From 1e118329c5d273c06ad626c0234c2329224d3d2e Mon Sep 17 00:00:00 2001 From: Denis Filatov Date: Wed, 14 Jul 2021 12:43:20 +0200 Subject: [PATCH 1/9] AtsSecurity initial commit --- .gitmodules | 4 + ItsSecurity_Functions.ttcn | 886 + ItsSecurity_Templates.ttcn | 66 + ItsSecurity_TestCases.ttcn | 18249 +++++++++++++++++++ ItsSecurity_TestControl.ttcn | 104 + ItsSecurity_TestSystem.ttcn | 40 + LICENSE | 23 + lib/LibItsSecurity_EncdecDeclarations.ttcn | 58 + lib/LibItsSecurity_Functions.ttcn | 3546 ++++ lib/LibItsSecurity_Pics.ttcn | 97 + lib/LibItsSecurity_Pixits.ttcn | 65 + lib/LibItsSecurity_Templates.ttcn | 2099 +++ lib/LibItsSecurity_TestSystem.ttcn | 50 + lib/LibItsSecurity_TypesAndValues.ttcn | 314 + lib/asn1 | 1 + lib/module.mk | 12 + module.mk | 42 + 17 files changed, 25656 insertions(+) create mode 100644 .gitmodules create mode 100755 ItsSecurity_Functions.ttcn create mode 100755 ItsSecurity_Templates.ttcn create mode 100755 ItsSecurity_TestCases.ttcn create mode 100755 ItsSecurity_TestControl.ttcn create mode 100755 ItsSecurity_TestSystem.ttcn create mode 100755 LICENSE create mode 100755 lib/LibItsSecurity_EncdecDeclarations.ttcn create mode 100755 lib/LibItsSecurity_Functions.ttcn create mode 100755 lib/LibItsSecurity_Pics.ttcn create mode 100755 lib/LibItsSecurity_Pixits.ttcn create mode 100755 lib/LibItsSecurity_Templates.ttcn create mode 100755 lib/LibItsSecurity_TestSystem.ttcn create mode 100755 lib/LibItsSecurity_TypesAndValues.ttcn create mode 160000 lib/asn1 create mode 100755 lib/module.mk create mode 100755 module.mk diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..1fb51d2 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,4 @@ +[submodule "lib/asn1"] + path = lib/asn1 + url = https://forge.etsi.org/rep/ITS/asn1/sec_ts103097.git + branch = testing diff --git a/ItsSecurity_Functions.ttcn b/ItsSecurity_Functions.ttcn new file mode 100755 index 0000000..219c35c --- /dev/null +++ b/ItsSecurity_Functions.ttcn @@ -0,0 +1,886 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF525 + * @version $Url$ + * $Id$ + * @desc Module containing functions for the secured GN ATS + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module ItsSecurity_Functions { + + // LibCommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_Time all; + + // LibIts + import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; + import from IEEE1609dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + import from ITS_Container language "ASN.1:1997" all; + import from DENM_PDU_Descriptions language "ASN.1:1997" all; + + // LibItsCommon + import from LibItsCommon_TestSystem all; + import from LibItsCommon_Functions all; + import from LibItsCommon_ASN1_NamedNumbers all; + + // LibItsDenm + import from LibItsDenm_Templates all; + import from LibItsDenm_Functions all; + import from LibItsDenm_TestSystem all; + + // LibItsCam + import from LibItsCam_Templates all; + import from LibItsCam_Functions all; + import from LibItsCam_TestSystem all; + + // LibItsBtp + import from LibItsBtp_Templates all; + + // LibItsGeoNetworking + import from LibItsGeoNetworking_TestSystem all; + import from LibItsGeoNetworking_Functions all; + import from LibItsGeoNetworking_Templates all; + import from LibItsGeoNetworking_TypesAndValues all; + import from LibItsGeoNetworking_Pixits all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + import from LibItsSecurity_Templates all; + import from LibItsSecurity_Functions all; + + + group secCam { + + /** + * @desc Prepare a secured CAM + * @param p_configId The configuration identifier to be used + * @param p_headerFields HeaderInfo to be inserted in the message + * @param p_signerIdentifier Add digest or AT certificate or certificate chain + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields + * @return Secured GeoNetworking packet containing a CAM + */ + function f_prepareSecuredCam( + in charstring p_configId, + in HeaderInfo p_headerInfo, + in SignerIdentifier p_signerIdentifier, + in template (value) StationID p_station_id := f_getTsStationId() + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GnNonSecuredPacket v_gnNonSecuredPacket; + var octetstring v_gnPayload; + var EtsiTs103097Data v_securedMessage; + +// log(">>> f_prepareSecuredCam"); + + // Build signed Ieee1609Dot2Data + v_gnNonSecuredPacket := valueof(m_geoNwShbPacket( + f_getPosition(c_compNodeC) + )); + + // Encode CAM payload + v_gnPayload := valueof( + bit2oct( + encvalue( + m_camReq( + m_camMsg_vehicle_HF_BV( + valueof(p_station_id), + f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime + LibItsCam_Templates.m_tsPosition + ))))); + + // Add BTP/CAM payload + if (PX_GN_UPPER_LAYER == e_btpA) { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpA( + v_gnPayload)))); + } else { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpB( + v_gnPayload)))); + } + + // Encode it +// log("f_prepareSecuredCam: v_gnNonSecuredPacket= ", v_gnNonSecuredPacket); + v_gnPayload := bit2oct( + encvalue( + v_gnNonSecuredPacket + ) + ); +// log("f_prepareSecuredCam: v_gnPayload= ", v_gnPayload); + f_buildGnSecuredCam( + v_securedMessage, + valueof(m_toBeSignedData( + m_signedDataPayload( + m_etsiTs103097Data_unsecured( + v_gnPayload + )), + p_headerInfo + )), + p_signerIdentifier, + p_configId + ); + + // Return secured Gn packet + return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + } // End of function f_prepareSecuredCam + + /** + * @desc Prepare a secured CAM including wrong elements of protocols. It is used for BO test cases + * @param p_configId The configuration identifier to be used + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields + * @param p_alterATCertificateSignature Set to true to alter the AT certificate signature + * @param p_alterAACertificateSignature Set to true to alter the AA certificate signature + * @return Secured GeoNetworking packet containing a CAM + */ + function f_prepareSecuredCam_Bo( + in charstring p_configId, + in HeaderInfo p_headerInfo, + in SignerIdentifier p_signerIdentifier, + in template (value) StationID p_station_id := f_getTsStationId(), + in UInt8 p_protocolVersion := c_protocol_version, + in boolean p_alter_psid := false, + in boolean p_add_generation_location := false, + in boolean p_add_expiry_time := false, + in boolean p_add_p2pcd_learning_request := false, + in boolean p_add_missing_crl_identifier := false, + in boolean p_add_encryption_key := false, + in boolean p_alter_signature_algorithm := false, + in boolean p_alter_signer_identifier := false, + in boolean p_alter_signature := false + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GnNonSecuredPacket v_gnNonSecuredPacket; + var octetstring v_gnPayload; + var Ieee1609Dot2Data v_securedMessage; + + // Build signed Ieee1609Dot2Data + v_gnNonSecuredPacket := valueof(m_geoNwShbPacket( + f_getPosition(c_compNodeC) + )); + + // Add CAM payload + v_gnPayload := valueof( + valueof( + bit2oct( + encvalue( + m_camReq( + m_camMsg_vehicle_HF_BV( + f_getTsStationId(), + f_getCurrentTime() mod 65536, // See ETSI EN 302 637-2 V1.3.0 - Clause B.3 generationDelatTime + LibItsCam_Templates.m_tsPosition + )))))); + + // Add BTP/CAM payload + if (PX_GN_UPPER_LAYER == e_btpA) { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpA( + v_gnPayload)))); + } else { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpB( + v_gnPayload)))); + } + + // Encode it + v_gnPayload := bit2oct( + encvalue( + v_gnNonSecuredPacket + ) + ); + + f_buildGnSecuredCam_Bo( + v_securedMessage, + valueof(m_toBeSignedData( + m_signedDataPayload( + m_etsiTs103097Data_unsecured( + v_gnPayload + )), + p_headerInfo + )), + p_signerIdentifier, + p_configId, + p_protocolVersion, + p_alter_psid, + p_add_generation_location, + p_add_expiry_time, + p_add_p2pcd_learning_request, + p_add_missing_crl_identifier, + p_add_encryption_key, + p_alter_signature_algorithm, + p_alter_signer_identifier, + p_alter_signature + ); + + // Return secured Gn packet +// log("f_prepareSecuredCam_Bo: ", m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + } // End of function f_prepareSecuredCam_Bo + + /** + * @desc Sends a secured CAM + * @param p_configId The configuration identifier to be used + * @param p_headerFields Additional HeaderInfo + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @return GeoNetworking payload + */ + function f_sendSecuredCam( + in charstring p_configId, + in HeaderInfo p_headerInfo, + in SignerIdentifier p_issuerIdentifier, + in template (value) StationID p_station_id := f_getTsStationId() + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + + // Local variables + var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam(p_configId, p_headerInfo, p_issuerIdentifier, p_station_id); + log("f_sendSecuredCam: v_securedGnPdu= ", v_securedGnPdu); + + f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); + + return v_securedGnPdu; + + } // End of function f_sendSecuredCam + + /** + * @desc Sends a secured CAM including wrong elements of protocols. It is used for BO test cases + * @param p_configId The configuration identifier to be used + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *
  • 0 for no trailer
    • + *
  • 1 for invalid trailer
    • + *
  • 2 for duplicated trailer
    • + * @param p_headerFields Additional HeaderInfo + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @return GeoNetworking payload + */ + function f_sendSecuredCam_Bo( + in charstring p_configId, + in UInt8 p_protocolVersion := c_protocol_version, + in boolean p_alter_psid := false, + in boolean p_add_generation_location := false, + in boolean p_add_expiry_time := false, + in boolean p_add_p2pcd_learning_request := false, + in boolean p_add_missing_crl_identifier := false, + in boolean p_add_encryption_key := false, + in boolean p_alter_signature_algorithm := false, + in boolean p_alter_signer_identifier := false, + in boolean p_alter_signature := false + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + + // Local variables + var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredCam_Bo( + p_configId, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_digest), + f_getTsStationId(), + p_protocolVersion, + p_alter_psid, + p_add_generation_location, + p_add_expiry_time, + p_add_p2pcd_learning_request, + p_add_encryption_key, + p_alter_signature_algorithm, + p_alter_signer_identifier, + p_alter_signature + ); + log("f_sendSecuredCam_Bo: v_securedGnPdu= ", v_securedGnPdu); + f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); + + return v_securedGnPdu; + } // End of function f_sendSecuredCam_Bo + + } // End of group secCam + + group secDenm { + + /** + * @desc Prepare a secured DENM + * @param p_configId The configuration identifier to be used + * @param p_headerFields HeaderInfo to be inserted in the message + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields + * @return Secured GeoNetworking packet containing a CAM + */ + function f_prepareSecuredDenm( + in charstring p_configId, + in HeaderInfo p_headerInfo, + in SignerIdentifier p_signerIdentifier, + in template (value) StationID p_station_id := f_getTsStationId() + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GnNonSecuredPacket v_gnNonSecuredPacket; + var octetstring v_gnPayload; + var Ieee1609Dot2Data v_securedMessage; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + var template (value) SituationContainer v_situation := m_situation(LibItsCommon_ASN1_NamedNumbers.CauseCodeType_vehicleBreakdown_, LibItsCommon_ASN1_NamedNumbers.VehicleBreakdownSubCauseCode_unavailable_); + + // Build signed Ieee1609Dot2Data + v_gnNonSecuredPacket := valueof( + m_geoNwBroadcastPacket( + v_longPosVectorNodeB, + vc_localSeqNumber, + f_getGeoBroadcastArea( + c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) + ))); + + // Add the DENM payload + v_gnPayload := valueof( + bit2oct( + encvalue( + m_denmReq( + m_denmPdu( + m_denm( + m_denmMgmtCon( + m_tsActionId + ), + v_situation, + m_denmLocation_zeroDelta + )))))); + + // Add BTP/CAM payload + if (PX_GN_UPPER_LAYER == e_btpA) { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpA( + v_gnPayload)))); + } else { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpB( + v_gnPayload)))); + } + + // Encode it +// log("f_prepareSecuredDenm: v_gnPayload= ", v_gnPayload); + v_gnPayload := bit2oct( + encvalue( + v_gnNonSecuredPacket + ) + ); + f_buildGnSecuredDenm( + v_securedMessage, + valueof(m_toBeSignedData( + m_signedDataPayload( + m_etsiTs103097Data_unsecured( + v_gnPayload + )), + p_headerInfo + )), + p_signerIdentifier, + p_configId + ); + + // Return secured Gn packet + return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + } // End of function f_prepareSecuredDenm + + /** + * @desc Prepare a secured DENM including wrong elements of protocols. It is used for BO test cases + * @param p_configId The configuration identifier to be used + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *
  • 0 for no trailer
    • + *
  • 1 for invalid trailer
    • + *
  • 2 for duplicated trailer
    • + * @param p_headerFields HeaderInfo to be inserted in the message + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields + * @return Secured GeoNetworking packet containing a CAM + */ + function f_prepareSecuredDenm_Bo( + in charstring p_configId, + in HeaderInfo p_headerInfo, + in SignerIdentifier p_signerIdentifier, + in template (value) StationID p_station_id := f_getTsStationId(), + in UInt8 p_protocolVersion := c_protocol_version, + in boolean p_alter_psid := false, + in boolean p_add_generation_location := false, + in boolean p_add_expiry_time := false, + in boolean p_add_p2pcd_learning_request := false, + in boolean p_add_missing_crl_identifier := false, + in boolean p_add_encryption_key := false, + in boolean p_alter_signature_algorithm := false, + in boolean p_alter_signer_identifier := false, + in boolean p_alter_signature := false + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GnNonSecuredPacket v_gnNonSecuredPacket; + var octetstring v_gnPayload; + var Ieee1609Dot2Data v_securedMessage; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + var template (value) SituationContainer v_situation := m_situation(LibItsCommon_ASN1_NamedNumbers.CauseCodeType_vehicleBreakdown_, LibItsCommon_ASN1_NamedNumbers.VehicleBreakdownSubCauseCode_unavailable_); + + // Build signed Ieee1609Dot2Data + v_gnNonSecuredPacket := valueof( + m_geoNwBroadcastPacket( + v_longPosVectorNodeB, + vc_localSeqNumber, + f_getGeoBroadcastArea( + c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) + ))); + + // Add the DENM payload + v_gnPayload := valueof( + bit2oct( + encvalue( + m_denmReq( + m_denmPdu( + m_denm( + m_denmMgmtCon( + m_tsActionId + ), + v_situation, + m_denmLocation_zeroDelta + )))))); + + // Add BTP/DENM payload + if (PX_GN_UPPER_LAYER == e_btpA) { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpA( + v_gnPayload)))); + } else { + v_gnNonSecuredPacket.payload := valueof( + bit2oct( + encvalue( + m_btpB( + v_gnPayload)))); + } + + // Encode it + v_gnPayload := bit2oct( + encvalue( + v_gnNonSecuredPacket + ) + ); + f_buildGnSecuredDenm_Bo( + v_securedMessage, + valueof(m_toBeSignedData( + m_signedDataPayload( + m_etsiTs103097Data_unsecured( + v_gnPayload + )), + p_headerInfo + )), + p_signerIdentifier, + p_configId, + p_protocolVersion, + p_alter_psid, + p_add_generation_location, + p_add_expiry_time, + p_add_p2pcd_learning_request, + p_add_missing_crl_identifier, + p_add_encryption_key, + p_alter_signature_algorithm, + p_alter_signer_identifier, + p_alter_signature + ); + + // Return secured Gn packet +// log("f_prepareSecuredDenm_Bo: ", m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + } // End of function f_prepareSecuredDenm_Bo + + /** + * @desc Sends a secured DENM + * @param p_configId The configuration identifier to be used + * @param p_headerFields Additional HeaderInfo + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @return GeoNetworking payload + */ + function f_sendSecuredDenm( + in charstring p_configId, + in HeaderInfo p_headerInfo, + in SignerIdentifier p_issuerIdentifier, + in template (value) StationID p_station_id := f_getTsStationId() + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm(p_configId, p_headerInfo, p_issuerIdentifier); + log("f_sendSecuredDenm: v_securedGnPdu= ", v_securedGnPdu); + + f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); + + return v_securedGnPdu; + + } // End of function f_sendSecuredDenm + + /** + * @desc Sends a secured DENM including wrong elements of protocols. It is used for BO test cases + * @param p_configId The configuration identifier to be used + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *
  • 0 for no trailer
    • + *
  • 1 for invalid trailer
    • + *
  • 2 for duplicated trailer
    • + * @param p_headerFields Additional HeaderInfo + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @return GeoNetworking payload + */ + function f_sendSecuredDenm_Bo( + in charstring p_configId, + in UInt8 p_protocolVersion := c_protocol_version, + in boolean p_alter_psid := false, + in boolean p_remove_generation_location := false, + in boolean p_add_expiry_time := false, + in boolean p_add_p2pcd_learning_request := false, + in boolean p_add_missing_crl_identifier := false, + in boolean p_add_encryption_key := false, + in boolean p_alter_signature_algorithm := false, + in boolean p_alter_signer_identifier := false, + in boolean p_alter_signature := false + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredDenm_Bo( + p_configId, + valueof( + m_headerInfo_denm( + -, + (f_getCurrentTime() * 1000)/*us*/, + m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + ))), + valueof(m_signerIdentifier_digest), + f_getTsStationId(), + p_protocolVersion, + p_alter_psid, + p_remove_generation_location, + p_add_expiry_time, + p_add_p2pcd_learning_request, + p_add_missing_crl_identifier, + p_add_encryption_key, + p_alter_signature_algorithm, + p_alter_signer_identifier, + p_alter_signature + ); + + log("f_sendSecuredDenm_Bo: v_securedGnPdu= ", v_securedGnPdu); + f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); + + return v_securedGnPdu; + + } // End of function f_sendSecuredDenm_Bo + + } // End of group secDenm + + group secBeacon { + + /** + * @desc Prepare a secured Beacon + * @param p_configId The configuration identifier to be used + * @param p_headerFields HeaderInfo to be inserted in the message + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields + * @return Secured GeoNetworking packet containing a CAM + */ + function f_prepareSecuredBeacon( + in charstring p_configId, + in template (omit) HeaderInfo p_headerFields := omit, + in SignerIdentifier p_issuerIdentifier,// := e_certificate, + in boolean p_addMissingHeaders := true + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GnNonSecuredPacket v_gnNonSecuredPacket; + var octetstring v_gnPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + var template (value) Ieee1609Dot2Data v_securedMessage; + + // Build signed Ieee1609Dot2Data + v_gnNonSecuredPacket := valueof( + m_geoNwBroadcastPacket( + v_longPosVectorNodeB, + vc_localSeqNumber, + f_getGeoBroadcastArea( + c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) + ))); + + // Encode it + v_gnPayload := bit2oct( + encvalue( + v_gnNonSecuredPacket + ) + ); + /*f_buildGnSecuredOtherMessage( + v_securedMessage, + m_payload_signed(v_gnPayload), + p_issuerIdentifier, + valueof(m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + )), + p_headerFields, + p_configId, + p_addMissingHeaders + );*/ + + // Return secured Gn packet + return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + } // End of function f_prepareSecuredBeacon + + /** + * @desc Prepare a secured Beacon including wrong elements of protocols. It is used for BO test cases + * @param p_configId The configuration identifier to be used + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *
  • 0 for no trailer
    • + *
  • 1 for invalid trailer
    • + *
  • 2 for duplicated trailer
    • + * @param p_headerFields HeaderInfo to be inserted in the message + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerFields + * @return Secured GeoNetworking packet containing a CAM + */ + function f_prepareSecuredBeacon_Bo( + in charstring p_configId, + in UInt8 p_protocolVersion := c_protocol_version, + in integer p_trailerStatus := 0, + in template (omit) HeaderInfo p_headerFields := omit, + in SignerIdentifier p_issuerIdentifier,// := e_certificate, + in boolean p_addMissingHeaders := true + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GnNonSecuredPacket v_gnNonSecuredPacket; + var octetstring v_gnPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + var template (value) Ieee1609Dot2Data v_securedMessage; + + // Build signed Ieee1609Dot2Data + v_gnNonSecuredPacket := valueof( + m_geoNwBroadcastPacket( + v_longPosVectorNodeB, + vc_localSeqNumber, + f_getGeoBroadcastArea( + c_area1 // Select area1 (see ETSI TS 102 871-2 Clause 4.2 Configuration 1) + ))); + + // Encode it + v_gnPayload := bit2oct( + encvalue( + v_gnNonSecuredPacket + ) + ); + /*f_buildGnSecuredOtherMessage_Bo( + v_securedMessage, + p_protocolVersion, + p_trailerStatus, + m_payload_signed(v_gnPayload), + p_issuerIdentifier, + valueof(m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + )), + p_headerFields, + p_configId, + p_addMissingHeaders + );*/ + + // Return secured Gn packet + return valueof(m_geoNwSecPdu(v_gnNonSecuredPacket, v_securedMessage)); + } // End of function f_prepareSecuredBeacon_Bo + + /** + * @desc Sends a secured Beacon + * @param p_configId The configuration identifier to be used + * @param p_headerFields Additional HeaderInfo + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @return GeoNetworking payload + */ + function f_sendSecuredBeacon( + in charstring p_configId, + in template (omit) HeaderInfo p_headerFields := omit, + in SignerIdentifier p_issuerIdentifier// := e_certificate_digest_with_sha256 + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon(p_configId, p_headerFields, p_issuerIdentifier); + + f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); + + return v_securedGnPdu; + + } // End of function f_sendSecuredBeacon + + /** + * @desc Sends a secured Beacon including wrong elements of protocols. It is used for BO test cases + * @param p_configId The configuration identifier to be used + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *
  • 0 for no trailer
    • + *
  • 1 for invalid trailer
    • + *
  • 2 for duplicated trailer
    • + * @param p_headerFields Additional HeaderInfo + * @param p_issuerIdentifier Add digest or AT certificate or certificate chain + * @return GeoNetworking payload + */ + function f_sendSecuredBeacon_Bo( + in charstring p_configId, + in UInt8 p_protocolVersion := c_protocol_version, + in integer p_trailerStatus := 1, + in template (omit) HeaderInfo p_headerFields := omit, + in SignerIdentifier p_issuerIdentifier// := e_certificate_digest_with_sha256 + ) runs on ItsGeoNetworking return GeoNetworkingPdu { + // Local variables + var GeoNetworkingPdu v_securedGnPdu := f_prepareSecuredBeacon_Bo(p_configId, p_protocolVersion, p_trailerStatus, p_headerFields, p_issuerIdentifier); + + f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); + + return v_securedGnPdu; + + } // End of function f_sendSecuredBeacon_Bo + + } // End of group secBeacon + + group camTrigger { + + /** + * @desc Triggers a CAM change speed events to get a CAM frequency greather than 1 Hz (i.e. more than one CAM per seconds) + * @return Reference to the component used to send the trigger + * @remark This function spawns an ItsCam component in alive mode + * @see fb_changeCamFrequencyGreatherThan1Hz() + */ + function f_setCamFrequencyGreatherThan1Hz() runs on ItsBaseComponent return ItsCam { + var ItsCam v_camComponent; + + v_camComponent := ItsCam.create("CAM Trigger") alive; + v_camComponent.start(fb_setCamFrequencyGreatherThan1Hz()); + + return v_camComponent; + } // End of function f_setCamFrequencyGreatherThan1Hz + + /** + * @desc Terminate CAM component execution + * @param Reference to the component used to send the trigger + */ + function f_terminateCam(inout ItsCam p_camComponent) runs on ItsBaseComponent { + + p_camComponent.done; + p_camComponent.kill; + + } // End of function f_terminateCam + + /** + * @desc Behaviour function for triggering a CAM change speed event on IUT + */ + function fb_setCamFrequencyGreatherThan1Hz() runs on ItsCam /* TITAN TODO: system ItsSecSystem */{ + + // Local variables + var SpeedValue v_speedValues[5] := { 1000, 2000, 3000, 4000, 5000 } //cm/s + var integer v_cntSpeed; + var float v_timer := 0.2; // 1 / 5; + + log(">>> fb_setCamFrequencyGreatherThan1Hz"); + + map(self:utPort, system:camUtPort); + vc_default := activate(LibItsCam_Functions.a_utDefault()); + + for (v_cntSpeed := 0; v_cntSpeed < lengthof(v_speedValues); v_cntSpeed:=v_cntSpeed + 1) { + LibItsCam_Functions.f_utTriggerEvent(valueof(m_changeSpeed(v_speedValues[v_cntSpeed]))); + f_sleep(v_timer); + } // End of 'for' statement + + unmap(self:utPort, system:camUtPort); + } // End of function fb_setCamFrequencyGreatherThan1Hz + + } // End of group camTrigger + + group denmTrigger { + + /** + * @desc Triggers a DENM event on IUT + * @remark This function spawns an ItsDenm component in alive mode + * @see fb_secTriggerDenmEvent() + * @return Reference to the component used to send the trigger + */ + function f_triggerDenmEvent() runs on ItsBaseGeoNetworking return ItsDenm { + var ItsDenm v_denmComponent; + + //deactivate gnPort default alts + vc_gnDefaultActive := false; + + v_denmComponent := ItsDenm.create("DENM Trigger") alive; + v_denmComponent.start(fb_secTriggerDenmEvent()); + v_denmComponent.done; + + //activate gnPort default alts + vc_gnDefaultActive := true; + + return v_denmComponent; + } // End of function f_triggerDenmEvent + + /** + * @desc Cancels all previously triggered DENM events on IUT + * @param p_denmComponent Reference of the component previously used to trigger DENM events + * @see fb_secCancelDenmEvent() + */ + function f_cancelDenmEvent(ItsDenm p_denmComponent) runs on ItsBaseGeoNetworking { + var ItsDenm v_denmComponent; + + //deactivate gnPort default alts + vc_gnDefaultActive := false; + + p_denmComponent.start(fb_secCancelDenmEvent()); + p_denmComponent.done; + p_denmComponent.kill; + + //activate gnPort default alts + vc_gnDefaultActive := true; + + } // End of function f_cancelDenmEvent + + /** + * @desc Behaviour function for triggering a DENM event on IUT + */ + function fb_secTriggerDenmEvent() runs on ItsDenm /* TITAN TODO: system ItsSecSystem */ { + + // Local variables + var template (value) SituationContainer v_situation := m_situation(LibItsCommon_ASN1_NamedNumbers.CauseCodeType_vehicleBreakdown_, LibItsCommon_ASN1_NamedNumbers.VehicleBreakdownSubCauseCode_unavailable_); + + log(">>> fb_secTriggerDenmEvent: ", v_situation); + map(self:utPort, system:denmUtPort); + vc_default := activate(LibItsDenm_Functions.a_utDefault()); + + log("fb_secTriggerDenmEvent: Call LibItsDenm_Functions.f_utTriggerEvent with ", m_utTriggerEvent(v_situation, defaultValidity)); + vc_utActionIDs[0] := LibItsDenm_Functions.f_utTriggerEvent(m_utTriggerEvent(v_situation, defaultValidity)); + log("fb_secTriggerDenmEvent: