02_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject attribute of type assurance_level is missing in the AA certificate */ + const charstring cc_taCert1703_BO := "CERT_TS_17_03_BO_AT"; /** Check that IUT discards a SecuredMessage if the assurance level of issuing certificate is less then assurance level of subordinate certificate */ + const charstring cc_taCert1704_BO := "CERT_TS_17_04_BO_AT"; /** Check that IUT discards a SecuredMessage if the assurance level of issuing certificate is equal to the assurance level of the subordinate certificate but the confidence of subject assurance of issuing certificate is less then the confidence of the subordinate certificate */ + const charstring cc_taCert1801_BO := "CERT_TS_18_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject attribute of type verification_key is missing in the AT certificate */ + const charstring cc_taCert1802_BO := "CERT_TS_18_02_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject attribute of type verification_key is missing in the AA certificate */ + const charstring cc_taCert1901_BO := "CERT_TS_19_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the reserved region type has been used in region validity restriction of the AT certificate */ + + // IUT certificates & private keys + const charstring cc_iutCert_C1 := "CERT_IUT_C1_AT"; + const charstring cc_iutCert_CA1 := "CERT_IUT_CA1_AT"; + const charstring cc_iutCert_CA2 := "CERT_IUT_CA2_AT"; + const charstring cc_iutCert_C3 := "CERT_IUT_C3_AA"; + const charstring cc_iutCert_CA3 := "CERT_IUT_CA3_AT"; + const charstring cc_iutCert_CA_AA := "CERT_IUT_CA_AA"; + const charstring cc_iutCert_CC_AA := "CERT_IUT_CC_AA"; + const charstring cc_iutCert_A := "CERT_IUT_A_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_A1 := "CERT_IUT_A1_AT"; + const charstring cc_iutCert_A2 := "CERT_IUT_A2_AT"; + const charstring cc_iutCert_A3 := "CERT_IUT_A3_AT"; + const charstring cc_iutCert_A4 := "CERT_IUT_A4_AT"; + const charstring cc_iutCert_A_AA := "CERT_IUT_A_AA"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT - NistP256*/ + const charstring cc_iutCert_A_N := "CERT_IUT_A_N_AT"; + const charstring cc_iutCert_A_B_N := "CERT_IUT_A_B_N_AT"; + const charstring cc_iutCert_A_B := "CERT_IUT_A_B_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT - BrainpoolP256r1*/ + const charstring cc_iutCert_A_B3 := "CERT_IUT_A_B3_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT - BrainpoolP384r1*/ + const charstring cc_iutCert_A_B3_N := "CERT_IUT_A_B3_N_AT"; + const charstring cc_iutCert_B := "CERT_IUT_B_AT"; /** Default certificate, with circular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_C := "CERT_IUT_C_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_D := "CERT_IUT_D_AT"; /** Certificate with a polygonal region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_E := "CERT_IUT_E_AT"; /** Certificate with a region identifier, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_F := "CERT_IUT_F_AT"; /** Certificate with a subject type indicating 'enrolment_credentials', to be used when secured messages are sent from TA to IUT */ + + /** + * @desc Specification of basic format elements + * @see Draft ETSI TS 103 097 V1.1.14 Clause 4.2 + */ + group basicFormatElements { + + /** + * @desc Service specific permissions definition for CAM + * @see ETSI EN 302 637-2 V1.3.2 (2014-11) Clause 6.2.2.2 Service Specific Permissions (SSP) + */ + type record SspCAM { + Bit1 cenDsrcTollingZone, + Bit1 publicTransport, + Bit1 specialTransport, + Bit1 dangerousGoods, + Bit1 roadwork, + Bit1 rescue, + Bit1 emergency, + Bit1 safetyCar, + Bit1 closedLanes, + Bit1 requestForRightOfWay, + Bit1 requestForFreeCrossingAtATrafficLight, + Bit1 noPassing, + Bit1 noPassingForTrucks, + Bit1 speedLimit, + Bit18 reserved + } // End of type SspCAM + + /** + * @desc Service specific permissions definition for DENM + * @member trafficCondition + * @member accident + * @member roadworks + * @member adverseWeatherCondition_Adhesion + * @member hazardousLocation_SurfaceCondition + * @member hazardousLocation_ObstacleOnTheRoad + * @member hazardousLocation_AnimalOnTheRoad + * @member humanPresenceOnTheRoad + * @member wrongWayDriving + * @member rescueAndRecoveryWorkInProgress + * @member adverseWeatherCondition_ExtremeWeatherCondition + * @member adverseWeatherCondition_Visibility + * @member adverseWeatherCondition_Precipitation + * @member slowVehicle + * @member dangerousEndOfQueue + * @member vehicleBreakdown + * @member postCrash + * @member humanProblem + * @member stationaryVehicle + * @member emergencyVehicleApproaching + * @member hazardousLocation_DangerousCurve + * @member collisionRisk + * @member signalViolation + * @member