actionId=", vc_utActionIDs[0]); + + } // End of function f_secTriggerDenmEvent + + /** + * @desc Behaviour function for cancelling previously triggered DENM events on IUT + */ + function fb_secCancelDenmEvent() runs on ItsDenm /* TITAN TODO: system ItsSecSystem */ { + + // Local variables + var integer v_counter; + + for (v_counter := 0; v_counter < lengthof(vc_utActionIDs); v_counter := v_counter + 1) { + LibItsDenm_Functions.f_utTerminateEvent(m_utEventCancellation(vc_utActionIDs[v_counter])); + } // End of 'for' statement + + unmap(self:utPort, system:denmUtPort); + deactivate(vc_default); + + } // End of function f_secTriggerDenmEvent + + } // End of group denmTrigger + +} // End of module ItsSecurity_Functions diff --git a/ItsSecurity_Templates.ttcn b/ItsSecurity_Templates.ttcn new file mode 100755 index 0000000..c29f2d8 --- /dev/null +++ b/ItsSecurity_Templates.ttcn @@ -0,0 +1,66 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF538 / STF545 + * @version $Url: https://oldforge.etsi.org/svn/ITS/tags/20170222_STF527_Final/ttcn/AtsSecurity/ItsSecurity_Templates.ttcn $ + * $Id: ItsSecurity_Templates.ttcn 2655 2017-01-26 10:46:08Z filatov $ + * @desc Module containing templates for secured GeoNetworking ATS + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module ItsSecurity_Templates { + +// // LibIts +// import from DENM_PDU_Descriptions language "ASN.1:1997" all; +// import from ITS_Container language "ASN.1:1997" all; +// + // LibItsBtp + import from LibItsBtp_TypesAndValues all; + import from LibItsBtp_Templates all; + import from LibItsBtp_Pixits all; + + // LibItsGeoNet + import from LibItsGeoNetworking_TypesAndValues all; +// import from LibItsGeoNetworking_Templates all; + +// template (present) BtpPayload mw_btpCamPayload := { +// decodedPayload := { +// camPacket := ? +// }, +// rawPayload := ? +// } // End of template mw_btpCamPayload +// +// +// template (present) BtpPayload mw_btpDenmPayload := { +// decodedPayload := { +// denmPacket := ? +// }, +// rawPayload := ? +// } // End of template mw_btpDenmPayload +// +// template (present) Payload mw_secCamPayload := { +// decodedPayload := { +// btpPacket := mw_btpB( +// PX_DESTINATION_PORT, +// ?, +// mw_btpCamPayload +// ) +// }, +// rawPayload := ? +// +// } // End of template mw_secCamPayload +// +// template (present) Payload mw_secDenmPayload := { +// decodedPayload := { +// btpPacket := mw_btpB( +// PX_DESTINATION_PORT, +// ?, +// mw_btpDenmPayload +// ) +// }, +// rawPayload := ? +// +// } // End of template mw_secCamPayload + +} // End of module ItsSecurity_Templates \ No newline at end of file diff --git a/ItsSecurity_TestCases.ttcn b/ItsSecurity_TestCases.ttcn new file mode 100755 index 0000000..72924b8 --- /dev/null +++ b/ItsSecurity_TestCases.ttcn @@ -0,0 +1,18249 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF538 / TTF002 / STF594 + * @version $Url$ + * $Id$ + * @desc Testcases file for Security Protocol + * @reference ETSI TS 103 097 v1.2.1 + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + */ +module ItsSecurity_TestCases { + + // Libcommon + import from LibCommon_Time all; + import from LibCommon_VerdictControl all; + import from LibCommon_Sync all; + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_DataStrings all; + + // LibIts + //import from DENM_PDU_Descriptions language "ASN.1:1997" all; + import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; + import from IEEE1609dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + // LibItsCommon + import from LibItsCommon_TypesAndValues all; + import from LibItsCommon_Functions all; + import from LibItsCommon_TypesAndValues all; + import from LibItsCommon_ASN1_NamedNumbers all; + + // LibItsGeoNetworking + import from LibItsGeoNetworking_TestSystem all; + import from LibItsGeoNetworking_Functions all; + import from LibItsGeoNetworking_Templates all; + import from LibItsGeoNetworking_TypesAndValues all; + import from LibItsGeoNetworking_Pics all; + + // LibItsCam + import from LibItsCam_Templates all; + import from LibItsCam_Functions all; + import from LibItsCam_Templates all; + import from LibItsCam_Functions all; + import from LibItsCam_TestSystem all; + + // LibItsDenm + import from LibItsDenm_Templates all; + import from LibItsDenm_TestSystem all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + import from LibItsSecurity_Templates all; + import from LibItsSecurity_Functions all; + import from LibItsSecurity_Pixits all; + import from LibItsSecurity_Pics all; + + // AtsSecurity + import from ItsSecurity_TestSystem all; + import from ItsSecurity_Functions all; + import from ItsSecurity_Templates all; + + /** + * @desc Sending behaviour test cases + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2 Sending behaviour + */ + group sendingBehavior { + + /** + * @desc Check that ITS-S sends a Ieee1609Dot2Data containing protocol version set to 3. + * 
    +         * Pics Selection: PICS_GN_SECURITY
+         * Config Id: CF01
+         * Initial conditions:
+         *  with {
+         *      the IUT being in the 'authorized' state
+         *  }
+         * Expected behaviour:
+         * ensure that {
+         *     when { 
+         *         the IUT is requested to send a Ieee1609Dot2Data
+         *     } then {
+         *         the IUT sends a Ieee1609Dot2Data
+         *             containing protocol_version 
+         *                 indicating value '3'
+         *     }
+         * }
+         *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_SND_MSG_01_BV + * @reference ETSI TS 103 097 [1] Clause 5.1 + * @reference IEEE1609.2[2] Clause 6.3.2 + */ + testcase TC_SEC_ITSS_SND_MSG_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Security protocol version set to 3 ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_MSG_01_BV + + /** + * @desc Sending behaviour test cases for CAM profile. + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.4 CAM profile + */ + group camProfile { + + /** + * @desc Check that IUT sends the secured CAM using SignedData container. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT sends a message of type EtsiTs103097Data
+             *             containing content
+             *                 containing signedData
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_01_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The CA message is secured"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_01_BV + + /** + * @desc Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing tbsData
+             *                         containing headerInfo
+             *                             containing psid
+             *                                 indicating 'AID_CAM'
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_02_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_02_BV + + /** + * @desc Check that IUT sends the secured CAM with the HeaderInfo containing generationTime + * and doesn't containing expiryTime, generationLocation, encryptionKey, p2pcdLearningRequest, missingCrlIdentifier. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing tbsData
+             *                         containing headerInfo
+             *                             containing generationTime
+             *                             and not containing expiryTime
+             *                             and not containing generationLocation, 
+             *                             and not containing encryptionKey
+             *                             and not containing p2pcdLearningRequest
+             *                             and not containing missingCrlIdentifier
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_03_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_03_BV + + /** + * @desc Check that IUT sends the secured CAM containing signer containing either certificate or digest; + * Check that signing certificate has permissions to sign CAM messages. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing signer
+             *                         containing digest
+             *                         or containing certificate
+             *                             containing id
+             *                                 indicating 'none'
+             *                             and containing toBeSigned
+             *                                 containing appPermissions
+             *                                     containing the item of type PsidSsp
+             *                                         containing psid
+             *                                             indicating AID_CAM
+             *                             and not containing certIssuePermissions
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_04_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + * @reference IEEE 1609.2 [2] Clause 6.3.4 + */ + testcase TC_SEC_ITSS_SND_CAM_04_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing digest"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( // or containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_CAM), * } + ) + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing certificate"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_04_BV + + /** + * @desc Check that IUT calculate the digest of certificate using proper hash algorithm; + * Check that IUT canonicalize certificates before hash calculation. + * 
    +             * Pics Selection: PICS_GN_SECURITY and ((PICS_SEC_SHA256 and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)) or (PICS_SEC_SHA384 and PICS_SEC_BRAINPOOL_P384R1))
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (X_CERTIFICATE) 
+             *     and the IUT is configured to send more than one CAM per second
+             *     and the IUT having sent a secured CAM
+             *         containing signer
+             *             containing certificate
+             *                 indicating X_CERTIFICATE
+             *                     containing verifyKeyIndicator
+             *                         containing verificationKey
+             *                             containing X_KEY
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a subsequent secured CAM
+             *             containing signer
+             *                 containing digest
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing signer
+             *                         containing digest
+             *                             indicating last 8 bytes of the Hash value calculated using X_HASH algorithm
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_05_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + * @reference IEEE 1609.2 [2] Clause 6.3.4 + */ + testcase TC_SEC_ITSS_SND_CAM_05_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_certificate; + var HashedId8 v_certificate_digest; + var ItsCam v_component; + + // Test control + if (not(PICS_GN_SECURITY and ((PICS_SEC_SHA256 and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)) or (PICS_SEC_SHA384 and PICS_SEC_BRAINPOOL_P384R1)))) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and ((PICS_SEC_SHA256 and (PICS_SEC_NIST_P256 or PICS_SEC_BRAINPOOL_P256R1)) or (PICS_SEC_SHA384 and PICS_SEC_BRAINPOOL_P384R1))' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_N; // ecdsaNistP256 SHA-256 (uncompressed) + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B_N; // ecdsaBrainpoolP256r1 (uncompressed) + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3_N; // ecdsaBrainpoolP384r1 (uncompressed) + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(vc_hashedId8ToBeUsed, v_certificate); + f_getCertificateDigest(vc_hashedId8ToBeUsed, v_certificate_digest); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [PICS_SEC_SHA256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + sha256, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + mw_issuerIdentifier_sha256AndDigest( + v_certificate.issuer.sha256AndDigest + ), + mw_toBeSignedCertificate_at( + -, + v_certificate.toBeSigned.verifyKeyIndicator + ) + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [PICS_SEC_SHA384 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + sha384, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + mw_issuerIdentifier_sha384AndDigest( + v_certificate.issuer.sha384AndDigest + ), + mw_toBeSignedCertificate_at( + -, + v_certificate.toBeSigned.verifyKeyIndicator + ) + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with AT certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with AT certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [PICS_SEC_SHA256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + sha256, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest( + v_certificate_digest + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured CA message received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_SHA384 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + sha384, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest( + v_certificate_digest + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured CA message received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_05_BV + + /** + * @desc Check that IUT sends the secured CAM containing the signing certificate when over the time of one + * second no other secured CAM contained the certificate was sent. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             * with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *     and the IUT is configured to send more then one CAM per second
+             *     and the IUT having sent a CAM
+             *         containing generationTime
+             *             indicating TIME_LAST
+             *     }
+             * ensure that {
+             *     when {
+             *         the IUT is sending secured CAM as a message of type EtsiTs103097Data
+             *             containing signer
+             *                     containing certificate
+             *     } then {
+             *         this message
+             *             contains headerInfo
+             *                 containing generation_time
+             *                     indicating TIME (TIME >= TIME_LAST + 1sec)
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_06_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_06_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Time64 v_time_last; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + v_time_last := f_getSecuredMessage(v_geoNwInd.msgIn).content.signedData.tbsData.headerInfo.generationTime; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received, TIME_LAST = ", v_time_last, " ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + if (ff_abs(int2float(v_geoNwInd.msgIn.gnPacket.securedMsg.content.signedData.tbsData.headerInfo.generationTime - v_time_last)) <= 0.95) { + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was within a second ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: Generation of CAM messages including certificate was not within a second ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission with digest ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_06_BV + + /** + * @desc Check that IUT sends the secured CAM containing the signing certificate when the timeout of one second + * has been expired after the previous CAM containing the certificate. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT being in the 'authorized' state with AT certificate (CERT_IUT_A_AT) 
+             *      and the IUT is configured to send more than one CAM per second
+             *      and the IUT having sent a CAM
+             *          containing signer
+             *              containing certificate
+             *          and containing generationTime
+             *             indicating TIME_LAST
+             *  }
+             *  ensure that {
+             *      when {
+             *         the IUT is sending secured CAM as a message of type EtsiTs103097Data
+             *             containing generationTime
+             *                 indicating TIME (TIME >= TIME_LAST + 1sec) 
+             *     } then {
+             *         this message is
+             *             containing certificate
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_07_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_07_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const integer c_cntTimeLimit := 10; + const float c_certificateGenerationTime := 1.0; + timer t_maxTransInterval := c_certificateGenerationTime * 1.3;//1.15; + var integer v_cntTime := 0; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_component := f_setCamFrequencyGreatherThan1Hz(); + geoNetworkingPort.clear; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + t_maxTransInterval.start; + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + t_maxTransInterval.stop; + v_cntTime := v_cntTime + 1; + if (v_cntTime == c_cntTimeLimit) { // Exit message loop + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + // end of alt + } + else { + t_maxTransInterval.start; + log("*** " & testcasename() & ": INFO: CA message retransmission with certificate ***"); + repeat; + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission with digest ***"); + repeat; + } + [] t_maxTransInterval.timeout { + log("*** " & testcasename() & ": FAIL: CA message with certificate was not received in 1 sec after previous one ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_07_BV + + /** + * @desc Check that IUT sends the secured CAM containing the signing certificate when the IUT received + * a CAM from an unknown ITS-S. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *      and the IUT is configured to send more than one CAM per second
+             *      and the IUT having already sent CAM
+             *          containing certificate
+             *              at TIME_1
+             *      and the IUT having received a Ieee1609Dot2Data
+             *          containing signedData
+             *              containing signer
+             *                  containing digest
+             *                      indicating HashedId8 value
+             *                          referenced to unknown certificate (CERT_TS_B_AT)
+             *                              at TIME_2 (TIME_1 < TIME_2 < TIME_1+1sec)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send CAM 
+             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
+             *      } then {
+             *          the IUT sends a Ieee1609Dot2Data
+             *              containing signedData
+             *                  containing type 
+             *                      containing signer
+             *                          containing certificate
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_08_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_08_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + timer t_maxTransInterval := 0.5; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_component := f_setCamFrequencyGreatherThan1Hz(); + geoNetworkingPort.clear; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message from unknown ITS-S + geoNetworkingPort.clear; + f_sendSecuredCam(cc_taCert_B, valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), valueof(m_signerIdentifier_digest), f_getTsStationId() + 10/*Unknown ITS-S*/); + + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } + + // Test Body + t_maxTransInterval.start; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + repeat; + } + [] t_maxTransInterval.timeout { + log("*** " & testcasename() & ": FAIL: CA message was transmited w/o unrecognized request header ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_08_BV + + /** + * @desc Check that IUT restarts the certificate sending timer when the certificate has been sent. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT being in the 'authorized' state (CERT_IUT_A_AT) 
+             *      and the IUT is configured to send more then one CAM per second
+             *      and the IUT having already sent CAM
+             *          containing signer
+             *              containing certificate
+             *           at TIME_1
+             *      and the IUT having received a CAM
+             *          containing signer
+             *              containing digest
+             *                  containing HashedId8 value
+             *                      indicating ann unknown certificate
+             *          at TIME_2 (TIME_1 + 0.3sec)
+             *      and the IUT having sent CAM
+             *          containing signer
+             *              containing certificate
+             *          at TIME_3 (TIME_3 > TIME_2)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is sending the next CAM
+             *              containing signer
+             *                  containing certificate
+             *              at TIME_4
+             *      } then {
+             *          the difference between TIME_4 and TIME_3 is about of 1sec
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_09_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_09_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 1.0; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var SignerIdentifier v_signerIdentifier; + var ItsCam v_component; + var boolean v_firstCertReceived := false; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_component := f_setCamFrequencyGreatherThan1Hz(); + geoNetworkingPort.clear; + tc_ac.start; + alt { + [v_firstCertReceived == false] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + log("*** " & testcasename() & ": INFO: Initial conditions: The first CAM with certificate is received ***"); + v_firstCertReceived := true; + f_sleep(0.3); + // Send secured message with request for unrecognized certificate + f_getMsgSignerIdentifier(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier); + f_sendSecuredCam( + cc_taCert_F, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof( + m_signerIdentifier_digest( + f_calculateDigestFromCertificate( + v_signerIdentifier.certificate[0] + ) + ) + ) + ); + repeat; + } + [v_firstCertReceived == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + // start a timeout of one second to check + // that the next cert will be received after this timeout + t_maxTransInterval.start; + log("*** " & testcasename() & ": INFO: Initial conditions: The requested CAM with certificate is received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": FAIL: CA message certificate inclusion time wasn't restarted ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate ***"); + repeat; + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The CAM certificate inclusion timer has been restarted ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_09_BV + + /** + * @desc Check that the IUT sends certificate request when it receives secured CAM containing + * digest of unknown certificate as a message signer. + * 
    +             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AT_DISTRIBUTION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *      and the IUT has receiving a EtsiTs103097Data
+             *          containing signer
+             *              containing digest
+             *                  indicating HashedId8 value DIGEST_A
+             *                      referencing an unknown certificate (CERT_TS_F_AT)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured CAM
+             *      } then {
+             *          the IUT sends a Ieee1609Dot2Data
+             *              containing headerInfo
+             *                  containing inlineP2pcdRequest
+             *                      containing HashedId3 value
+             *                          indicating last 3 octets of DIGEST_A
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_10_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.1.2 + */ + testcase TC_SEC_ITSS_SND_CAM_10_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HashedId8 v_hashedId8; + var HashedId3 v_expectedHashedId3; + var ItsCam v_component; + timer t_maxTransInterval := 0.5; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AT_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_getCertificateDigest( + cc_taCert_F, + v_hashedId8 + ); + v_expectedHashedId3 := f_hashedId3FromHashedId8(v_hashedId8); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message from unknown ITS-S + geoNetworkingPort.clear; + f_sendSecuredCam( + cc_taCert_B, // SHA-256/NIST P-256 + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + t_maxTransInterval.start; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, -, + { v_expectedHashedId3 } + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate request was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + repeat; + } + [] t_maxTransInterval.timeout { + log("*** " & testcasename() & ": FAIL: CAM was transmited w/o unrecognized request header ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_10_BV + + /** + * @desc Check that the IUT sends certificate request when it receives secured CAM + * containing certificate signed by unknown AA certificate. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA256
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *      and the IUT has receiving a message of type EtsiTs103097Data
+             *          containing signer
+             *               containing certificate
+             *                   containing issuer
+             *                       containing sha256AndDigest
+             *                  indicating HashedId8 value DIGEST_F
+             *                      referencing an unknown certificate (CERT_TS_B_AT)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured CAM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing signedData
+             *                  containing tbsData
+             *              containing headerInfo
+             *                  containing inlineP2pcdRequest
+             *                      containing HashedId3 value
+             *                          indicating last 3 octets of DIGEST_F
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_11_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.1.2 + */ + testcase TC_SEC_ITSS_SND_CAM_11_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HashedId8 v_hashedId8; + var HashedId3 v_expectedHashedId3; + var ItsCam v_component; + + // Test control + if (not(PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA256)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA256' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + if (PICS_SEC_SHA256 == true) { + f_getCertificateDigest( + cc_taCert_F, + v_hashedId8 + ); + } + v_expectedHashedId3 := f_hashedId3FromHashedId8(v_hashedId8); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message from unknown ITS-S + geoNetworkingPort.clear; + f_sendSecuredCam( + cc_taCert_B, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement; + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, + -, + { v_expectedHashedId3 } + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate request was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate request ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_11_01_BV + + /** + * @desc Check that the IUT sends certificate request when it receives secured CAM + * containing certificate signed by unknown AA certificate. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA384
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *      and the IUT has receiving a message of type EtsiTs103097Data
+             *          containing signer
+             *               containing certificate
+             *                   containing issuer
+             *                       containing sha384AndDigest
+             *                  indicating HashedId8 value DIGEST_A
+             *                               referencing an unknown certificate (CERT_TS_B_1_AT)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured CAM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing signedData
+             *                  containing tbsData
+             *              containing headerInfo
+             *                  containing inlineP2pcdRequest
+             *                      containing HashedId3 value
+             *                          indicating last 3 octets of DIGEST_A
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_11_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.1.2 + */ + testcase TC_SEC_ITSS_SND_CAM_11_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HashedId8 v_hashedId8; + var HashedId3 v_expectedHashedId3; + var ItsCam v_component; + + // Test control + if (not(PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA384)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION and PICS_SEC_SHA384' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + if (PICS_SEC_SHA384 == true) { + f_getCertificateDigest( + cc_taCert_F3, + v_hashedId8 + ); + } + v_expectedHashedId3 := f_hashedId3FromHashedId8(v_hashedId8); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message from unknown ITS-S + geoNetworkingPort.clear; + f_sendSecuredCam( + cc_taCert_B, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement; + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, + -, + { v_expectedHashedId3 } + ) + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate request was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate request ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_11_02_BV + + /** + * @desc Check that IUT sends the secured CAM containing the signing certificate when it received + * a CAM containing a request for unrecognized certificate that matches with the currently + * used AT certificate ID of the IUT. + * 
    +             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AT_DISTRIBUTION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *      and the IUT is configured to send more than one CAM per second
+             *      and the IUT having already sent a CAM
+             *          containing signer
+             *              containing certificate
+             *          at TIME_1
+             *      and the IUT having received a CAM
+             *          containing inlineP2pcdRequest
+             *              containing HashedId3 
+             *                  indicaing value HASHED_ID_3
+             *                      indicating last 3 octets of currently used AT certificate
+             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a CAM
+             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
+             *      } then {
+             *          the IUT sends a CAM
+             *              containing signer
+             *               and containing certificate
+             *                   referenced by the HashedId3 value HASHED_ID_3
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_12_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_12_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 1.0; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AT_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_getCertificateDigest( + cc_taCert_B, // Unknown certificate + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + var SignerIdentifier v_signerIdentifier; + var SequenceOfCertificate v_certificates; + var integer v_certificatesLength; + + tc_ac.stop; + t_maxTransInterval.stop; + // Extract certificate chain + f_getMsgSignerIdentifier(v_geoNwInd.msgIn.gnPacket.securedMsg, v_signerIdentifier); + v_certificates := v_signerIdentifier.certificate; + v_certificatesLength := lengthof(v_certificates); + if (v_certificatesLength == 1) { + // Check reference + if (f_calculateDigestFromCertificate(v_certificates[0]) == v_hashedId8) { + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: Wrong certificate reference ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } else { + log("*** " & testcasename() & ": FAIL: Unexpected certificate content ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate ***"); + repeat; + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_12_BV + + /** + * @desc Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate + * headerInfo field when it received a CAM containing a request for unrecognized certificate that + * matches with the currently used AA certificate ID of the IUT. + * 
    +             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AT_DISTRIBUTION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *          issued by the AA certificate (CERT_IUT_A_AA)
+             *      and the IUT is configured to send more than one CAM per second
+             *      and the IUT having already sent a CAM
+             *          containing signer
+             *              containing certificate
+             *          at TIME_1
+             *      and the IUT having received a CAM
+             *          containing inlineP2pcdRequest
+             *              containing HashedId3 value
+             *                  indicating last 3 octets of the digest of CERT_IUT_A_AA
+             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a CAM
+             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
+             *      } then {
+             *          the IUT sends a CAM
+             *              containing headerInfo
+             *               and containing the requestedCertificate
+             *                   indicating requested AA certificate CERT_IUT_A_AA 
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_13_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_13_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 1.0; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AT_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AT_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_A_AA, v_aa_certificate); + f_getCertificateDigest( + cc_iutCert_A_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, -, -, + v_aa_certificate + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate ***"); + repeat; + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_13_BV + + /** + * @desc Check that IUT sends the secured CAM containing the AA certificate in the requestedCertificate headerInfo + * field when it received a CAM containing a request for unrecognized certificate that matches with the known + * AA certificate ID which is not currently used by the IUT. + * 
    +             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *      and the IUT is configured to send more than one CAM per second
+             *      and the IUT is configured to know the AA certificate (CERT_TS_B_AA)
+             *      and the IUT having already sent a CAM
+             *          containing signer
+             *              containing certificate
+             *          at TIME_1
+             *      and the IUT having received a CAM
+             *          containing inlineP2pcdRequest
+             *              containing HashedId3 value
+             *                  indicating last 3 octets of the digest of CERT_TS_B_AA
+             *                      which is not an issuer of currently used AT certificate
+             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a CAM
+             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
+             *      } then {
+             *          the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *              containing headerInfo
+             *                  containing the requestedCertificate
+             *                      indicating requested AA certificate (CERT_TS_B_AA) 
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_14_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_14_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 1.0; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_taCert_B_AA, v_aa_certificate); + f_getCertificateDigest( + cc_taCert_B_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, -, -, + v_aa_certificate + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_14_BV + + /** + * @desc Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate + * headerInfo field when it was previously requested and already received from another ITS-S. + * 
    +             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *          issued by the AA certificate (CERT_IUT_A_AA)
+             *      and the IUT is configured to send more than one CAM per second
+             *      and the IUT having already sent a CAM
+             *          containing signer
+             *              containing certificate
+             *          at TIME_1
+             *      and the IUT having received a CAM
+             *          containing inlineP2pcdRequest
+             *              containing HashedId3 value
+             *                  indicating last 3 octets of the digest of CERT_IUT_A_AA
+             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 0.8sec)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured CAM
+             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 0.9sec)
+             *      } then {
+             *          the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *              containing headerInfo
+             *                  does not containing requestedCertificate 
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_15_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_15_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 0.8; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_A_AA, v_aa_certificate); + f_getCertificateDigest( + cc_iutCert_A_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam // does not containing requested certificate + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_15_BV + + /** + * @desc Check that the IUT doesn't send a secured CAM containing the AA certificate in the requestedCertificate + * headerInfo field when it contains certificate in the signer field. + * 
    +             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *          issued by the AA certificate (CERT_IUT_A_AA)
+             *      and the IUT is configured to send more than one CAM per second
+             *      and the IUT having already sent a CAM
+             *          containing signer
+             *              containing certificate
+             *          at TIME_1
+             *      and the IUT having received a CAM
+             *          containing inlineP2pcdRequest
+             *              containing HashedId3 value
+             *                  indicating last 3 octets of the digest of CERT_IUT_A_AA
+             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 0.9sec)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured CAM
+             *              at TIME_3 (TIME_1 < TIME_2 < TIME_3 < TIME_1 + 1sec)
+             *      } then {
+             *          the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *              containing signer
+             *                  containing certificate
+             *              and containing headerInfo
+             *                  not containing requestedCertificate 
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_16_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_16_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const float c_certificateGenerationTime := 0.8; + + timer t_maxTransInterval := c_certificateGenerationTime * 0.9; + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_taCert_AA, v_aa_certificate); + f_getCertificateDigest( + cc_taCert_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + t_maxTransInterval.start; + + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam // Not containing requestedCertificate + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + t_maxTransInterval.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam // Not containing requestedCertificate + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission w/o certificate ***"); + repeat; + } + [] t_maxTransInterval.timeout { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: The certificate chain has not been received during 1 sec ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_16_BV + + /** + * @desc Check that the IUT send a secured CAM containing the AA certificate in the + * requestedCertificate headerInfo field with the next CAM containing digest + * as a signer info. + * 
    +             * Pics Selection: PICS_GN_SECURITY, PICS_SEC_P2P_AA_DISTRIBUTION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *          issued by the AA certificate (CERT_IUT_A_AA)
+             *      and the IUT is configured to send more than one CAM per second
+             *      and the IUT having already sent a CAM
+             *          containing signer
+             *              containing certificate
+             *          at TIME_1
+             *      and the IUT having received a CAM
+             *          containing inlineP2pcdRequest
+             *              containing HashedId3 value
+             *                  indicating last 3 octets of the digest of CERT_IUT_A_AA
+             *          at TIME_2 (TIME_1 < TIME_2 < TIME_1 + 1sec)
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is sending a first subsequent secured CAM
+             *              containing signer
+             *                  containing digest
+             *      } then {
+             *          this message
+             *              containing headerInfo
+             *                  containing requestedCertificate 
+             *                      indicating requested AA certificate CERT_IUT_A_AA
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_17_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + * IEEE 1609.2 [2], Clauses 6.3.9 & 8.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_17_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var GeoNetworkingInd v_geoNwInd; + var ItsCam v_component; + var Certificate v_aa_certificate; + var HashedId8 v_hashedId8; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_P2P_AA_DISTRIBUTION)) { + log("*** " & testcasename() & ": ERROR: 'PICS_GN_SECURITY and PICS_SEC_P2P_AA_DISTRIBUTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_A_AA, v_aa_certificate); + f_getCertificateDigest( + cc_iutCert_A_AA, + v_hashedId8 + ); + geoNetworkingPort.clear; + v_component := f_setCamFrequencyGreatherThan1Hz(); + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + + // Send secured message with request for the currently used AT certificate + f_sendSecuredCam( + cc_taCert_A, + valueof( + m_headerInfo_cam( + -, + (f_getCurrentTime() * 1000)/*us*/, + -, + { f_hashedId3FromHashedId8(v_hashedId8) } + )), + valueof( + m_signerIdentifier_digest( + v_hashedId8 + ) + ) + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam( + -, -, -, + v_aa_certificate + ) + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_terminateCam(v_component); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_17_BV + + /** + * @desc Check that IUT sends the secured CAM containing generation time and this time is inside the validity period of the signing certificate; + * Check that message generation time value is realistic + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             * with {
+             *   the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *   when {
+             *       the IUT is requested to send a CAM
+             *   } then {
+             *       the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *           containing headerInfo
+             *               containing generationTime
+             *                   indicating TIME_1 (CUR_TIME - 5min <= TIME_1 <= CUR_TIME + 5min)
+             *           and containing signer
+             *               containing certificate
+             *                   containing toBeSigned
+             *                       containing validityPeriod
+             *                           containing start
+             *                               indicating value X_START_VALIDITY (X_START_VALIDITY <= GEN_TIME)
+             *                           and containing duration
+             *                               indicating value > GEN_TIME - X_START_VALIDITY 
+             *   }
+             * }
+             *
    + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_18_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.1 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2, 5.2.4.2.2, 5.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_CAM_18_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + const integer c_timeLimit := 2 * 60 * 1000000; // us + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var Time64 v_generationTime; + var Time64 v_curTime; + var SignerIdentifier v_signerIdentifier; + var ValidityPeriod v_validityPeriod; + var Certificate v_cert; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + geoNetworkingPort.clear; + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First CA message with certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo); + v_generationTime := v_headerInfo.generationTime; + v_curTime := f_getCurrentTime(); + v_curTime := v_curTime * 1000; // Time64 is in microseconds + log("v_generationTime (us)=", v_generationTime); + log("c_timeLimit (us)=", c_timeLimit); + log("v_curTime (us)=", v_curTime); + log("valid interval=", Time64:(v_curTime - c_timeLimit .. v_curTime + c_timeLimit)); + // Check generation time + if (not match(v_generationTime, Time64:(v_curTime - c_timeLimit .. v_curTime + c_timeLimit))) { + log("*** " & testcasename() & ": FAIL: CA message generation time is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // Check certificate validity period + f_getMsgSignerIdentifier (f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier); + log("v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_ (s)=", v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_); + log("c_timeLimit (s)=", c_timeLimit / 1000000); + log("v_curTime (s)=", v_curTime / 1000000); + log("valid interval=", Time32:((v_curTime - c_timeLimit) / 1000000, (v_curTime + c_timeLimit) / 1000000)); + if (v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_ > (v_curTime + c_timeLimit) / 1000000) { + log("*** " & testcasename() & ": FAIL: CA message certificate validity period is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // TODO Check duration + log("*** " & testcasename() & ": PASS: Generation of CAM messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwShbPacket + ))) { + log("*** " & testcasename() & ": INFO: CA message retransmission with digest ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_18_BV + + /** + * @desc Check that IUT sends the secured CAM containing the 'data' field in signed data payload, + * containing the EtsiTs103097Data of type unsecured, contained the CAM payload + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured CAM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              contains content
+             *                  contains signedData
+             *                      containing tbsData
+             *                          containing payload
+             *                              containing data
+             *                                  containing content
+             *                                      containing unsecuredData
+             *                                          containing not-empty data
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_19_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_19_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + log("###############", mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_cam + ) + ) + ) + ))); + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CAM received with a well formated payload ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_19_BV + + /** + * @desc Check that the IUT sends the secured CAM signed with the certificate containing appPermisions + * allowing to sign CA messages + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured CAM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing signer
+             *                 containing certificate
+             *                     containing appPermissions
+             *                         containing an item of type PsidSsp
+             *                             containing psid = AID_CAM 
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_20_BV + * @reference ETSI TS 103 097 [1] Clauses 7.2.1 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_20_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( // containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_CAM), * } + ) + ) + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CAM received with a well formated certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: CA message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_20_BV + + /** + * @desc Check that IUT sends the secured CAM containing signature; + * Check that the signature is calculated over the right fields + * and using right hash algorythm by cryptographically verifying the signature + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (X_CERTIFICATE) 
+             *          containing verifyKeyIndicator
+             *              containing verificationKey
+             *                  containing X_KEY
+             *                      indicating KEY
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured CAM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing signedData
+             *                  containing signer
+             *                       containing digest
+             *                           referencing the certificate X_CERTIFICATE
+             *                       or containing certificate
+             *                           indicating X_CERTIFICATE
+             *                  and containing signature
+             *                      containing X_SIGNATURE
+             *                          verifiable using KEY 
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_21_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + * @reference IEEE 1609.2 [2], Clauses 5.3.1, 6.3.4, 6.3.29, 6.3.30, 6.3.31 + + */ + testcase TC_SEC_ITSS_SND_CAM_21_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var EtsiTs103097Certificate v_certificate; + var Signature v_signature; + var GeoNetworkingInd v_geoNwInd; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(vc_hashedId8ToBeUsed, v_certificate); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_digest( // containing digest referencing the certificate X_CERTIFICATE + f_getCertificateIssuer(v_certificate.issuer) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: CA message with digest received ***"); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + mw_signerIdentifier_certificate( // or containing containing certificate indicating X_CERTIFICATE + v_certificate + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: CA message with certificate received ***"); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + // Check that the signature is calculated over the right fields and using right hash algorythm by cryptographically verifying the signature + if (f_verifyGnSecuredMessageSignatureWithCertificate(f_getSecuredMessage(v_geoNwInd.msgIn), vc_hashedId8ToBeUsed, v_certificate)) { + log("*** " & testcasename() & ": PASS: Signature verified successfully ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: Signature not verified successfully ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_21_BV + + /** + * @desc Check that IUT sends the secured CAM containing signature containing the ECC point of type set to + * either compressed_lsb_y_0, compressed_lsb_y_1 or x_coordinate_only. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured CAM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing signedData
+             *                  containing signature
+             *                      containing X_SIGNATURE
+             *                          containing rSig
+             *                              containing x-only
+             *                              or containing compressed-y-0
+             *                              or containing compressed-y-1
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_22_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.1 + * @reference IEEE 1609.2 [2], Clauses 6.3.30, 6.3.31 + */ + testcase TC_SEC_ITSS_SND_CAM_22_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [PICS_SEC_NIST_P256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaNistP256( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_x_only + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_NIST_P256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaNistP256( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_compressed_y_0 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_NIST_P256 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaNistP256( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_compressed_y_1 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P256R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP256r1( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_x_only + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P256R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP256r1( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_compressed_y_0 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P256R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP256r1( + mw_ecdsaP256Signature( + mw_eccP256CurvePoint_compressed_y_1 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P384R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP384r1( + mw_ecdsaP384Signature( + mw_eccP384CurvePoint_x_only + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P384R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP384r1( + mw_ecdsaP384Signature( + mw_eccP384CurvePoint_compressed_y_0 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [PICS_SEC_BRAINPOOL_P384R1 == true] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ), + -, + mw_signature_ecdsaBrainpoolP384r1( + mw_ecdsaP384Signature( + mw_eccP384CurvePoint_compressed_y_1 + ) + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: CA message with well-formated signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: CA message with wrong signature received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: CA message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_22_BV + + /** + * @desc Check that IUT doesn't send secured CAMs if IUT is authorized with AT certificate doesn't allowing + * sending messages in this location. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_C1_AT)