dangerousSituation + * @member reserved Reserved for Future Usage + * @see Draft ETSI EN 302 637-3 V1.2.10 Clause 6.2.2.2 Service Specific Permissions (SSP) + */ + type record SspDENM { + Bit1 trafficCondition, + Bit1 accident, + Bit1 roadworks, + Bit1 adverseWeatherCondition_Adhesion, + Bit1 hazardousLocation_SurfaceCondition, + Bit1 hazardousLocation_ObstacleOnTheRoad, + Bit1 hazardousLocation_AnimalOnTheRoad, + Bit1 humanPresenceOnTheRoad, + Bit1 wrongWayDriving, + Bit1 rescueAndRecoveryWorkInProgress, + Bit1 adverseWeatherCondition_ExtremeWeatherCondition, + Bit1 adverseWeatherCondition_Visibility, + Bit1 adverseWeatherCondition_Precipitation, + Bit1 slowVehicle, + Bit1 dangerousEndOfQueue, + Bit1 vehicleBreakdown, + Bit1 postCrash, + Bit1 humanProblem, + Bit1 stationaryVehicle, + Bit1 emergencyVehicleApproaching, + Bit1 hazardousLocation_DangerousCurve, + Bit1 collisionRisk, + Bit1 signalViolation, + Bit1 dangerousSituation, + Bit8 reserved + } // End of type SspDENM + + } // End of group certificateSpecification + + /** + * @desc Send/receive templates for profiles for certificates + * @see Draft ETSI TS 103 097 V1.1.14 Clause 7.4 Profiles for certificate + */ + group profileCertificates { + + type record CertificatesCachingItem { + HashedId8 hashedId8, + EtsiTs103097Certificate certificate + } + type record of CertificatesCachingItem CertificatesCaching; + + } // End of group profileCertificates + + type enumerated SignAlgorithm { + e_nistp_256, + e_brainpool_256, + e_brainpool_384 + } + + group taConfiguration { + + /** + * @desc Describes the Test Adapter security configuration + * @member signingPrivateKey Signing private keys generated by the PKI Infrastructire tool (CertChainGenerator\src\org\etsi\stf440\pki\MainApp.java) + * @member encryptPrivateKey Encryption private keys generated by the PKI Infrastructire tool (CertChainGenerator\src\org\etsi\stf440\pki\MainApp.java) + * @member caCertificate Certificates Authorization certificate generated by the PKI Infrastructire tool + * @member aaCertificate Enrolment Credential certificate generated by the PKI Infrastructire tool + * @member atCertificate Authorization Tickate certificate generated by the PKI Infrastructire tool + * @member location 3D location associated to each configuration + */ + /*type record TaConfig { + Oct32 signingPrivateKey, + Oct32 encryptPrivateKey, + EtsiTs103097Certificate caCertificate, + EtsiTs103097Certificate aaCertificate, + EtsiTs103097Certificate atCertificate, + ThreeDLocation location + }*/ // End of type TaConfig + + /** + * @desc Describes the Test Adapter security configurations + */ + //type set of TaConfig TaConfigs; + + } // End of group taConfiguration + + group utPrimitives { + + } + with { + encode "UpperTester" + } // End of group utPrimitives + +} with { + encode "LibItsSecurity" +} // End of module LibItsSecurity_TypesAndValues diff --git a/lib/asn1 b/lib/asn1 new file mode 160000 index 0000000000000000000000000000000000000000..c4d138571dcbca3e83970256b4780b566fcb4580 --- /dev/null +++ b/lib/asn1 @@ -0,0 +1 @@ +Subproject commit c4d138571dcbca3e83970256b4780b566fcb4580 diff --git a/lib/module.mk b/lib/module.mk new file mode 100644 index 0000000000000000000000000000000000000000..ba37aff7dfd0b02061f1194a4b7e3bf9de0fc064 --- /dev/null +++ b/lib/module.mk @@ -0,0 +1,11 @@ +sources := \ + LibItsSecurity_EncdecDeclarations.ttcn \ + LibItsSecurity_Pics.ttcn \ + LibItsSecurity_Pixits.ttcn \ + LibItsSecurity_Templates.ttcn \ + LibItsSecurity_TypesAndValues.ttcn \ + asn1/EtsiTs103097ExtensionModule.asn \ + asn1/EtsiTs103097Module.asn \ + asn1/ieee1609dot2/Ieee1609Dot2.asn \ + asn1/ieee1609dot2/Ieee1609Dot2BaseTypes.asn \ + diff --git a/lib_system/LibItsSecurity_Functions.ttcn b/lib_system/LibItsSecurity_Functions.ttcn new file mode 100644 index 0000000000000000000000000000000000000000..239c0b88e96705094c4de5e4cd3742856ed3c55c --- /dev/null +++ b/lib_system/LibItsSecurity_Functions.ttcn @@ -0,0 +1,3557 @@ +/** + * @Author ETSI / STF481 / STF507 / STF517 / STF538 / STF545 + * @version $Url$ + * $Id$ + * @desc Module containing functions for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module LibItsSecurity_Functions { + + // Libcommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_DataStrings all; + + // LibIts + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + // LibItsCommon + import from LibItsCommon_Functions all; + //import from LibItsCommon_TypesAndValues all; + import from LibItsCommon_Pixits all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + import from LibItsSecurity_Templates all; + import from LibItsSecurity_Pixits all; + import from LibItsSecurity_Pics all; + import from LibItsSecurity_TestSystem all; + + group