+             *         containing region
+             *             indicating rectangular region
+             *                 not containing current IUT position
+             *         and the IUT has no other installed AT certificates
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT doesn't send CAM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_23_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_23_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_C1; + f_cf01Up(); // Initialise IUT with CERT_IUT_C1_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_23_BV + + /** + * @desc Check that IUT doesn't send the secured CAM if IUT is configured to use an AT certificate without + * region validity restriction and generation location is outside of the region of the issuing AA certificate. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_CA3_AT)
+             *         not containing region
+             *         and issued by the AA certificate (CERT_IUT_C3_AA)
+             *             containing region
+             *                 indicating rectangular region
+             *                     not containing current IUT position
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT doesn't send CAM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_24_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_24_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_CA3; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_24_BV + + /** + * @desc Check that IUT doesn't send secured CAMs if all AT certificates installed on the IUT was expired. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_CA3_AT)
+             *         containing validityPeriod
+             *             indicating start + duration < CURRENT_TIME
+             *         and the IUT has no other installed AT certificates
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT doesn't send CAM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_25_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_25_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A1; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_25_BV + + /** + * @desc Check that IUT doesn't send secured CAMs if all AT certificates installed on the IUT have the starting time in the future. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A2_AT)
+             *         containing validityPeriod
+             *             indicating start > CURRENT_TIME
+             *         and the IUT has no other installed AT certificates
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT doesn't send CAM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_26_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_26_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A2; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_26_BV + + /** + * @desc Check that IUT doesn't send secured CAMs if IUT doesn't possess an AT certificate allowing + * sending CAM by its appPermissions. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A3_AT)
+             *         containing appPermissions
+             *             not containing PsidSSP
+             *                 containing psid
+             *                     indicating AID_CAM
+             *         and the IUT has no other installed AT certificates
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT doesn't send CAM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_27_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_CAM_27_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A3; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured CAMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No CAM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_27_BV + + /** + * @desc Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing tbsData
+             *                         containing headerInfo
+             *                             containing psid
+             *                                 indicating 'AID_CAM'
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_28_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_28_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_A_AT_A8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT_A8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_28_BV + + /** + * @desc Check that IUT sends the secured CAM containing the HeaderInfo field psid set to 'AID_CAM'. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured CAM
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing tbsData
+             *                         containing headerInfo
+             *                             containing psid
+             *                                 indicating 'AID_CAM'
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_CAM_29_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_SND_CAM_29_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_A_AT_A8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT_A8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_cam + ) + ) + ), + mw_geoNwShbPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected CA message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_CAM_29_BV + + } // End of group camProfile + + /** + * @desc Sending behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.5 DENM profile + */ + group denmProfile { + + /** + * @desc Check that secured DENM is signed + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured DENM
+             *     } then {
+             *         the IUT sends a message of type EtsiTs103097Data
+             *             containing content
+             *                 containing signedData
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_01_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.2 + */ + testcase TC_SEC_ITSS_SND_DENM_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The DEN message is secured"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_01_BV + + /** + * @desc Check that IUT sends the secured DENM containing the HeaderInfo field psid set to 'AID_DENM' + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured DENM
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing tbsData
+             *                         containing headerInfo
+             *                             containing psid
+             *                                 indicating 'AID_DENM'
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_02_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.2 + */ + testcase TC_SEC_ITSS_SND_DENM_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_02_BV + + /** + * @desc Check that IUT sends the secured DENM with the HeaderInfo containing generationTime and generationLocation + * and doesn't containing expiryTime, encryptionKey, p2pcdLearningRequest, missingCrlIdentifier, + * inlineP2pcdRequest, requestedCertificate. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured DENM
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing tbsData
+             *                         containing headerInfo
+             *                             containing generationTime
+             *                             and containing generationLocation, 
+             *                             and not containing expiryTime
+             *                             and not containing encryptionKey
+             *                             and not containing p2pcdLearningRequest
+             *                             and not containing missingCrlIdentifier
+             *                             and not containing inlineP2pcdRequest
+             *                             and not containing requestedCertificate
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_03_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2 + */ + testcase TC_SEC_ITSS_SND_DENM_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_03_BV + + /** + * @desc Check that IUT sends the secured DENM containing signer containing certificate. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured DENM
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing signer
+             *                         containing certificate
+             *                             containing toBeSigned
+             *                                 containing appPermissions
+             *                                     containing the item of type PsidSsp
+             *                                         containing psid
+             *                                             indicating AID_DENM
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_04_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2 + * @reference IEEE 1609.2 [2] Clause 6.3.4 + */ + testcase TC_SEC_ITSS_SND_DENM_04_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( // or containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_DENM), * } + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing certificate"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest // containing digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: Incorrect secured packet received, containing digest"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_04_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation time + * and this time is inside the validity period of the signing certificate; + * Check that message generation time value is realistic. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             * with {
+             *   the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             * }
+             * ensure that {
+             *   when {
+             *       the IUT is requested to send a DENM
+             *   } then {
+             *       the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *           containing headerInfo
+             *               containing generationTime
+             *                   indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
+             *           and containing signer
+             *               containing certificate
+             *                   containing toBeSigned
+             *                       containing validityPeriod
+             *                           containing start
+             *                               indicating value X_START_VALIDITY (X_START_VALIDITY <= GEN_TIME)
+             *                           and containing duration
+             *                               indicating value > GEN_TIME - X_START_VALIDITY 
+             *   }
+             * }
+             *
    + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_05_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2, 5.2.4.2.2, 5.2.4.2.3 + */ + testcase TC_SEC_ITSS_SND_DENM_05_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + const integer c_timeLimit := 10 * 60 * 1000000; // us + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var Time64 v_generationTime; + var Time64 v_curTime; + var SignerIdentifier v_signerIdentifier; + var ValidityPeriod v_validityPeriod; + var Certificate v_cert; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate // containing certificate + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo); + v_generationTime := v_headerInfo.generationTime; + v_curTime := f_getCurrentTime(); + v_curTime := v_curTime * 1000; // Time64 is in microseconds + log("v_curTime (us)=", v_curTime); + log("c_timeLimit (us)=", c_timeLimit); + // Check generation time + if (not match(v_generationTime, Time64:(v_curTime - c_timeLimit .. v_curTime + c_timeLimit))) { + log("*** " & testcasename() & ": FAIL: DEN message generation time is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // Check certificate validity period + f_getMsgSignerIdentifier (f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier); + if (v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_ > (v_curTime + c_timeLimit) / 1000) { + log("*** " & testcasename() & ": FAIL: DEN message certificate validity period is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // TODO Check duration + log("*** " & testcasename() & ": PASS: Generation of DENM messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_05_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation location when signing certificate + * chain doesn't have any region restriction. + + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             * with {
+             *   the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *       containing toBeSigned
+             *           not containing region
+             *       and issuied by the certificate AA (CERT_IUT_A_AA)
+             *           containing toBeSigned
+             *               not containing region
+             *       and issuied by the certificate RCA (CERT_IUT_A_RCA)
+             *           containing toBeSigned
+             *               not containing region
+             * }
+             * ensure that {
+             *   when {
+             *       the IUT is requested to send a DENM
+             *   } then {
+             *       the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *           containing headerInfo
+             *               containing generationLocation 
+             *   }
+             * }
+             *
    + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_06_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_06_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + -, -, -, + omit + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: DEN message contains generationLocation ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_06_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation location which is inside the circular region + * defined by the validity restriction of the certificate pointed by the message signer. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION
+             * Config Id: CF01
+             * Initial conditions:
+             * with {
+             *   the IUT is authorized with AT certificate (X_AT_CERTIFICATE) 
+             *       containing toBeSigned
+             *           containing region
+             *               containing  X_FIELD
+             *                   indicating  REGION
+             * }
+             * ensure that {
+             *   when {
+             *       the IUT is requested to send a DENM
+             *   } then {
+             *       the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *           containing headerInfo
+             *               containing generationLocation
+             *                   indicating value inside the REGION  
+             *   }
+             * }
+             *
    + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_07_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_07_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var SignerIdentifier v_signerIdentifier; + var Certificate v_cert; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_B; // PICS_SEC_CIRCULAR_REGION + //vc_hashedId8ToBeUsed := cc_iutCert_C; // PICS_SEC_RECTANGULAR_REGION + //vc_hashedId8ToBeUsed := cc_iutCert_D; // PICS_SEC_POLYGONAL_REGION + //vc_hashedId8ToBeUsed := cc_iutCert_E; // PICS_SEC_IDENTIFIED_REGION + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + -, -, -, + ? + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo) and f_getMsgSignerIdentifier(f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier)) { + var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation }; + var integer v_counter; + + for (v_counter := 0; v_counter < lengthof(v_signerIdentifier.certificate); v_counter := v_counter + 1) { + if (f_isLocationInsideRegion(v_signerIdentifier.certificate[v_counter].toBeSigned.region, v_location) == false) { + break; + } + } // End of of for statement + if (v_counter == lengthof(v_signerIdentifier.certificate)) { + log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } else { + log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_07_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation location which is inside the identified + * region defined by the validity restriction of the AA certificate used to sign the certificate + * pointed by the message signer doesn't containing any region restriction. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION
+             * Config Id: CF01
+             * Initial conditions:
+             * with {
+             *   the IUT is authorized with AT certificate (CERT_IUT_CA1_AT)
+             *       containing toBeSigned
+             *           not containing region
+             *           and issuied by the certificate AA (CERT_IUT_CC_AA)
+             *               containing toBeSigned
+             *                   containing circularRegion
+             *                       indicating REGION
+             *               and issuied by the certificate RCA (CERT_IUT_C_RCA)
+             *                   containing toBeSigned
+             *                       containing circularRegion
+             *                           indicating REGION
+             * }
+             * ensure that {
+             *   when {
+             *       the IUT is requested to send a DENM
+             *   } then {
+             *       the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *           containing headerInfo
+             *               containing generationLocation
+             *                   indicating value inside the REGION  
+             *   }
+             * }
+             *
    + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_09_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 & 6.4.8 + */ + testcase TC_SEC_ITSS_SND_DENM_09_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var SignerIdentifier v_signerIdentifier; + var Certificate v_at_certificate; + var Certificate v_aa_certificate; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_CA1; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_CA1, v_at_certificate); + f_readCertificate(cc_iutCert_CC_AA, v_aa_certificate); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + v_at_certificate.toBeSigned.appPermissions, + v_at_certificate.toBeSigned.verifyKeyIndicator, + v_at_certificate.toBeSigned.validityPeriod, + omit + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo)) { + var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation }; + + if (f_isLocationInsideRegion(v_at_certificate.toBeSigned.region, v_location) == true) { + log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } else { + log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_09_BV + + /** + * @desc Check that IUT sends the secured DENM containing generation location which is inside the identified + * region defined by the validity restriction of the root certificate when subordinate AA and AT + * certificates don't contain any region restriction. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION
+             * Config Id: CF01
+             * Initial conditions:
+             * with {
+             *   the IUT is authorized with AT certificate (CERT_IUT_CA2_AT)
+             *       containing toBeSigned
+             *           not containing region
+             *           and issuied by the certificate AA (CERT_IUT_CC_AA)
+             *               containing toBeSigned
+             *                   containing circularRegion
+             *                       indicating REGION
+             *               and issuied by the certificate RCA (CERT_IUT_C_RCA)
+             *                   containing toBeSigned
+             *                       containing circularRegion
+             *                           indicating REGION
+             * }
+             * ensure that {
+             *   when {
+             *       the IUT is requested to send a DENM
+             *   } then {
+             *       the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *           containing headerInfo
+             *               containing generationLocation
+             *                   indicating value inside the REGION  
+             *   }
+             * }
+             *
    + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_10_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 & 6.4.8 + */ + testcase TC_SEC_ITSS_SND_DENM_10_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var SignerIdentifier v_signerIdentifier; + var Certificate v_at_certificate; + var Certificate v_aa_certificate; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_CERTIFICATE_SELECTION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_CERTIFICATE_SELECTION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_CA2; + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(cc_iutCert_CA2, v_at_certificate); + f_readCertificate(cc_iutCert_CC_AA, v_aa_certificate); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + v_at_certificate.toBeSigned.appPermissions, + v_at_certificate.toBeSigned.verifyKeyIndicator, + v_at_certificate.toBeSigned.validityPeriod, + omit + ) + ) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + if (f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo)) { + var ThreeDLocation v_location := { v_headerInfo.generationLocation.latitude, v_headerInfo.generationLocation.longitude, v_headerInfo.generationLocation.elevation }; + + if (f_isLocationInsideRegion(v_at_certificate.toBeSigned.region, v_location) == true) { + log("*** " & testcasename() & ": PASS: DENM contains generation location inside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: DEN message contains generation location outside the certificate validity region ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } else { + log("*** " & testcasename() & ": FAIL: IMPOSSIBLE!!! DENM generation location or certificate region restriction header field does not exist ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_10_BV + + /** + * @desc Check that IUT sends the secured DENM containing the 'data' field in signed data payload, + * containing the EtsiTs103097Data of type unsecured, contained the DENM payload + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured DENM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              contains content
+             *                  contains signedData
+             *                      containing tbsData
+             *                          containing payload
+             *                              containing data
+             *                                  containing content
+             *                                      containing unsecuredData
+             *                                          containing not-empty data
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_11_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2 + */ + testcase TC_SEC_ITSS_SND_DENM_11_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_denm + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: DENM received with a well formated payload"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected DEN message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_11_BV + + /** + * @desc Check that the IUT sends the secured DENM signed with the certificate containing appPermisions + * allowing to sign DEN messages + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT) 
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured DENM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing signer
+             *                 containing certificate
+             *                     containing appPermissions
+             *                         containing an item of type PsidSsp
+             *                             containing psid
+             *                                 indicating value AID_DENM 
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_12_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_12_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( // containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_DENM), * } + ) + ) + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: DEN message received with a well formated certificate ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: DEN message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_12_BV + + /** + * @desc Check that IUT sends the secured DENM containing signature; + * Check that the signature is calculated over the right fields + * and using right hash algorythm by cryptographically verifying the signature + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (X_CERTIFICATE) 
+             *          containing verifyKeyIndicator
+             *              containing verificationKey
+             *                  containing X_KEY
+             *                      indicating KEY
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured DENM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing signedData
+             *                  containing signer
+             *                       containing certificate
+             *                           indicating X_CERTIFICATE
+             *                               containing verifyKeyIndicator
+             *                                   containing verificationKey
+             *                                       containing X_KEY
+             *                                           indicating KEY
+             *                  and containing signature
+             *                      containing X_SIGNATURE
+             *                          verifiable using KEY 
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_13_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.2 + * @reference IEEE 1609.2 [2], Clauses 5.3.1, 6.3.4, 6.3.29, 6.3.30, 6.3.31 + + */ + testcase TC_SEC_ITSS_SND_DENM_13_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var EtsiTs103097Certificate v_certificate; + var Signature v_signature; + var GeoNetworkingInd v_geoNwInd; + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(vc_hashedId8ToBeUsed, v_certificate); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_certificate( // or containing containing certificate indicating X_CERTIFICATE + v_certificate + ) + ) + ), + mw_geoNwBroadcastPacket + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: DEN message with certificate received ***"); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest( + f_getCertificateIssuer(v_certificate.issuer) + ) + ) + ), + mw_geoNwBroadcastPacket + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": FAIL: DEN message retransmission with digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + //repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + // Check that the signature is calculated over the right fields and using right hash algorythm by cryptographically verifying the signature + if (f_verifyGnSecuredMessageSignatureWithCertificate(f_getSecuredMessage(v_geoNwInd.msgIn), vc_hashedId8ToBeUsed, v_certificate)) { + log("*** " & testcasename() & ": PASS: Signature verified successfully ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } else { + log("*** " & testcasename() & ": FAIL: Signature not verified successfully ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_13_BV + + /** + * @desc Check that the IUT supports at least 8 entries in the rectangular certificate validity region in the AT certificate + * 
    +             * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_RECTANGULAR_REGION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_C_AT_8)
+             *          containing toBeSigned
+             *              containing region
+             *                  containing rectangularRegion
+             *                      containing 8 entries
+             *                          containing an entry (ENTRY)
+             *                              containing current IUT position
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured DENM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing headerInfo
+             *                 containing genrationLocation
+             *                     containing appPermissions
+             *                         indicating position inside ENTRY
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_14_BV + * @reference IEEE 1609.2 [2], Clauses 6.4.17 + */ + testcase TC_SEC_ITSS_SND_DENM_14_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_RECTANGULAR_REGION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_RECTANGULAR_REGION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_C_AT_8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_C_AT_8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_ac.stop; + + // FIXME Check position inside rectangular area + log("*** " & testcasename() & ": PASS: DEN message received inside the position ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: DEN message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_14_BV + + /** + * @desc Check that the IUT supports at least 8 entries in the rectangular certificate validity region in the AT certificate + * 
    +             * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_POLYGONAL_REGION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_D_AT_8)
+             *          containing toBeSigned
+             *              containing region
+             *                  containing polygonalRegion
+             *                      containing 8 entries
+             *                          indicating polygon P
+             *          and the IUT's position is inside the polygon P
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured DENM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing headerInfo
+             *                 containing genrationLocation
+             *                     containing appPermissions
+             *                         indicating position inside P
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_15_BV + * @reference IEEE 1609.2 [2], Clauses 6.4.17 + */ + testcase TC_SEC_ITSS_SND_DENM_15_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_POLYGONAL_REGION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_POLYGONAL_REGION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_D_AT_8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_D_AT_8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_ac.stop; + + // FIXME Check position inside polygonal area + log("*** " & testcasename() & ": PASS: DEN message received inside the position ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: DEN message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_15_BV + + /** + * @desc Check that the IUT supports at least 8 entries in the rectangular certificate validity region in the AT certificate + * 
    +             * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_IDENTIFIED_REGION
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_E_AT_8)
+             *          containing toBeSigned
+             *              containing region
+             *                  containing polygonalRegion
+             *                      containing 8 entries
+             *                          indicating one of the items (I)
+             *                              containing current IUT position
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured DENM
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing headerInfo
+             *                 containing genrationLocation
+             *                     containing appPermissions
+             *                         indicating position inside I
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_16_BV + * @reference IEEE 1609.2 [2], Clauses 6.4.17 + */ + testcase TC_SEC_ITSS_SND_DENM_16_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_IDENTIFIED_REGION)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_IDENTIFIED_REGION' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := "CERT_IUT_E_AT_8"; + f_cf01Up(); // Initialise IUT with CERT_IUT_E_AT_8 + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_ac.stop; + + // FIXME Check position inside identified region + log("*** " & testcasename() & ": PASS: DEN message received inside the position ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ), + mw_signerIdentifier_digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: DEN message with digest was received ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: DEN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_16_BV + + /** + * @desc Check that IUT doesn't send secured DENMs if IUT doesn't possess an AT certificate allowing + * sending messages in this location. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_C1_AT)
+             *         containing region
+             *             indicating rectangular region
+             *                 not containing current IUT position
+             *         and the IUT has no other installed AT certificates
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured DENM
+             *     } then {
+             *         the IUT doesn't send DENM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_17_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_17_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_C1; + f_cf01Up(); // Initialise IUT with CERT_IUT_C1_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_17_BV + + /** + * @desc Check that IUT doesn't send the secured DENM if IUT is configured to use an AT certificate + * without region validity restriction and generation location is outside of the region of the + * issuing AA certificate. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_C3_AT)
+             *         not containing region
+             *         and issued by the AA certificate (CERT_IUT_C3_AA)
+             *             containing region
+             *                 indicating rectangular region
+             *                     not containing current IUT position
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured DENM
+             *     } then {
+             *         the IUT doesn't send DENM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_18_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_18_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_CA3; + f_cf01Up(); // Initialise IUT with CERT_IUT_CA3_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_18_BV + + /** + * @desc Check that IUT doesn't send secured DENMs if all AT certificates installed on the IUT are expired. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A1_AT)
+             *         containing validityPeriod
+             *             indicating start + duration < CURRENT_TIME
+             *         and the IUT has no other installed AT certificates
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured DENM
+             *     } then {
+             *         the IUT doesn't send DENM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_19_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_19_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A1; + f_cf01Up(); // Initialise IUT with CERT_IUT_A1_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_19_BV + + /** + * @desc Check that IUT doesn't send secured DENMs if all AT certificates installed on the IUT have the starting time in the future. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A2_AT)
+             *         containing validityPeriod
+             *             indicating start > CURRENT_TIME
+             *         and the IUT has no other installed AT certificates
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured DENM
+             *     } then {
+             *         the IUT doesn't send DENM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_20_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_20_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A2; + f_cf01Up(); // Initialise IUT with CERT_IUT_A2_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_20_BV + + /** + * @desc Check that IUT doesn't send secured DENMs if IUT doesn't possess an AT certificate allowing + * sending DENM by its appPermissions. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *     the IUT is authorized with AT certificate (CERT_IUT_A4_AT)
+             *         containing appPermissions
+             *             not containing PsidSSP
+             *                 containing psid
+             *                     indicating AID_CAM
+             * }
+             * ensure that {
+             *     when {
+             *         the IUT is requested to send a secured DENM
+             *     } then {
+             *         the IUT doesn't send DENM
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_DENM_21_BV + * @reference IEEE 1609.2 [2], Clauses 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_DENM_21_BV() runs on ItsGeoNetworking system ItsSecSystem { + // Local variables + var ItsDenm v_denmComponent; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + vc_hashedId8ToBeUsed := cc_iutCert_A4; + f_cf01Up(); // Initialise IUT with CERT_IUT_A4_AT + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_denmComponent := f_triggerDenmEvent(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_noac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_denm + ) + ) + ) + ))) { + tc_noac.stop; + log("*** " & testcasename() & ": FAIL: that IUT shall not send secured DENMs"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + [] tc_noac.timeout { + log("*** " & testcasename() & ": PASS: No DENM received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } // End of 'alt' statement + + // Postamble + f_cancelDenmEvent(v_denmComponent); + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_SND_DENM_21_BV + + } // End of group denmProfile + + /** + * @desc Sending behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.6 Generic signed message profile + */ + group genericSignedMessageProfile { + + /** + * @desc Check that IUT sends the secured message using signedData container. + * 
    +             * Pics Selection: PICS_GN_SECURITY
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *  }
+             * Expected behaviour:
+             * ensure that {
+             *     when { 
+             *         the IUT is requested to send a secured Beacon
+             *     } then {
+             *         the IUT sends a message of type EtsiTs103097Data
+             *             containing content 
+             *                 containing signedData 
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_01_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The GN message is secured ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_01_BV + + /** + * @desc Check that the sent Secured Message contains HeaderField its_aid that is set to other value then AID_CAM and AID_DENM. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *  }
+             * Expected behaviour:
+             * ensure that {
+             *     when { 
+             *         the IUT is requested to send a secured Beacon
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing tbsData
+             *                         containing headerInfo
+             *                             containing psid
+             *                                 indicating 'AID_GNMGMT'
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_02_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The GN message is secured ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_02_BV + + /** + * @desc Check that IUT sends the secured GeoNetworking message with the headerInfo containing generationTime. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *  }
+             * Expected behaviour:
+             * ensure that {
+             *     when { 
+             *         the IUT is requested to send a secured Beacon
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing tbsData
+             *                         containing headerInfo
+             *                             containing generationTime
+             *                             and not containing expiryTime
+             *                             and not containing generationLocation
+             *                             and not containing p2pcdLearningRequest
+             *                             and not containing missingCrlIdentifier
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_03_BV + * @reference ETSI TS 103 097 [1] Clauses 5.2 & 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: The GN message is secured ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_03_BV + + /** + * @desc Check that IUT sends the secured GeoNetworking message containing certificate or digest as a signer. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *  }
+             * Expected behaviour:
+             * ensure that {
+             *     when { 
+             *         the IUT is requested to send a secured Beacon
+             *     } then {
+             *         the IUT sends a Ieee1609Dot2Data
+             *             containing content
+             *                 containing signedData
+             *                     containing signer
+             *                         containing digest
+             *                         or containing certificate
+             *                             containing toBeSigned
+             *                                 containing appPermissions
+             *                                     containing the item of type PsidSsp
+             *                                         containing psid
+             *                                             indicating AID_GNMGMT
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_04_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + * @reference IEEE 1609.2 [2] Clause 6.3.4 + */ + testcase TC_SEC_ITSS_SND_GENMSG_04_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_digest // containing digest + ) + ) + ))) { + log("*** " & testcasename() & ": INFO: Correct secured packet received, containing digest ***"); + repeat; + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_certificate( // or containing certificate + mw_etsiTs103097Certificate( + -, + mw_toBeSignedCertificate_at( + { *, mw_appPermissions(c_its_aid_GN), * } + ) + ) + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_04_BV + + /** + * @desc Check that IUT sends the secured GeoNetworking message containing generation time + * and this time is inside the validity period of the signing certificate; + * Check that message generation time value is realistic. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *  }
+             * Expected behaviour:
+             * ensure that {
+             *     when { 
+             *         the IUT is requested to send a secured Beacon
+             *             containing certificate
+             *     } then {
+             *          the IUT sends a SecuredMessage of type EtsiTs103097Data
+             *              containing headerInfo
+             *                  containing generationTime
+             *                      indicating TIME_1 (CUR_TIME - 10min <= TIME_1 <= CUR_TIME + 10min)
+             *              and containing signer
+             *                  containing certificate
+             *                      containing toBeSigned
+             *                          containing validityPeriod
+             *                              containing start
+             *                                  indicating value X_START_VALIDITY (X_START_VALIDITY <= GEN_TIME)
+             *                              and containing duration
+             *                                  indicating value > GEN_TIME - X_START_VALIDITY 
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_05_BV + * @reference ETSI TS 103 097 [1] Clauses 5.4 & 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_05_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + const integer c_timeLimit := 10 * 60 * 1000000; // us + var LongPosVector v_longPosVectorIut; + var GeoNetworkingInd v_geoNwInd; + var HeaderInfo v_headerInfo; + var Time64 v_generationTime; + var Time64 v_curTime; + var SignerIdentifier v_signerIdentifier; + var ValidityPeriod v_validityPeriod; + var Certificate v_cert; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_certificate // containing certificate + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: Initial conditions: First GN message with certificate received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Initial conditions: GN message with certificate not received ***"); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } + } // End of 'alt' statement + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_certificate // containing certificate + ) + ) + ))) -> value v_geoNwInd { + tc_ac.stop; + f_getMsgHeaderInfo(f_getSecuredMessage(v_geoNwInd.msgIn), v_headerInfo); + v_generationTime := v_headerInfo.generationTime; + v_curTime := f_getCurrentTime(); + v_curTime := v_curTime * 1000; // Time64 is in microseconds + log("v_curTime (us)=", v_curTime); + // Check generation time + if (not match(v_generationTime, Time64:(v_curTime - c_timeLimit .. v_curTime + c_timeLimit))) { + log("*** " & testcasename() & ": FAIL: GN generation time is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + // Check certificate validity period + f_getMsgSignerIdentifier (f_getSecuredMessage(v_geoNwInd.msgIn), v_signerIdentifier); + if (not match(v_signerIdentifier.certificate[0].toBeSigned.validityPeriod.start_, Time32:(v_curTime - c_timeLimit / 1000000, v_curTime + c_timeLimit / 1000000))) /*In seconds*/{ + log("*** " & testcasename() & ": FAIL: GN certificate validity period is not in 5 min range"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } else { + log("*** " & testcasename() & ": PASS: Generation of GN messages including certificate was successful ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + } + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_digest // containing digest + ) + ) + ))) { + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing digest ***"); + repeat; + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_05_BV + + /** + * @desc Check that IUT sends the secured message using the 'data' field in signed data payload, + * containing the EtsiTs103097Data of type unsecured, + * containing the data payload or using the extDataHash field containing the SHA256 hash of data payload. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *  }
+             * Expected behaviour:
+             * ensure that {
+             *     when { 
+             *         the IUT is requested to send a secured Beacon
+             *     } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              contains content
+             *                  contains signedData
+             *                      containing tbsData
+             *                          containing payload
+             *                              containing data
+             *                                  containing content
+             *                                      containing unsecuredData
+             *                                          containing not-empty data
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_06_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + */ + testcase TC_SEC_ITSS_SND_GENMSG_06_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: GN received with a well formated payload ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_06_BV + + /** + * @desc Check that the IUT sends the secured messages signed with the certificate + * containing appPermisions allowing to sign these messages. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (CERT_IUT_A_AT)
+             *  }
+             * Expected behaviour:
+             * ensure that {
+             *     when { 
+             *         the IUT is requested to send a secured Beacon
+             *     } then {
+             *         the IUT sends a message of type EtsiTs103097Data
+             *              contains signer
+             *                  contains certificate
+             *                      containing appPermissions
+             *                          containing an item of type PsidSsp
+             *                              containing psid 
+             *                                  indicating value AID_GNMGMT
+             *     }
+             * }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_07_BV + * @reference ETSI TS 103 097 [1] Clauses 7.1.3 + * @reference IEEE 1609.2 [2] Clause 5.2.3.2.2 + */ + testcase TC_SEC_ITSS_SND_GENMSG_07_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_digest // containing digest + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: Correct secured packet received, containing digest ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + -, + mw_toBeSignedData( + mw_signedDataPayload( + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured + )), + mw_headerInfo_gn + ) + ) + ) + ))) { + tc_ac.stop; + log("*** " & testcasename() & ": PASS: received with a well formated payload ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_07_BV + + /** + * @desc Check that IUT sends the secured GeoNetworking message containing signature; + * Check that the signature is calculated over the right fields and using right + * hash algorythm by cryptographically verifying the signature. + * 
    +             * Pics Selection: PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER
+             * Config Id: CF01
+             * Initial conditions:
+             *  with {
+             *      the IUT is authorized with AT certificate (X_CERTIFICATE) 
+             *  }
+             *  ensure that {
+             *      when {
+             *          the IUT is requested to send a secured beacon
+             *      } then {
+             *          the IUT sends a message of type EtsiTs103097Data
+             *              containing signedData
+             *                  containing signer
+             *                       containing digest
+             *                           referencing the certificate X_CERTIFICATE
+             *                       or containing certificate
+             *                           indicating X_CERTIFICATE
+             *                  and containing signature
+             *                      containing X_SIGNATURE
+             *                          verifiable using KEY 
+             *      }
+             *  }
+             *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_SND_GENMSG_08_BV + * @reference ETSI TS 103 097 [1], Clauses 5.2 & 7.1.3 + * @reference IEEE 1609.2 [2], Clauses 5.3.1, 6.3.4, 6.3.29, 6.3.30, 6.3.31 + */ + testcase TC_SEC_ITSS_SND_GENMSG_08_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var LongPosVector v_longPosVectorIut; + var EtsiTs103097Certificate v_certificate; + var Signature v_signature; + var GeoNetworkingInd v_geoNwInd; + + // Test control + if (not(PICS_GN_SECURITY) or not(PICS_SEC_ITS_AID_OTHER)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ITS_AID_OTHER' required for executing the TC ***"); + stop; + } + + // Test component configuration + //vc_hashedId8ToBeUsed := cc_iutCert_A_B; // ecdsaBrainpoolP256r1 + //vc_hashedId8ToBeUsed := cc_iutCert_A_B3; // ecdsaBrainpoolP384r1 + f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA + v_longPosVectorIut := f_getPosition(c_compIut); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_readCertificate(vc_hashedId8ToBeUsed, v_certificate); + f_acTriggerEvent(m_startPassBeaconing(m_beaconHeader(v_longPosVectorIut).beaconHeader)); // Authorize the TA to forward the received beacons + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + tc_ac.start; + alt { + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_digest( // containing digest referencing the certificate X_CERTIFICATE + f_getCertificateIssuer(v_certificate.issuer) + ) + ) + ) + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: GN message with digest received ***"); + } + [] geoNetworkingPort.receive( + mw_geoNwInd( + mw_geoNwSecPdu( + mw_etsiTs103097Data_signed( + mw_signedData( + f_getHashAlgorithm(v_certificate.issuer), + mw_toBeSignedData( + mw_signedDataPayload, + mw_headerInfo_gn + ), + mw_signerIdentifier_certificate( // or containing containing certificate indicating X_CERTIFICATE + v_certificate + ) + ) + ) + ))) -> value v_geoNwInd { + tc_ac.stop; + log("*** " & testcasename() & ": INFO: GN message with certificate received ***"); + } + [] tc_ac.timeout { + log("*** " & testcasename() & ": INCONC: Expected message not received ***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout); + } + } // End of 'alt' statement + + // Postamble + f_acTriggerEvent(m_stopPassBeaconing); + f_poNeighbour(); + f_cf01Down(); + + } // End of testcase TC_SEC_ITSS_SND_GENMSG_08_BV + + } // End of group genericSignedMessageProfile + + } // End of group sendingBehavior + + /** + * @desc Receiver behaviour test cases + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3 Receiver behaviour + */ + group receiverBehavior { + + /** + * @desc Check that IUT acepts a secured message containing protocol version set to a value 3 + * 
    +         * Pics Selection: PICS_GN_SECURITY
+         * Config Id: CF01
+         * Initial conditions:
+         *  with {
+         *      the IUT is being authorized with the certificate CERT_IUT_A_AT
+         *      and the IUT current time is inside the time validity period of CERT_TS_A_AT and CERT_IUT_A_AT
+         *  }
+         * Expected behaviour:
+         * ensure that {
+         *     when {
+         *         the IUT is receiving a message of type EtsiTs103097Data
+         *             signed using CERT_TS_A_AT
+         *             and containing protocol_version
+         *                 indicating 3