helpersFunctions { + + /** + * @desc Produces a 256-bit (32-byte) hash value + * @param p_toBeHashedData Data to be used to calculate the hash value + * @return The hash value + */ + function f_hashWithSha256( + in octetstring p_toBeHashedData + ) return Oct32 { + return fx_hashWithSha256(p_toBeHashedData); + } // End of function f_hashWithSha256 + + /** + * @desc Produces a 384-bit (48-byte) hash value + * @param p_toBeHashedData Data to be used to calculate the hash value + * @return The hash value + */ + function f_hashWithSha384( + in octetstring p_toBeHashedData + ) return Oct48 { + return fx_hashWithSha384(p_toBeHashedData); + } // End of function f_hashWithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 + * @param p_toBeSignedSecuredMessage The data to be signed + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_privateKey The private key for signature + * @return The signature value + */ + function f_signWithEcdsaNistp256WithSha256( + in octetstring p_toBeSignedSecuredMessage, + in Oct32 p_certificateIssuer, + in Oct32 p_privateKey + ) return octetstring { + log(">>> f_signWithEcdsaNistp256WithSha256: p_toBeSignedSecuredMessage= ", p_toBeSignedSecuredMessage); + log(">>> f_signWithEcdsaNistp256WithSha256: p_certificateIssuer= ", p_certificateIssuer); + log(">>> f_signWithEcdsaNistp256WithSha256: p_privateKey= ", p_privateKey); + + return fx_signWithEcdsaNistp256WithSha256( + p_toBeSignedSecuredMessage, + p_certificateIssuer, + p_privateKey + ); + + } // End of function f_signWithEcdsaNistp256WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 + * @param p_toBeSignedSecuredMessage The data to be signed + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_privateKey The private key for signature + * @return The signature value + */ + function f_signWithEcdsaBrainpoolp256r1WithSha256( + in octetstring p_toBeSignedSecuredMessage, + in Oct32 p_certificateIssuer, + in Oct32 p_privateKey + ) return octetstring { + return fx_signWithEcdsaBrainpoolp256r1WithSha256( + p_toBeSignedSecuredMessage, + p_certificateIssuer, + p_privateKey + ); + + } // End of function f_signWithEcdsaBrainpoolp256r1WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 + * @param p_toBeSignedSecuredMessage The data to be signed + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_privateKey The private key for signature + * @return The signature value + */ + function f_signWithEcdsaBrainpoolp384r1WithSha384( + in octetstring p_toBeSignedSecuredMessage, + in Oct48 p_certificateIssuer, + in Oct48 p_privateKey + ) return octetstring { + log(">>> f_signWithEcdsaBrainpoolp384r1WithSha384: ", p_toBeSignedSecuredMessage); + log(">>> f_signWithEcdsaBrainpoolp384r1WithSha384: ", p_certificateIssuer); + log(">>> f_signWithEcdsaBrainpoolp384r1WithSha384: ", p_privateKey); + return fx_signWithEcdsaBrainpoolp384r1WithSha384( + p_toBeSignedSecuredMessage, + p_certificateIssuer, + p_privateKey + ); + + } // End of function f_signWithEcdsaBrainpoolp384r1WithSha384 + + function f_decrypt( + in octetstring p_encryptPrivateKey, + in EtsiTs103097Data p_encrypedSecuredMessage, + in octetstring p_salt, + out EtsiTs103097Data p_decrypedSecuredMessage, + out octetstring p_aes_sym_enc_key + ) return boolean { + if (ischosen(p_encrypedSecuredMessage.content.encryptedData)) { + var PKRecipientInfo v_pKRecipientInfo; + var RecipientInfo v_recipientInfo := p_encrypedSecuredMessage.content.encryptedData.recipients[0]; + var octetstring v_decryptedSecuredMessage; + + log(">>> f_decrypt: p_encryptPrivateKey=", p_encryptPrivateKey); + log(">>> f_decrypt: p_encrypedSecuredMessage=", p_encrypedSecuredMessage); + log(">>> f_decrypt: p_salt=", p_salt); + + // Check the private encryption key + if (not(isbound(p_encryptPrivateKey))) { + log("*** " & testcasename() & ":ERROR: Failed to load encryption private key ***"); + return false; + } + + if (ischosen(v_recipientInfo.certRecipInfo)) { + v_pKRecipientInfo := p_encrypedSecuredMessage.content.encryptedData.recipients[0].certRecipInfo; + // Read the certificate based on the recipientId + } else if (ischosen(v_recipientInfo.signedDataRecipInfo)) { + v_pKRecipientInfo := p_encrypedSecuredMessage.content.encryptedData.recipients[0].signedDataRecipInfo; + // Read the certificate based on the recipientId + } else { + log("*** " & testcasename() & ":ERROR: Unsupported RecipientInfo variant ***"); + return false; + } + + log("f_decrypt: v_pKRecipientInfo=", v_pKRecipientInfo); + if (isbound(v_pKRecipientInfo)) { + if (ischosen(v_pKRecipientInfo.encKey.eciesNistP256)) { + var SymmetricCiphertext v_ciphertext := p_encrypedSecuredMessage.content.encryptedData.ciphertext; + + log("f_decrypt: v_ciphertext=", v_ciphertext); + if (ischosen(v_pKRecipientInfo.encKey.eciesNistP256.v.compressed_y_0)) { + v_decryptedSecuredMessage := f_decryptWithEciesNistp256WithSha256( + v_ciphertext.aes128ccm.ccmCiphertext, + p_encryptPrivateKey, + v_pKRecipientInfo.encKey.eciesNistP256.v.compressed_y_0, + 0, + v_pKRecipientInfo.encKey.eciesNistP256.c, + v_pKRecipientInfo.encKey.eciesNistP256.t, + v_ciphertext.aes128ccm.nonce, + p_salt, + p_aes_sym_enc_key + ); + } else if (ischosen(v_pKRecipientInfo.encKey.eciesNistP256.v.compressed_y_1)) { + v_decryptedSecuredMessage := f_decryptWithEciesNistp256WithSha256( + v_ciphertext.aes128ccm.ccmCiphertext, + p_encryptPrivateKey, + v_pKRecipientInfo.encKey.eciesNistP256.v.compressed_y_1, + 1, + v_pKRecipientInfo.encKey.eciesNistP256.c, + v_pKRecipientInfo.encKey.eciesNistP256.t, + v_ciphertext.aes128ccm.nonce, + p_salt, + p_aes_sym_enc_key + ); + } else { + log("*** " & testcasename() & ":ERROR: Non canonical ephemeral encryption keys ***"); + return false; + } + if (isbound(v_decryptedSecuredMessage)) { + var bitstring v_decode := oct2bit(v_decryptedSecuredMessage); + if (decvalue(v_decode, p_decrypedSecuredMessage) == 0) { + return true; + } else { + log("*** " & testcasename() & ":ERROR: Faild to decode secured message ***"); + } + } + } else if (ischosen(v_pKRecipientInfo.encKey.eciesBrainpoolP256r1)) { + var SymmetricCiphertext v_ciphertext := p_encrypedSecuredMessage.content.encryptedData.ciphertext; + if (ischosen(v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.v.compressed_y_0)) { + v_decryptedSecuredMessage := f_decryptWithEciesBrainpoolp256r1WithSha256( + v_ciphertext.aes128ccm.ccmCiphertext, + p_encryptPrivateKey, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.v.compressed_y_0, + 0, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.c, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.t, + v_ciphertext.aes128ccm.nonce, + p_salt, p_aes_sym_enc_key + ); + } else if (ischosen(v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.v.compressed_y_1)) { + v_decryptedSecuredMessage := f_decryptWithEciesBrainpoolp256r1WithSha256( + v_ciphertext.aes128ccm.ccmCiphertext, + p_encryptPrivateKey, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.v.compressed_y_1, + 1, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.c, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.t, + v_ciphertext.aes128ccm.nonce, + p_salt, + p_aes_sym_enc_key + ); + } else { + log("*** " & testcasename() & ":ERROR: Non canonical ephemeral encryption keys ***"); + return false; + } + } else { + log("*** " & testcasename() & ":ERROR: Non canonical ephemeral encryption keys ***"); + return false; + } + // TODO else, other variants shall be processed here if + } else { + log("*** " & testcasename() & ":ERROR: Invalid recipient info ***"); + return false; + } + if (isbound(v_decryptedSecuredMessage)) { + var bitstring v_decode := oct2bit(v_decryptedSecuredMessage); + if (decvalue(v_decode, p_decrypedSecuredMessage) == 0) { + return true; + } else { + log("*** " & testcasename() & ":ERROR: Faild to decode secured message ***"); + } + } + } else { + log("*** " & testcasename() & ":ERROR: Message not encrypted ***"); + } + + return false; + } // End of function f_decrypt + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm + * @param p_toBeEncryptedSecuredMessage The data to be encrypted + * @param p_recipientsPublicKeyCompressed The Recipient's compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES + * @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ + * @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf + * @return The encrypted message + */ + function f_encryptWithEciesNistp256WithSha256( + in octetstring p_toBeEncryptedSecuredMessage, + in Oct32 p_recipientsPublicKeyCompressed, + in integer p_compressed_mode, + in octetstring p_salt, + out Oct32 p_publicEphemeralKeyCompressed, + out integer p_ephemeralKeyModeCompressed, + out Oct16 p_aes_sym_key, + out Oct16 p_encrypted_sym_key, + out Oct16 p_authentication_vector, + out Oct12 p_nonce + ) return octetstring { + return fx_encryptWithEciesNistp256WithSha256( + p_toBeEncryptedSecuredMessage, + p_recipientsPublicKeyCompressed, + p_compressed_mode, + p_salt, + p_publicEphemeralKeyCompressed, + p_ephemeralKeyModeCompressed, + p_aes_sym_key, + p_encrypted_sym_key, + p_authentication_vector, + p_nonce + ); + } // End of function f_encryptWithEciesNistp256WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Nist-P256 algorithm + * @param p_encryptedSecuredMessage The data to be decrypted + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The decrypted message + * @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES + * @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ + * @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf + */ + function f_decryptWithEciesNistp256WithSha256( + in octetstring p_encryptedSecuredMessage, + in Oct32 p_privateEncKey, + in Oct32 p_publicEphemeralKeyCompressed, + in integer p_ephemeralKeyModeCompressed, + in Oct16 p_encrypted_sym_key, + in Oct16 p_authentication_vector, + in Oct12 p_nonce, + in Oct32 p_salt, + out Oct16 p_aes_sym_enc_key + ) return octetstring { + return fx_decryptWithEciesNistp256WithSha256( + p_encryptedSecuredMessage, + p_privateEncKey, + p_publicEphemeralKeyCompressed, + p_ephemeralKeyModeCompressed, + p_encrypted_sym_key, + p_authentication_vector, + p_nonce, + p_salt, + p_aes_sym_enc_key + ); + } // End of function f_decryptWithEcdsaNistp256WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Brainpool-P256 algorithm + * @param p_toBeEncryptedSecuredMessage The data to be encrypted + * @param p_recipientsPublicKeyCompressed The Recipient's compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The encrypted message + * @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES + * @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ + * @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf + */ + function f_encryptWithEciesBrainpoolp256r1WithSha256( + in octetstring p_toBeEncryptedSecuredMessage, + in Oct32 p_recipientsPublicKeyCompressed, + in integer p_compressed_mode, + in octetstring p_salt, + out Oct32 p_publicEphemeralKeyCompressed, + out integer p_ephemeralKeyModeCompressed, + out Oct16 p_aes_sym_key, + out Oct16 p_encrypted_sym_key, + out Oct16 p_authentication_vector, + out Oct12 p_nonce + ) return octetstring { + return fx_encryptWithEciesBrainpoolp256r1WithSha256( + p_toBeEncryptedSecuredMessage, + p_recipientsPublicKeyCompressed, + p_compressed_mode, + p_salt, + p_publicEphemeralKeyCompressed, + p_ephemeralKeyModeCompressed, + p_aes_sym_key, + p_encrypted_sym_key, + p_authentication_vector, + p_nonce + ); + } // End of function f_encryptWithEciesBrainpoolp256r1WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Brainpool-P256 algorithm + * @param p_encryptedSecuredMessage The data to be decrypted + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The decrypted message + * @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES + * @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ + * @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf + */ + function f_decryptWithEciesBrainpoolp256r1WithSha256( + in octetstring p_encryptedSecuredMessage, + in Oct32 p_privateEncKey, + in Oct32 p_publicEphemeralKeyCompressed, + in integer p_ephemeralKeyModeCompressed, + in Oct16 p_encrypted_sym_key, + in Oct16 p_authentication_vector, + in Oct12 p_nonce, + in Oct32 p_salt, + out Oct16 p_aes_sym_enc_key + ) return octetstring { + return fx_decryptWithEciesBrainpoolp256r1WithSha256( + p_encryptedSecuredMessage, + p_privateEncKey, + p_publicEphemeralKeyCompressed, + p_ephemeralKeyModeCompressed, + p_encrypted_sym_key, + p_authentication_vector, + p_nonce, + p_salt, + p_aes_sym_enc_key + ); + } // End of function f_decryptWithEcdsaBrainpoolp256r1WithSha256 + + /** + * @desc Compute the HashedId8 value from the hash value + * @param p_hash The hash value + * @return The HashedId8 value + * @verdict + */ + function f_hashedId8FromSha256( + in Oct32 p_hash + ) return HashedId8 { + return substr(p_hash, lengthof(p_hash) - 8, 8); + } // End of function f_hashedId8FromSha256 + + /** + * @desc Compute the HashedId8 value from the hash value + * @param p_hash The hash value + * @return The HashedId8 value + * @verdict + */ + function f_hashedId8FromSha384( + in Oct48 p_hash + ) return HashedId8 { + return substr(p_hash, lengthof(p_hash) - 8, 8); + } // End of function f_hashedId8FromSha384 + + /** + * @desc Compute the HashedId3 value from the HashedId8 value + * @param p_hashp_hashedId8 The HashedId8 value + * @return The HashedId3 value + * @verdict Unchanged + */ + function f_hashedId3FromHashedId8( + in HashedId8 p_hashedId8 + ) return HashedId3 { + return substr(p_hashedId8, lengthof(p_hashedId8) - 3, 3); + } // End of function f_hashedId3FromHashedId8 + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaNistp256PublicKeyCompressed The compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaNistp256WithSha256( + in octetstring p_toBeVerifiedData, + in Oct32 p_certificateIssuer, + in Oct64 p_signature, + in Oct32 p_ecdsaNistp256PublicKeyCompressed, + in integer p_compressed_mode + ) return boolean { +// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaNistp256WithSha256: signature", p_signature); +// log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyCompressed", p_ecdsaNistp256PublicKeyCompressed); + return