+         *     } then {
+         *         the IUT accepts the SecuredMessage
+         *     }
+         * }
+         *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_MSG_01_BV + * @reference ETSI TS 103 097 [1] Clause 5.1 + * @reference IEEE1609.2[2] Clause 6.3.2 + */ + testcase TC_SEC_ITSS_RCV_MSG_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_digest), + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_MSG_01_BV + + /** + * @desc Check that IUT discards a secured message containing protocol version set to a value less than 3 + * 
    +         * Pics Selection: PICS_GN_SECURITY
+         * Config Id: CF01
+         * Initial conditions:
+         *  with {
+         *      the IUT is being authorized with the certificate CERT_IUT_A_AT
+         *      and the IUT current time is inside the time validity period of CERT_TS_A_AT and CERT_IUT_A_AT
+         *  }
+         * Expected behaviour:
+         * ensure that {
+         *     when {
+         *         the IUT is receiving a message of type EtsiTs103097Data
+         *             signed using CERT_TS_A_AT
+         *             and containing protocol_version
+         *                 indicating 2
+         *     } then {
+         *         the IUT discards the SecuredMessage
+         *     }
+         * }
+         *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_MSG_01_BV + * @reference ETSI TS 103 097 [1] Clause 5.1 + * @reference IEEE1609.2[2] Clause 6.3.2 + */ + testcase TC_SEC_ITSS_RCV_MSG_01_BO() runs on ItsGeoNetworking system ItsSecSystem { + + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + 2 + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_MSG_01_BO + + /** + * @desc Check that ITS-S sends a Ieee1609Dot2Data containing protocol version greather than 3 + * 
    +         * Pics Selection: PICS_GN_SECURITY
+         * Config Id: CF01
+         * Initial conditions:
+         *  with {
+         *      the IUT is being authorized with the certificate CERT_IUT_A_AT
+         *      and the IUT current time is inside the time validity period of CERT_TS_A_AT and CERT_IUT_A_AT
+         *  }
+         * Expected behaviour:
+         * ensure that {
+         *     when {
+         *         the IUT is receiving a message of type EtsiTs103097Data
+         *             signed using CERT_TS_A_AT
+         *             and containing protocol_version
+         *                 indicating 4
+         *     } then {
+         *         the IUT discards the SecuredMessage
+         *     }
+         * }
+         *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_MSG_02_BV + * @reference ETSI TS 103 097 [1] Clause 5.1 + * @reference IEEE1609.2[2] Clause 6.3.2 + */ + testcase TC_SEC_ITSS_RCV_MSG_02_BO() runs on ItsGeoNetworking system ItsSecSystem { + + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + 4 + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_MSG_02_BO + + /** + * @desc Receiving behaviour test cases for CAM profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3.2 CAM Profile + */ + group recvCamProfile { + + /** + * @desc Check that IUT accepts a valid secured CAM message signed with certificate + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             containing protocolVersion 
+           *                 indicating 3
+           *             and containing content.signedData
+           *                 containing hashId
+           *                     indicating hash algorithm of the verification key of CERT_TS_A_AT
+           *                 and containing tbsData
+           *                     containing payload
+           *                         containing data
+           *                             containing protocolVersion 
+           *                                 indicating 3
+           *                             and containing content.unsecuredData
+           *                                 containing CAM payload
+           *                     and containing headerInfo
+           *                         containing psid
+           *                             indicating CAM AID value
+           *                     and containing generationTime
+           *                         indicating time within 2sec around the CUR_TIME
+           *                     and NOT containing other headers
+           *             and containing signer
+           *                 containing certificate
+           *                     containing 1 item of type EtsiTs103097Certificate
+           *                         indicating CERT_TS_A_AT
+           *             and containing signature
+           *                 containing ecdsaNistP256Signature
+           *                     containing rSig.x-only
+           *                 calculated over the MSG.content.signedData.tbsData
+           *                     using verification key of CERT_TS_A_AT
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_01_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_taCert_A, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_01_BV + + /** + * @desc Check that IUT accepts a valid secured CAM message signed with certificate + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *      and the IUT has already received the message signed with CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV
+           *             and containing content.signedData.signer
+           *                 containing digest
+           *                     referencing CERT_TS_A_AT
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_02_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_02_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_digest), + f_getTsStationId() + ); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_digest), + f_getTsStationId() + ); + + vc_utInds := {}; + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_02_BV + + /** + * @desc Check that IUT accepts a valid secured CAM message signed with compressed signature + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV
+           *             and containing content.signedData.signature
+           *                 containing ecdsaNistP256Signature
+           *                     containing rSig.compressed-y-0
+           *                     or containing rSig.compressed-y-1
+           *                 calculated over the MSG.content.signedData.tbsData
+           *                     using verification key of CERT_TS_A_AT
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_03_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_digest), + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_03_BV + + /** + * @desc Check that IUT accepts a valid secured CAM message signed with compressed signature + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *      and the IUT current position is inside the region restriction of X_AT_CERTIFICATE
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV
+           *              and containing content.signedData
+           *                  containing signer
+           *                      containing certificate
+           *                          containing 1 item of type EtsiTs103097Certificate
+           *                              indicating X_AT_CERTIFICATE
+           *                                  containing toBeSigned.region
+           *                                      containing X_FIELD
+           *                  and containing signature
+           *                      containing ecdsaNistP256Signature
+           *                          containing rSig.x-only
+           *                              calculated over the MSG.content.signedData.tbsData
+           *                                  using verification key of X_AT_CERTIFICATE
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_04_BV_XX + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_04_BV_XX() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(PX_AT_CERTIFICATE, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + PX_AT_CERTIFICATE, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_04_BV_XX + + /** + * @desc Check that IUT accepts a valid secured CAM message signed using the brainpoolP256r1 algorithm + * 
    +           * Pics Selection: PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P256R1
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_B_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV
+           *             and containing content.signedData
+           *                 containing signer
+           *                     containing certificate
+           *                         containing 1 item of type EtsiTs103097Certificate
+           *                             indicating CERT_TS_A_B_AT
+           *                                 containing toBeSigned.verifyKeyIndicator.verificationKey
+           *                                     containing ecdsaBrainpoolP256r1
+           *             and containing signature
+           *                 containing ecdsaBrainpoolP256r1Signature
+           *                     containing rSig.x-only
+           *                 calculated over the MSG.content.signedData.tbsData
+           *                     using verification key of CERT_TS_A_B_AT
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_05_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_05_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY) or not(PICS_SEC_BRAINPOOL_P256R1)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P256R1' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_iutCert_A_B, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A_B, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_05_BV + + /** + * @desc Check that IUT accepts a valid secured CAM message signed using the brainpoolP384r1 algorithm + * 
    +           * Pics Selection: PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P384R1
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_B_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_01_BV
+           *             and containing content.signedData
+           *                 containing signer
+           *                     containing certificate
+           *                         containing 1 item of type EtsiTs103097Certificate
+           *                             indicating CERT_TS_A_B_AT
+           *                                 containing toBeSigned.verifyKeyIndicator.verificationKey
+           *                                     containing ecdsaBrainpoolP384r1
+           *             and containing signature
+           *                 containing ecdsaBrainpoolP384r1Signature
+           *                     containing rSig.x-only
+           *                 calculated over the MSG.content.signedData.tbsData
+           *                     using verification key of CERT_TS_A_B_AT
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_06_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_06_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY) or not(PICS_SEC_BRAINPOOL_P384R1)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P384R1' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_iutCert_A_B3, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredCam( + cc_taCert_A_B3, + valueof(m_headerInfo_cam(-, (f_getCurrentTime() * 1000)/*us*/)), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_06_BV + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field an invalid Psid value + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             not indicating CAM AID value
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_01_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_01_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + true // Wrong AtsAid + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_01_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo does not contains the header field generationLocation + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating CAM AID value
+           *                         and containing generationLocation
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_02_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_02_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + true // Add generationLocation + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_02_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field expiryTime + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating CAM AID value
+           *                         and containing expiryTime
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_03_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_03_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + true // Add expiryTime + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_03_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field p2pcdLearningRequest + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating CAM AID value
+           *                         and containing p2pcdLearningRequest
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_04_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_04_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + true // Add p2pcdLearningRequest + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_04_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field missingCrlIdentifier + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating CAM AID value
+           *                         and containing missingCrlIdentifier
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_05_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_05_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + true// Add missingCrlIdentifier + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_05_BO + + /** + * @desc Check that IUT discards a secured CAM if the HeaderInfo contains the header field encryptionKey + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating CAM AID value
+           *                         and containing encryptionKey
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_06_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_06_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + true// Add encryptionKey + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_06_BO + + /** + * @desc Check that IUT discards a secured CAM if the ‘SignedData' contains an invalid signature algorithm + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV
+           *             and containing SignedData
+           *                 containing Signature
+           *                     indicating wrong signature algorithm
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_07_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_07_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + true // Alter signature algorithm + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_07_BO + + /** + * @desc Check that IUT discards a secured CAM if the ‘SignerIdentifier' contains an invalid choice + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV
+           *             and containing SignedData
+           *                 containing SignerIdentifier
+           *                     indicating 'self'
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_08_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_08_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + -, // Alter signature algorithm + true // Alter SignerIdentifier + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_08_BO + + /** + * @desc Check that IUT discards a secured CAM if the Signature cannot be verified + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_CAM_02_BV
+           *             and containing Signature
+           *                 indicating an altered value
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_CAM_09_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_CAM_09_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredCam_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + -, // Alter signature algorithm + -, // Alter SignerIdentifier + true // Alter Signature + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_CAM_09_BO + + } // End of group recvCamProfile + + /** + * @desc Receiving behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3.3 DENM Profile + */ + group recvDenmProfile { + + /** + * @desc Check that IUT accepts a valid secured DENM message signed with certificate + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             containing protocolVersion 
+           *                 indicating 3
+           *             and containing content.signedData
+           *                 containing hashId
+           *                     indicating hash algorithm of the verification key of CERT_TS_A_AT
+           *                 and containing tbsData
+           *                     containing payload
+           *                         containing data
+           *                             containing protocolVersion 
+           *                                 indicating 3
+           *                             and containing content.unsecuredData
+           *                                 containing DENM payload
+           *                     and containing headerInfo
+           *                         containing psid
+           *                             indicating DENM AID value
+           *                     and containing generationTime
+           *                         indicating time within 2sec around the CUR_TIME
+           *                     and containing generationLocation
+           *                     and NOT containing other headers
+           *             and containing signer
+           *                 containing certificate
+           *                     containing 1 item of type EtsiTs103097Certificate
+           *                         indicating CERT_TS_A_AT
+           *             and containing signature
+           *                 containing ecdsaNistP256Signature
+           *                     containing rSig.x-only
+           *                 calculated over the MSG.content.signedData.tbsData
+           *                     using verification key of CERT_TS_A_AT
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_01_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_01_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_taCert_A, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredDenm( + cc_taCert_A, + valueof(m_headerInfo_denm( + -, + (f_getCurrentTime() * 1000)/*us*/, + m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + ) + )), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_01_BV + + /** + * @desc Check that IUT accepts a valid secured DENM message signed with certificate containing region restriction + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of X_AT_CERTIFICATE
+           *      and the IUT current position is inside the region restriction of X_AT_CERTIFICATE
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_01_BV
+           *             and containing content.signedData
+           *                 containing hashId
+           *                     indicating hash algorithm of the verification key of CERT_TS_A_AT
+           *                 and containing tbsData
+           *                     containing headerInfo
+           *                         containing generationLocation
+           *                             indicating location inside the  X_AT_CERTIFICATE region restriction
+           *                 and containing signer
+           *                     containing certificate
+           *                         containing 1 item of type EtsiTs103097Certificate
+           *                             indicating X_AT_CERTIFICATE
+           *                                 containing toBeSigned.region
+           *                                     containing X_FIELD
+           *                 and containing signature
+           *                     containing ecdsaNistP256Signature
+           *                         containing rSig.x-only
+           *                     calculated over the MSG.content.signedData.tbsData
+           *                         using verification key of X_AT_CERTIFICATE
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_02_BV_XX + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_02_BV_XX() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(PX_AT_CERTIFICATE, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredDenm( + PX_AT_CERTIFICATE, + valueof(m_headerInfo_denm( + -, + (f_getCurrentTime() * 1000)/*us*/, + m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + ) + )), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_02_BV_XX + + /** + * @desc Check that IUT accepts a valid secured DENM message signed using the brainpoolP256r1 algorithm + * 
    +           * Pics Selection: PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P256R1
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_B_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_01_BV
+           *             and containing content.signedData
+           *                 containing signer
+           *                     containing certificate
+           *                         containing 1 item of type EtsiTs103097Certificate
+           *                             indicating CERT_TS_A_B_AT
+           *                                 containing toBeSigned.verifyKeyIndicator.verificationKey
+           *                                     containing ecdsaBrainpoolP256r1
+           *             and containing signature
+           *                 containing ecdsaBrainpoolP256r1Signature
+           *                     containing rSig.x-only
+           *                 calculated over the MSG.content.signedData.tbsData
+           *                     using verification key of CERT_TS_A_B_AT
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_03_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_03_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + + // Test adapter configuration + if (not(PICS_GN_SECURITY) or not(PICS_SEC_BRAINPOOL_P256R1)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P256R1' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_iutCert_A_B, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredDenm( + cc_taCert_A_B, + valueof(m_headerInfo_denm( + -, + (f_getCurrentTime() * 1000)/*us*/, + m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + ) + )), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_03_BV + + /** + * @desc Check that IUT accepts a valid secured DENM message signed using the brainpoolP384r1 algorithm + * 
    +           * Pics Selection: PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P384R1
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_B3_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_01_BV
+           *             and containing content.signedData
+           *                 containing signer
+           *                     containing certificate
+           *                         containing 1 item of type EtsiTs103097Certificate
+           *                             indicating CERT_TS_A_B3_AT
+           *                                 containing toBeSigned.verifyKeyIndicator.verificationKey
+           *                                     containing ecdsaBrainpoolP384r1
+           *             and containing signature
+           *                 containing ecdsaBrainpoolP384r1Signature
+           *                     containing rSig.x-only
+           *                 calculated over the MSG.content.signedData.tbsData
+           *                     using verification key of CERT_TS_A_B3_AT
+           *     } then {
+           *         the IUT accepts the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_DENM_04_BV + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_04_BV() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB + + // Test adapter configuration + if (not(PICS_GN_SECURITY) or not(PICS_SEC_BRAINPOOL_P384R1)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_BRAINPOOL_P384R1' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + // Load certificates if required + if (f_prepareCertificates(cc_iutCert_A_B3, v_aaCertificate, v_atCertificate) == false) { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_timeout); + } else { + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + } + + // Test Body + v_securedGnPdu := f_sendSecuredDenm( + cc_taCert_A_B3, + valueof(m_headerInfo_denm( + -, + (f_getCurrentTime() * 1000)/*us*/, + m_threeDLocation( + v_longPosVectorNodeB.latitude, + v_longPosVectorNodeB.longitude, + 0 + ) + )), + valueof(m_signerIdentifier_certificate(v_atCertificate)), // Add certificate + f_getTsStationId() + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + else { + log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_04_BV + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field an invalid Psid value + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             not indicating DENM AID value
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_01_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_01_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + true // Wrong AtsAid + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_01_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo does not contains the header field generationLocation + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating DENM AID value
+           *                         and containing generationLocation
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_02_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_02_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + true // Add generationLocation + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_02_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field expiryTime + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating DENM AID value
+           *                         and containing expiryTime
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_03_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_03_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + true // Add expiryTime + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_03_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field p2pcdLearningRequest + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating DENM AID value
+           *                         and containing p2pcdLearningRequest
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_04_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_04_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + true // Add p2pcdLearningRequest + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_04_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field missingCrlIdentifier + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating DENM AID value
+           *                         and containing missingCrlIdentifier
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_05_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_05_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + true// Add missingCrlIdentifier + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_05_BO + + /** + * @desc Check that IUT discards a secured DENM if the HeaderInfo contains the header field encryptionKey + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time (CUR_TIME) is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV
+           *             and containing SignedData
+           *                 containing ToBeSignedData
+           *                     containing HeaderInfo
+           *                         containing Psid
+           *                             indicating DENM AID value
+           *                         and containing encryptionKey
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_06_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_06_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + true// Add encryptionKey + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_06_BO + + /** + * @desc Check that IUT discards a secured DENM if the ‘SignedData' contains an invalid signature algorithm + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV
+           *             and containing SignedData
+           *                 containing Signature
+           *                     indicating wrong signature algorithm
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_07_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_07_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + true // Alter signature algorithm + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_07_BO + + /** + * @desc Check that IUT discards a secured DENM if the Signature cannot be verified + * 
    +           * Pics Selection: PICS_GN_SECURITY
+           * Config Id: CF01
+           * Initial conditions:
+           *  with {
+           *      the IUT being in the 'authorized' state
+           *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
+           *  }
+           * Expected behaviour:
+           * ensure that {
+           *     when {
+           *         the IUT is receiving a message of type EtsiTs103097Data (MSG)
+           *             indicating the message described in TP_SEC_ITSS_RCV_DENM_02_BV
+           *             and containing Signature
+           *                 indicating an altered value
+           *     } then {
+           *         the IUT discards the SecuredMessage
+           *     }
+           * }
+           *
    + * + * @see ETSI TS 103 096-2 v1.5.1 TP_TC_SEC_ITSS_RCV_DENM_09_BO + * @reference ETSI TS 103 097 [1] Clause 7.1.1 + */ + testcase TC_SEC_ITSS_RCV_DENM_09_BO() runs on ItsGeoNetworking system ItsSecSystem { + + // Local variables + var integer i; + var GeoNetworkingPdu v_securedGnPdu; + var GnRawPayload v_sentRawPayload; + + // Test adapter configuration + if (not(PICS_GN_SECURITY)) { + log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); + stop; + } + + // Test component configuration + f_cf01Up(); + + // Test adapter configuration + + // Preamble + f_prNeighbour(); + f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); + + // Test Body + v_securedGnPdu := f_sendSecuredDenm_Bo( + cc_taCert_A, + -, // Protocol version + -, // Wrong psid + -, // Add generationLocation + -, // Add expiryTime + -, // Add p2pcdLearningRequest + -,// Add missingCrlIdentifier + -, // Add encryptionKey + -, // Alter signature algorithm + -, // Alter SignerIdentifier + true // Alter Signature + ); + + f_sleep(PX_TNOAC); + v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); + for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { + // Empty on purpose + } + if (i < lengthof(vc_utInds)) { + + log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); + } + else { + log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); + f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); + } + + // Postamble + f_poNeighbour(); + f_cf01Down(); + } // End of testcase TC_SEC_ITSS_RCV_DENM_09_BO + + } // End of group recvDenmProfile + + /** + * @desc Receiving behaviour test cases for Other profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3.4 Generic Signed Message Profile + */ + group recvOtherProfile { + + /** + * @desc Function used to verify the IUT has forwarded or discarded the received secured message sent by the TA + */ + group commonFunctions { + +// /** +// * @desc Behavior function for NodeD in case of forwarding is expected +// * @see TC_GEONW_PON_GBC_BV_01 +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD() runs on ItsGeoNetworking { +// +// // Local variables +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdict(c_prDone, e_success); +// +// // Test Body +// tc_ac.start; +// alt { +// [] geoNetworkingPort.receive( +// mw_geoNwInd( +// mw_geoNwSecPdu( +// mw_ieee1609Dot2Data_dummy, +// mw_geoNwBroadcastPacketWithArea( +// mw_longPosVectorPosition( +// v_longPosVectorNodeB +// ), +// ?, +// f_getGeoBroadcastArea(c_area1) +// )))) { +// tc_ac.stop; +// log("*** " & testcasename() & ": PASS: Beacon message was forwarded ***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// [] geoNetworkingPort.receive( +// mw_geoNwInd( +// mw_geoNwSecPdu( +// mw_ieee1609Dot2Data_dummy +// ))) { +// // Do not restart tc_ac timer +// log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); +// repeat; +// } +// [] tc_ac.timeout { +// log("*** " & testcasename() & ": FAIL: GBC message not received ***"); +// f_selfOrClientSyncAndVerdict(c_tbDone, e_error); +// } +// } +// +// // Postamble +// f_poNeighbour(); +// +// } // End of function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD +// +// /** +// * @desc Behavior function for NodeD in case of forwarding is not expected +// * @see TC_GEONW_PON_GBC_BV_01 +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD() runs on ItsGeoNetworking { +// +// // Local variables +// var LongPosVector v_longPosVectorIut := f_getPosition(c_compIut); +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdict(c_prDone, e_success); +// +// // Test Body +// tc_noac.start; +// alt { +// [] geoNetworkingPort.receive( +// mw_geoNwInd( +// mw_geoNwSecPdu( +// mw_ieee1609Dot2Data_dummy, +// mw_geoNwBroadcastPacketWithArea( +// mw_longPosVectorPosition( +// v_longPosVectorIut +// ), +// ?, +// f_getGeoBroadcastArea(c_area1) +// )))) { +// tc_noac.stop; +// log("*** " & testcasename() & ": FAIL: Beacon message shall ot be forwarded ***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// [] geoNetworkingPort.receive( +// mw_geoNwInd( +// mw_geoNwSecPdu( +// mw_ieee1609Dot2Data_dummy +// ))) { +// // Do not restart tc_ac timer +// log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); +// repeat; +// } +// [] tc_noac.timeout { +// log("*** " & testcasename() & ": PASS: Secured message was discarded ***"); +// f_selfOrClientSyncAndVerdict(c_tbDone, e_success); +// } +// } +// +// // Postamble +// f_poNeighbour(); +// +// } // End of function f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD + + } // End of goup commonFunctions + +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate without region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Expected behavior:
+//             * with {
+//             *   the IUT being in the 'authorized' state
+//             *   and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * }
+//             * ensure that {
+//             *   when {
+//             *     the IUT is receiving a Ieee1609Dot2Data
+//             *          containing header_fields[0]
+//             *              containing type 
+//             *                  indicating 'signer_info'
+//             *              and containing signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificate (CERT_AT_A)
+//             *                      containing subject_info.subject_type
+//             *                          indicating 'authorization_ticket' (2)
+//             *                      and containing subject_attributes['verification key'] (KEY)
+//             *                      and containing validity_restrictions['time_start_and_end']
+//             *                          indicating CERT_TS_AT_TIME_VALIDITY
+//             *             and not containing validity_restrictions['region']
+//             *       and containing header_fields [1]
+//             *         containing type 
+//             *           indicating 'generation_time'
+//             *              containing generation_time
+//             *                  indicating CURRENT_TIME
+//             *                      inside CERT_TS_AT_TIME_VALIDITY
+//             *       and containing header_fields [2]
+//             *           containing type 
+//             *               indicating 'generation_location'
+//             *                   containing generation_location
+//             *           and containing generation_location
+//             *       and containing header_fields[3]
+//             *           containing type 
+//             *               indicating 'its_aid'
+//             *           and containing its_aid
+//             *              indicating 'AID_BEACON'
+//             *          and containing payload_field 
+//             *               containing type
+//             *                  indicating 'signed'
+//             *              containing data
+//             *                  indicating length > 0
+//             *          and containing trailer_fields 
+//             *              containing single instance of type TrailerField 
+//             *                  containing type
+//             *                      indicating 'signature'
+//             *                  containing signature
+//             *                      verifiable using KEY
+//             *   } then {
+//             *     the IUT accepts the message
+//             *   }
+//             * }
+//             *
    +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_01_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_01_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_A)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_01_BV +// +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a circular region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Expected behavior:
+//             * with {
+//             *   the IUT being in the 'authorized' state
+//             *   and the IUT current time is inside the time validity period of CERT_TS_B_AT
+//             *   and the IUT current location is inside the region validity period of CERT_TS_B_AT
+//             * }
+//             * ensure that {
+//             *   when {
+//             *     the IUT is receiving a Ieee1609Dot2Data
+//             *         containing protocol_version 
+//             *             indicating value '2'
+//             *         and containing header_fields[0]
+//             *              containing type 
+//             *                  indicating 'signer_info'
+//             *              and containing signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificate (CERT_TS_B_AT)
+//             *                      containing subject_info.subject_type
+//             *                          indicating 'authorization_ticket' (2)
+//             *                      and containing subject_attributes['verification key'] (KEY)
+//             *                      and containing validity_restrictions['time_start_and_end']
+//             *                          indicating CERT_TS_AT_TIME_VALIDITY
+//             *                      and containing validity_restrictions['region']
+//             *                          containing region
+//             *                              containing region_type
+//             *                                  indicating 'circle'
+//             *                              and containing circular_region
+//             *                                  indicating REGION
+//             *       and containing header_fields [1]
+//             *         containing type 
+//             *           indicating 'generation_time'
+//             *              containing generation_time
+//             *                  indicating CURRENT_TIME
+//             *       and containing header_fields [2]
+//             *           containing type 
+//             *               indicating 'generation_location'
+//             *           and containing generation_location
+//             *       and containing header_fields[3]
+//             *           containing type 
+//             *               indicating 'its_aid'
+//             *           and containing its_aid
+//             *               indicating 'AID_BEACON'
+//             *          and containing payload_field 
+//             *               containing type
+//             *                  indicating 'signed'
+//             *              containing data
+//             *                  indicating length > 0
+//             *          and containing trailer_fields 
+//             *              containing single instance of type TrailerField 
+//             *                  containing type
+//             *                      indicating 'signature'
+//             *                  containing signature
+//             *                      verifiable using KEY
+//             *   } then {
+//             *     the IUT accepts the message
+//             *   }
+//             * }
+//             *
    +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_02_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_02_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_B)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_02_BV +// +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Expected behavior:
+//             * with {
+//             *   the IUT being in the 'authorized' state
+//             *   and the IUT current time is inside the time validity period of CERT_TS_C_AT
+//             *   and the IUT current location is inside the region validity period of CERT_TS_C_AT
+//             * }
+//             * ensure that {
+//             *   when {
+//             *     the IUT is receiving a Ieee1609Dot2Data
+//             *         containing protocol_version 
+//             *             indicating value '2'
+//             *         and containing header_fields[0]
+//             *              containing type 
+//             *                  indicating 'signer_info'
+//             *              and containing signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificate (CERT_TS_C_AT)
+//             *                      containing subject_info.subject_type
+//             *                          indicating 'authorization_ticket' (2)
+//             *                      and containing subject_attributes['verification key'] (KEY)
+//             *                      and containing validity_restrictions['time_start_and_end']
+//             *                          indicating CERT_TS_AT_TIME_VALIDITY
+//             *                      and containing validity_restrictions['region']
+//             *                          containing region
+//             *                              containing region_type
+//             *                                  indicating 'rectangle'
+//             *                              and containing rectangular_region
+//             *                                  indicating REGION
+//             *       and containing header_fields [1]
+//             *         containing type 
+//             *           indicating 'generation_time'
+//             *              containing generation_time
+//             *                  indicating CURRENT_TIME
+//             *       and containing header_fields [2]
+//             *           containing type 
+//             *               indicating 'generation_location'
+//             *           and containing generation_location
+//             *       and containing header_fields[3]
+//             *           containing type 
+//             *               indicating 'its_aid'
+//             *           and containing its_aid
+//             *               indicating 'AID_BEACON'
+//             *          and containing payload_field 
+//             *               containing type
+//             *                  indicating 'signed'
+//             *              containing data
+//             *                  indicating length > 0
+//             *          and containing trailer_fields 
+//             *              containing single instance of type TrailerField 
+//             *                  containing type
+//             *                      indicating 'signature'
+//             *                  containing signature
+//             *                      verifiable using KEY
+//             *   } then {
+//             *     the IUT accepts the message
+//             *   }
+//             * }
+//             *
    +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_03_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_03_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_C)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_03_BV +// +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Expected behavior:
+//             * with {
+//             *   the IUT being in the 'authorized' state
+//             *   and the IUT current time is inside the time validity period of CERT_TS_D_AT
+//             *   and the IUT current location is inside the region validity period of CERT_TS_D_AT
+//             * }
+//             * ensure that {
+//             *   when {
+//             *     the IUT is receiving a Ieee1609Dot2Data
+//             *         containing protocol_version 
+//             *             indicating value '2'
+//             *         and containing header_fields[0]
+//             *              containing type 
+//             *                  indicating 'signer_info'
+//             *              and containing signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificate (CERT_TS_D_AT)
+//             *                      containing subject_info.subject_type
+//             *                          indicating 'authorization_ticket' (2)
+//             *                      and containing subject_attributes['verification key'] (KEY)
+//             *                      and containing validity_restrictions['time_start_and_end']
+//             *                          indicating CERT_TS_AT_TIME_VALIDITY
+//             *                      and containing validity_restrictions['region']
+//             *                          containing region
+//             *                              containing region_type
+//             *                                  indicating 'polygon'
+//             *                              and containing polygonal_region
+//             *                                  indicating REGION
+//             *       and containing header_fields [1]
+//             *         containing type 
+//             *           indicating 'generation_time'
+//             *              containing generation_time
+//             *                  indicating CURRENT_TIME
+//             *       and containing header_fields [2]
+//             *           containing type 
+//             *               indicating 'generation_location'
+//             *           and containing generation_location
+//             *       and containing header_fields[3]
+//             *           containing type 
+//             *               indicating 'its_aid'
+//             *           and containing its_aid
+//             *               indicating 'AID_BEACON'
+//             *          and containing payload_field 
+//             *               containing type
+//             *                  indicating 'signed'
+//             *              containing data
+//             *                  indicating length > 0
+//             *          and containing trailer_fields 
+//             *              containing single instance of type TrailerField 
+//             *                  containing type
+//             *                      indicating 'signature'
+//             *                  containing signature
+//             *                      verifiable using KEY
+//             *   } then {
+//             *     the IUT accepts the message
+//             *   }
+//             * }
+//             *
    +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_04_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_04_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_D)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_04_BV +// +// /** +// * @desc Check that IUT accepts a well-formed Secured GN Beacon signed with the certificate with a rectangular region validity restriction +// * @remark The message defined in this test purpose is used in the subsequent test purposes with the snippet name ‘MSG_SEC_RCV_GENMSG_C’. Only differences to this snippet are mentioned in subsequent test purposes +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Expected behavior:
+//             * with {
+//             *   the IUT being in the 'authorized' state
+//             *   and the IUT current time is inside the time validity period of CERT_TS_E_AT
+//             *   and the IUT current location is inside the region validity period of CERT_TS_E_AT
+//             * }
+//             * ensure that {
+//             *   when {
+//             *     the IUT is receiving a Ieee1609Dot2Data
+//             *         containing protocol_version 
+//             *             indicating value '2'
+//             *         and containing header_fields[0]
+//             *              containing type 
+//             *                  indicating 'signer_info'
+//             *              and containing signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificate (CERT_TS_E_AT)
+//             *                      containing subject_info.subject_type
+//             *                          indicating 'authorization_ticket' (2)
+//             *                      and containing subject_attributes['verification key'] (KEY)
+//             *                      and containing validity_restrictions['time_start_and_end']
+//             *                          indicating CERT_TS_AT_TIME_VALIDITY
+//             *                      and containing validity_restrictions['region']
+//             *                          containing region
+//             *                              containing region_type
+//             *                                  indicating 'id_region'
+//             *                              and containing id_region
+//             *                                  indicating REGION
+//             *       and containing header_fields [1]
+//             *         containing type 
+//             *           indicating 'generation_time'
+//             *              containing generation_time
+//             *                  indicating CURRENT_TIME
+//             *       and containing header_fields [2]
+//             *           containing type 
+//             *               indicating 'generation_location'
+//             *           and containing generation_location
+//             *       and containing header_fields[3]
+//             *           containing type 
+//             *               indicating 'its_aid'
+//             *           and containing its_aid
+//             *               indicating 'AID_BEACON'
+//             *          and containing payload_field 
+//             *               containing type
+//             *                  indicating 'signed'
+//             *              containing data
+//             *                  indicating length > 0
+//             *          and containing trailer_fields 
+//             *              containing single instance of type TrailerField 
+//             *                  containing type
+//             *                      indicating 'signature'
+//             *                  containing signature
+//             *                      verifiable using KEY
+//             *   } then {
+//             *     the IUT accepts the message
+//             *   }
+//             * }
+//             *
    +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_01_05_BV +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_01_05_BV() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB(cc_taCert_E)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BV_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_01_05_BV +// +// group g_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB( +// in charstring p_taCert +// ) runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdict(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredBeacon(p_taCert, omit, e_certificate); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of function f_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV_nodeB +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_01_0x_BV +// +// /** +// * @desc Check that IUT discards a Secured GN Message containing protocol version set to a value less than 2 +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Expected behavior:
+//             * with {
+//             *   the IUT being in the 'authorized' state
+//             *   and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * }
+//             * ensure that {
+//             *   when {
+//             *     the IUT is receiving a Ieee1609Dot2Data
+//             *         containing protocol_version 
+//             *             indicating 1
+//             *   } then {
+//             *     the IUT discards the message
+//             *   }
+//             * }
+//             *
    +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_02_01_BO +// * @reference ETSI TS 103 097 [1] Clause 5.1 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_02_01_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB(PX_WRONG_PROTOCOL_VERSION)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_02_01_BO +// +// /** +// * @desc Check that IUT discards a Secured GN Message containing protocol version set to a value greater than 2 +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Expected behavior:
+//             * with {
+//             *   the IUT being in the 'authorized' state
+//             *   and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * }
+//             * ensure that {
+//             *   when {
+//             *     the IUT is receiving a Ieee1609Dot2Data
+//             *         containing protocol_version 
+//             *             indicating 3
+//             *   } then {
+//             *     the IUT discards the message
+//             *   }
+//             * }
+//             *