fx_verifyWithEcdsaNistp256WithSha256( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaNistp256PublicKeyCompressed, + p_compressed_mode + ); + } // End of function f_verifyWithEcdsaNistp256WithSha256 + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaNistp256PublicKeyX The public key (x coordinate) + * @param p_ecdsaNistp256PublicKeyY The public key (y coordinate) + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaNistp256WithSha256_1( // TODO To be removed + in octetstring p_toBeVerifiedData, + in Oct32 p_certificateIssuer, + in Oct64 p_signature, + in Oct32 p_ecdsaNistp256PublicKeyX, + in Oct32 p_ecdsaNistp256PublicKeyY + ) return boolean { +// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaNistp256WithSha256: signature", p_signature); +// log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyX", p_ecdsaNistp256PublicKeyX); +// log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyY", p_ecdsaNistp256PublicKeyY); + return fx_verifyWithEcdsaNistp256WithSha256_1( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaNistp256PublicKeyX, + p_ecdsaNistp256PublicKeyY); + } // End of function f_verifyWithEcdsaNistp256WithSha256_1 + + /** + * @Desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaBrainpoolp256PublicKeyCompressed The compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaBrainpoolp256r1WithSha256( + in octetstring p_toBeVerifiedData, + in Oct32 p_certificateIssuer, + in Oct64 p_signature, + in Oct32 p_ecdsaBrainpoolp256PublicKeyCompressed, + in integer p_compressed_mode + ) return boolean { + log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: toBeVerifiedData", p_toBeVerifiedData); + log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); + log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: signature", p_signature); + log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: ecdsaBrainpoolp256PublicKeyCompressed", p_ecdsaBrainpoolp256PublicKeyCompressed); + return fx_verifyWithEcdsaBrainpoolp256r1WithSha256( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaBrainpoolp256PublicKeyCompressed, + p_compressed_mode + ); + } // End of function f_verifyWithEcdsaBrainpoolp256r1WithSha256 + + /** + * @Desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaBrainpoolp256PublicKeyX The public key (x coordinate) + * @param p_ecdsaBrainpoolp256PublicKeyY The public key (y coordinate) + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaBrainpoolp256r1WithSha256_1( // TODO To be removed + in octetstring p_toBeVerifiedData, + in Oct32 p_certificateIssuer, + in Oct64 p_signature, + in Oct32 p_ecdsaBrainpoolp256PublicKeyX, + in Oct32 p_ecdsaBrainpoolp256PublicKeyY + ) return boolean { +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: signature", p_signature); +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: ecdsaBrainpoolp256PublicKeyX", p_ecdsaBrainpoolp256PublicKeyX); +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: ecdsaBrainpoolp256PublicKeyY", p_ecdsaBrainpoolp256PublicKeyY); + return fx_verifyWithEcdsaBrainpoolp256r1WithSha256_1( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaBrainpoolp256PublicKeyX, + p_ecdsaBrainpoolp256PublicKeyY); + } // End of function f_verifyWithEcdsaBrainpoolp256r1WithSha256_1 + + /** + * @Desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaBrainpoolp384PublicKeyX The public key (x coordinate) + * @param p_ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaBrainpoolp384r1WithSha384( + in octetstring p_toBeVerifiedData, + in Oct48 p_certificateIssuer, + in Oct96 p_signature, + in Oct48 p_ecdsaBrainpoolp384PublicKeyCompressed, + in integer p_compressed_mode + ) return boolean { +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: signature", p_signature); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: ecdsaBrainpoolp384PublicKeyCompressed", p_ecdsaBrainpoolp384PublicKeyCompressed); + return fx_verifyWithEcdsaBrainpoolp384r1WithSha384( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaBrainpoolp384PublicKeyCompressed, + p_compressed_mode + ); + } // End of function f_verifyWithEcdsaBrainpoolp384r1WithSha384 + + /** + * @Desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaBrainpoolp384PublicKeyX The public key (x coordinate) + * @param p_ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaBrainpoolp384r1WithSha384_1( // TODO To be removed + in octetstring p_toBeVerifiedData, + in Oct48 p_certificateIssuer, + in Oct96 p_signature, + in Oct48 p_ecdsaBrainpoolp384PublicKeyX, + in Oct48 p_ecdsaBrainpoolp384PublicKeyY + ) return boolean { +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: signature", p_signature); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: ecdsaBrainpoolp384PublicKeyX", p_ecdsaBrainpoolp384PublicKeyX); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: ecdsaBrainpoolp384PublicKeyY", p_ecdsaBrainpoolp384PublicKeyY); + return fx_verifyWithEcdsaBrainpoolp384r1WithSha384_1( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaBrainpoolp384PublicKeyX, + p_ecdsaBrainpoolp384PublicKeyY); + } // End of function f_verifyWithEcdsaBrainpoolp384r1WithSha384_1 + + /** + * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. + * This function should not be used by the ATS + * @param p_privateKey The new private key value + * @param p_publicKeyX The new public key value (x coordinate) + * @param p_publicKeyX The new public key value (y coordinate) + * @param p_publicKeyCompressed The compressed public keys + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_generate_key_pair_nistp256( + out Oct32 p_privateKey, + out Oct32 p_publicKeyX, + out Oct32 p_publicKeyY, + out Oct32 p_publicKeyCompressed, + out integer p_compressed_mode + ) return boolean { + log(">>> f_generate_key_pair_nistp256"); + return fx_generateKeyPair_nistp256(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressed_mode); + } + + /** + * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. + * This function should not be used by the ATS + * @param p_privateKey The new private key value + * @param p_publicKeyX The new public key value (x coordinate) + * @param p_publicKeyX The new public key value (y coordinate) + * @param p_publicKeyCompressed The compressed public keys + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_generate_key_pair_brainpoolp256r1( + out Oct32 p_privateKey, + out Oct32 p_publicKeyX, + out Oct32 p_publicKeyY, + out Oct32 p_publicKeyCompressed, + out integer p_compressed_mode + ) return boolean { + log(">>> f_generate_key_pair_brainpoolp256r1"); + return fx_generateKeyPair_brainpoolp256r1(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressed_mode); + } + + /** + * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. + * This function should not be used by the ATS + * @param p_privateKey The new private key value + * @param p_publicKeyX The new public key value (x coordinate) + * @param p_publicKeyX The new public key value (y coordinate) + * @param p_publicKeyCompressed The compressed public keys + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_generate_key_pair_brainpoolp384r1( + out Oct48 p_privateKey, + out Oct48 p_publicKeyX, + out Oct48 p_publicKeyY, + out Oct48 p_publicKeyCompressed, + out integer p_compressed_mode + ) return boolean { + return fx_generateKeyPair_brainpoolp384r1(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressed_mode); + } + + /** + * @desc Calculate digest over the certificate + * @param p_cert The certificate + * @return the HashedId8 value + * @see Draft ETSI TS 103 097 V1.1.14 Clause 4.2.13 HashedId8 + */ + function f_calculateDigestFromCertificate( + in Certificate p_cert + ) return HashedId8 { + var octetstring v_hash; + + if (PICS_SEC_SHA256) { + v_hash := f_calculateDigestSha256FromCertificate(p_cert); + } if (PICS_SEC_SHA384) { + v_hash := f_calculateDigestSha384FromCertificate(p_cert); + } + + return substr(v_hash, lengthof(v_hash) - 8, 8); + } // End of function f_calculateDigestFromCertificate + + /** + * @desc Calculate digest over the certificate + * @param p_cert The certificate + * @return the HashedId8 value + * @see Draft ETSI TS 103 097 V1.1.14 Clause 4.2.13 HashedId8 + */ + function f_calculateDigestSha256FromCertificate( + in EtsiTs103097Certificate p_cert + ) return HashedId8 { + var octetstring v_toBeHashedData; + var octetstring v_hash; + + v_toBeHashedData := bit2oct(encvalue(p_cert)); + v_hash := f_hashWithSha256(v_toBeHashedData); + return substr(v_hash, lengthof(v_hash) - 8, 8); + } // End of function f_calculateDigestSha256FromCertificate + + function f_calculateDigestSha384FromCertificate( + in EtsiTs103097Certificate p_cert + ) return HashedId8 { + var octetstring v_toBeHashedData; + var octetstring v_hash; + + v_toBeHashedData := bit2oct(encvalue(p_cert)); + v_hash := f_hashWithSha384(v_toBeHashedData); + return substr(v_hash, lengthof(v_hash) - 8, 8); + } // End of function f_calculateDigestSha384FromCertificate + + function f_duration2time( + in Duration p_duration + ) return UInt16 { + if (ischosen(p_duration.seconds)) { + return p_duration.seconds; + } else if (ischosen(p_duration.minutes)) { + return p_duration.minutes; + } else if (ischosen(p_duration.hours)) { + return p_duration.hours; + } else if (ischosen(p_duration.sixtyHours)) { + return p_duration.sixtyHours; + } else if (ischosen(p_duration.years)) { + return p_duration.years; + } + + return 0; // Unrechable code + } // End of function f_duration2time + + group hostSignatureHelpers { + + /** + * @desc Initialize [out] certificates according