    +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_02_02_BO +// * @reference ETSI TS 103 097 [1] Clause 5.1 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_02_02_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB(PX_WRONG_PROTOCOL_VERSION)); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_02_02_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB( +// in UInt8 p_protocolVersion +// ) runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdict(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredBeacon_Bo(cc_taCert_A, p_protocolVersion); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of function f_TC_SEC_ITSS_RCV_GENMSG_02_0x_BO_nodeB +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_02_0x_BV +// +// /** +// * @desc Check that IUT discards a secured GN Message if the header_fields contains more than one header field of type 'signer_info' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[2].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[3].type
+//             *              indicating ''generation_location''
+//             *          and containing header_fields[4].type
+//             *              containing its_aid
+//             *                  indicating 'AID_BEACON'
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_01_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_01_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_01_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_signer_info( +// m_signerIdentifier_certificate( +// vc_aaCertificate +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_01_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_01_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the header_fields does not contain the header field of type 'signer_info' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          and containing header_fields[0].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[1].type
+//             *              indicating 'generation_location'
+//             *          and containing header_fields[2].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[3].type
+//             *              containing its_aid
+//             *                  indicating 'AID_BEACON'
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_02_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_02_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_02_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_02_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_02_BO +// +// /** +// * @desc Check that IUT is able to receive a secured GN Message if the signer_info header field is not encoded first. +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          and containing header_fields[0].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[1].type
+//             *              indicating 'generation_location'
+//             *          and containing header_fields[2].type
+//             *              containing its_aid
+//             *                  indicating 'AID_BEACON'
+//             *          and containing header_fields[3].type
+//             *              indicating 'signer_info'
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_03_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_03_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_03_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other, +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )) +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_03_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_03_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_time' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[2].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[3].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[4].type
+//             *              containing its_aid
+//             *                  indicating 'AID_BEACON'
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_04_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_04_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_04_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_04_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_time(1000 * f_getCurrentTime() - 1), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_04_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_04_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message does not contain the header field of type 'generation_time' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[2].type
+//             *              containing its_aid
+//             *                  indicating 'AID_BEACON'
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_05_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_05_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_05_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_05_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_05_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_05_BO +// +// /** +// * @desc Check that IUT discards a Secured GN Message if the message contains more than one header field of type 'its_aid' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[2].type
+//             *              indicating 'generation_location'
+//             *          and containing header_fields[3]
+//             *              containing type
+//             *                  indicating 'its_aid'
+//             *              containing its_aid
+//             *                  indicating 'AID_BEACON'
+//             *          and containing header_fields[4].type
+//             *              containing its_aid
+//             *                  indicating 'AID_BEACON'
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_06_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_06_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_06_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_06_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other, +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_06_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_06_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message does not contain the header field of type 'its_aid' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[2].type
+//             *              indicating 'generation_location'
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_06a_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_06a_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_06a_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ) +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_06a_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_location' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[2].type
+//             *              indicating 'generation_location'
+//             *          and containing header_fields[3].type
+//             *              indicating 'generation_location'
+//             *          and containing header_fields[4]
+//             *              containing type
+//             *                  indicating 'its_aid'
+//             *              containing its_aid
+//             *                  indicating 'AID_BEACON'
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_07_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_07_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_07_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_07_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0100'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_07_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_07_BO +// +// /** +// * @desc Check that IUT discards a secured GN Message if the message contains more than one header field of type 'generation_location' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[2].type
+//             *          and containing header_fields[4].type
+//             *              indicating 'its_aid'
+//             *                  containing its_aid
+//             *                      indicating 'AID_BEACON'
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_08_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_08_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_08_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_08_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_08_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_08_BO +// +// /** +// * @desc Check that IUT is able to receive a Secured GN Beacon if the header fields are not in the ascending order according to the numbering of the enumeration +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'its_aid'
+//             *          and containing header_fields[2].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[3].type
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_09_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_09_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_09_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_09_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_its_aid_Other, +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ) +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_09_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_09_BO +// +// /** +// * @desc Check that IUT accepts a GN Secured Message containing optional header field of type 'expiry_time' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'its_aid'
+//             *          and containing header_fields[2].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[3].type
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_11_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_11_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_11_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_11_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_expiry_time( +// 1000 * (3600 + f_getCurrentTime()) // In us +// ), +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_11_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_11_BO +// +// /** +// * @desc Check that IUT accepts the Secured GN Message containing additional non-standard HeaderInfo +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_GN_GBC_SRC
+//             * Config Id: CF01
+//             * Initial conditions:
+//             * with { 
+//             *    the IUT being in the 'authorized' state 
+//             *    and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             * } 
+//             * ensure that { 
+//             *  when { 
+//             *      the IUT is receiving a Ieee1609Dot2Data (MSG_SEC_RCV_GENMSG_A) 
+//             *          containing header_fields[0].type
+//             *              indicating 'signer_info'
+//             *          and containing header_fields[1].type
+//             *              indicating 'generation_time'
+//             *          and containing header_fields[2].type
+//             *          and containing header_fields[3].type
+//             *              indicating 'its_aid'
+//             *          and containing header_fields[4]
+//             *              containing type
+//             *                  indicating non-standard header field type (1000)
+//             *              and containing other_header
+//             *                  indicating non-empty data
+//             *          and not containing other header fields
+//             *  } then { 
+//             *      the IUT discards the message 
+//             *  } 
+//             * } 
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_GENMSG_04_12_BO +// * @reference ETSI TS 103 097 [1] Clause 7.3 +// */ +// testcase TC_SEC_ITSS_RCV_GENMSG_04_12_BO() runs on ItsMtc system ItsSecSystem { +// +// // Local variables +// var ItsGeoNetworking v_nodeB; +// var ItsGeoNetworking v_nodeD; +// +// // Test control +// if (not(PICS_GN_SECURITY) or not(PICS_GN_GBC_SRC)) { +// log("*** " & testcasename() & ": 'PICS_GN_SECURITY and PICS_GN_GBC_SRC' required for executing the TC ***"); +// setverdict(inconc); +// stop; +// } +// +// // Test component configuration +// f_cf02Up(); +// +// // Preamble +// +// // Start components +// v_nodeB := f_getComponent(c_compNodeB); +// v_nodeD := f_getComponent(c_compNodeD); +// v_nodeB.start(f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO()); +// v_nodeD.start(f_TC_SEC_ITSS_RCV_GENMSG_xxx_BO_nodeD()); +// +// // Synchronization +// f_serverSync2ClientsAndStop({c_prDone, c_tbDone, c_poDone}); +// +// // Cleanup +// f_cf02Down(); +// +// } // End of testcase TC_SEC_ITSS_RCV_GENMSG_04_12_BO +// +// group g_TC_SEC_ITSS_RCV_GENMSG_04_12_BO { +// +// /** +// * @desc Behavior function for NodeB (TC_GEONW_PON_GBC_BV_01) +// */ +// function f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO() runs on ItsGeoNetworking { +// +// // Local variables +// var GeoNetworkingPdu v_securedGnPdu; +// var LongPosVector v_longPosVectorNodeB := f_getPosition(c_compNodeB); // Use NodeB +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredBeacon( +// cc_taCert_A, +// { +// m_header_info_signer_info( +// m_issuerIdentifier_sha256AndDigest( +// vc_atCertificate.signer_info.signerInfo.digest +// )), +// m_header_info_generation_time(1000 * f_getCurrentTime()), // In us +// m_header_info_expiry_time( +// 1000 * (3600 + f_getCurrentTime()) // In us +// ), +// m_header_info_generation_location( +// valueof(m_threeDLocation( +// v_longPosVectorNodeB.latitude, +// v_longPosVectorNodeB.longitude, +// '0000'O +// )) +// ), +// m_header_info_its_aid_Other, +// m_header_info_unspecify +// }, +// e_certificate_digest_with_sha256, +// false +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// +// // Postamble +// f_selfOrClientSyncAndVerdict(c_poDone, e_success); +// +// } // End of testcase f_TC_SEC_ITSS_RCV_GENMSG_04_12_BO +// +// } // End of group g_TC_SEC_ITSS_RCV_GENMSG_04_12_BO +// + } // End of group recvOtherProfile + + /** + * @desc Receiving behaviour test cases for certificates profile + * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.3.5 Profiles for certificates + */ + group recvCertificatesProfile { + +// /** +// * @desc Check that IUT discards the AT certificate with version 3 +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_01_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info'].signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificate (CERT_TS_01_01_BO_AT)
+//             *                      containing  version
+//             *                          indicating '3'
+//             *      } then {
+//             *          the IUT discards  the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_01_01_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 & 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_01_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0101_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_01_01_BO +// +// /** +// * @desc Check that IUT discards the AT certificate with version 1 +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_01_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info'].signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificate (CERT_TS_01_02_BO_AT)
+//             *                      containing  version
+//             *                          indicating '1'
+//             *      } then {
+//             *          the IUT discards  the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_01_02_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 & 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_01_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0102_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_01_02_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with version 3 +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_01_03_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info'].signer
+//             *                  containing type
+//             *                      indicating 'certificate_chain'
+//             *                  and containing certificate[0] (CERT_TS_01_03_BO_AA)
+//             *                      containing  version
+//             *                          indicating '3'
+//             *                  and containing certificate[1] (CERT_TS_01_03_BO_AT)
+//             *                      containing signer_info.type
+//             *                          indicating 'certificate_digest_with_sha256'
+//             *                      and containing signer_info.digest
+//             *                          referencing to CERT_TS_01_03_BO_AA
+//             *      } then {
+//             *          the IUT discards  the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_01_03_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 & 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_01_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0103_BO, -, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_01_03_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with version 1 +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_01_04_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info'].signer
+//             *                  containing type
+//             *                      indicating 'certificate_chain'
+//             *                  and containing certificate[0] (CERT_TS_01_04_BO_AA)
+//             *                      containing  version
+//             *                          indicating '1'
+//             *                  and containing certificate[1] (CERT_TS_01_04_BO_AT)
+//             *                      and containing signer_info.digest
+//             *                          referencing to CERT_TS_01_04_BO_AA
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_01_04_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 & 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_01_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// if (PICS_DEBUG_ADDON) { +// f_sendCertificateAndWaitForCertificateChainRequest(cc_taCert_F, f_generateDefaultCam()); +// } +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0104_BO, -, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_01_04_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_credential' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_02_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info'].signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificate (CERT_TS_02_01_BO_AT)
+//             *                      containing signer_info.type
+//             *                          indicating 'certificate_digest_with_sha256'
+//             *                      and containing signer_info.digest
+//             *                          referencing to certificate (CERT_TS_A_EC)
+//             *                              containing subject_info.subject_type
+//             *                                 indicating 'enrolment_credential'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_02_01_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_02_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0201_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_02_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_credential' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_02_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info'].signer
+//             *                  containing type
+//             *                      indicating 'certificate_chain'
+//             *                  and containing certificates[0] (CERT_TS_02_02_BO_AA)
+//             *                      containing signer_info.digest
+//             *                          referencing to certificate CERT_TS_A_EC
+//             *                              containing subject_info.subject_type
+//             *                                  indicating 'enrolment_credential'
+//             *                  and containing certificates[1] (CERT_TS_02_02_BO_AT)
+//             *                      containing signer_info.digest
+//             *                          referencing to CERT_TS_02_02_BO_AA
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_02_02_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_02_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0202_BO, omit, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_02_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_authority' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_02_03_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info'].signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificate (CERT_TS_02_03_BO_AT)
+//             *                      containing signer_info.type
+//             *                          indicating 'certificate_digest_with_sha256'
+//             *                  and containing signer_info.digest
+//             *                          referencing to certificate (CERT_TS_A_EA)
+//             *                              containing subject_info.subject_type
+//             *                                  indicating 'enrolment_authority'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_02_03_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_02_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0203_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_02_03_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_authority' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_02_04_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info'].signer
+//             *                  containing type
+//             *                      indicating 'certificate_chain'
+//             *                  and containing certificates[0] (CERT_TS_02_04_BO_AA)
+//             *                      containing signer_info.digest
+//             *                          referencing to certificate CERT_TS_A_EA
+//             *                              containing subject_info.subject_type
+//             *                                  indicating 'enrolment_authority'
+//             *                  and containing certificates[1] (CERT_TS_02_04_BO_AT)
+//             *                      containing signer_info.digest
+//             *                          referencing to CERT_TS_02_04_BO_AA
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_02_04_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_02_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0204_BO, omit, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_02_04_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization ticket certificate contains the subject type 'authorization_ticket' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_03_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields ['signer_info'].signer
+//             *                  containing certificate (CERT_TS_03_01_BO_AT)
+//             *                      containing signer_info.digest
+//             *                          referencing to CERT_TS_03_BO_CA
+//             *                              containing subject_info.subject_type
+//             *                                  indicating 'authorization_ticket'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_03_01_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_03_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0301_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_03_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the authorization authority certificate contains the subject type 'authorization_ticket' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_03_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields ['signer_info'].signer
+//             *                  containing type
+//             *                      indicating 'certificate_chain'
+//             *                  and containing certificates[0] (CERT_TS_03_02_BO_AA)
+//             *                      containing signer_info.digest
+//             *                          referencing to CERT_TS_03_BO_CA
+//             *                              containing subject_info.subject_type
+//             *                                  indicating 'authorization_ticket'
+//             *                  and containing certificates[1] (CERT_TS_03_02_BO_AT)
+//             *                      containing signer_info.digest
+//             *                      referencing to CERT_TS_03_02_BO_AA
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_03_02_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_03_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0302_BO, omit, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_03_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the issuer certificate of the AA certificate contains the subject type 'authorization_authority' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_04_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields ['signer_info'].signer
+//             *                  containing type
+//             *                      indicating 'certificate_chain'
+//             *                  and containing certificates[0] (CERT_TS_04_01_BO_AA)
+//             *                      containing signer_info.digest
+//             *                          referencing to CERT_TS_A_AA
+//             *                  and containing certificates[1] (CERT_TS_04_01_BO_AT)
+//             *                      containing signer_info.digest
+//             *                      referencing to CERT_TS_04_01_BO_AA
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_04_01_BO +// * @reference ETSI TS 103 097 [1] Clause 6.3 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_04_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0401_BO, omit, e_certificate_chain); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_04_01_BO +// +// /** +// * @desc Check that IUT discards the message when signing AT certificate has an invalid signature +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields ['signer_info'].signer
+//             *                  containing type
+//             *                      containing certificate
+//             *                  and containing certificates (CERT_TS_A_AT)
+//             *                      containing signer_info.digest
+//             *                          referencing to CERT_TS_A_AA
+//             *                      and containing signature
+//             *                          NOT verifiable with CERT_TS_A_AA.subject_attributes['verification_key'].key
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_05_01_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_05_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredCam_Bo( +// cc_taCert_A, +// -, +// 1, +// -, +// e_certificate, +// true, +// true +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_05_01_BO +// +// /** +// * @desc Check that IUT discards the message when the issuing AA certificate of the signing AT certificate has an invalid signature +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_A_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields ['signer_info'].signer
+//             *                  containing type
+//             *                      indicating 'certificate_chain'
+//             *                  and containing certificates[0] (CERT_TS_A_AT)
+//             *                      containing signer_info.digest
+//             *                          referencing to CERT_ROOT
+//             