to the specified certificate name + * @param p_certificateName The certificate name to be used + * @param p_aaCertificate The AA certificate [out] + * @param p_atCertificate The AT certificate [out] + * @return true on succes, false otherwise + * @see Draft ETSI TS 103 097 V1.1.14 Clause 4.2.13 HashedId8 + */ + function f_prepareCertificates( + in template (omit) charstring p_certificateName, + out EtsiTs103097Certificate p_aaCertificate, + out EtsiTs103097Certificate p_atCertificate + ) runs on ItsSecurityBaseComponent return boolean { + //log(">>> f_prepareCertificates: ", p_certificateName); + + // Load certificates if required + if ((lengthof(p_certificateName) > 0) and (valueof(p_certificateName) != cc_taCert_A)) { + var HashedId8 v_digest; + var charstring v_cert; + + if (f_readCertificate(valueof(p_certificateName), p_atCertificate) == false){ + log("f_prepareCertificates: Failed to read certificate ", p_certificateName); + return false; + } + if (ischosen(p_atCertificate.issuer.sha256AndDigest)) { + v_digest := p_atCertificate.issuer.sha256AndDigest; + } else if (ischosen(p_atCertificate.issuer.sha384AndDigest)) { + v_digest := p_atCertificate.issuer.sha384AndDigest; + } else { + log("f_prepareCertificates: Invalid certificate issuer ", p_atCertificate.issuer); + return false; + } + if (f_getCertificateFromDigest(v_digest, p_aaCertificate, v_cert) == false) { + log("f_prepareCertificates: Failed to read certificate issuer ", v_digest); + return false; + } + } else { + p_atCertificate := vc_atCertificate; + p_aaCertificate := vc_aaCertificate; + } + // Store the certificate to build this message + vc_lastAtCertificateUsed := p_atCertificate; + + return true; + } // End of function f_prepareCertificates + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process + * @param p_securedMessage The signed SecureMessage part + * @param p_payloadField Payloads to be included in the message + * @param p_mandatoryHeaders Mandatory headers for the selected profile + * @param p_headerInfo HeaderInfo to be inserted in the message + * @param p_securityProfile Selected security profile + * @return true on success, false otherwise + */ + function f_buildGnSecuredMessage( + inout EtsiTs103097Data p_securedMessage, + in charstring p_certificateName, + in ToBeSignedData p_payloadField + ) runs on ItsSecurityBaseComponent return boolean { + + // Local variables + var octetstring v_secPayload, v_signature; + var ToBeSignedData v_toBeSignedData; + var octetstring v_certificateIssuer; + var octetstring v_privateKey; + + log(">>> f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); + log(">>> f_buildGnSecuredMessage: p_payloadField=", p_payloadField); + + // Prepare payload to be signed + v_toBeSignedData := valueof(p_payloadField); + v_secPayload := bit2oct(encvalue(v_toBeSignedData)); + log("f_buildGnSecuredMessage: v_secPayload=", v_secPayload); + + // Signed payload + if (ispresent(p_certificateName) and (valueof(p_certificateName) != cc_taCert_A)) { + if(not f_readSigningKey(valueof(p_certificateName), v_privateKey)){ + return false; + } + } else { + if(not f_readSigningKey(cc_taCert_A, v_privateKey)){ + return false; + } + } +// log("f_buildGnSecuredMessage: v_privateKey=", v_privateKey); + f_getCertificateHash(p_certificateName, v_certificateIssuer); + + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature)) { + v_signature := f_signWithEcdsaNistp256WithSha256( + v_secPayload, + v_certificateIssuer, + v_privateKey + ); + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaNistP256( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), + substr(v_signature, 32, 32) + ) + )); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { + v_signature := f_signWithEcdsaBrainpoolp256r1WithSha256( + v_secPayload, + v_certificateIssuer, + v_privateKey + ); + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), + substr(v_signature, 32, 32) + ) + )); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) { + v_signature := f_signWithEcdsaBrainpoolp384r1WithSha384( + v_secPayload, + v_certificateIssuer, + v_privateKey + ); + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( + m_ecdsaP384Signature( + m_eccP384CurvePoint_x_only(substr(v_signature, 0, 48)), + substr(v_signature, 48, 48) + ) + )); + } // TODO To be continued + +// log("<<< f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); + return true; + } // End of function f_buildGnSecuredMessage + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process including wrong elements of protocols. It is used for BO test cases + * @param p_securedMessage The signed SecureMessage part + * @param p_certificateName The certificate name + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *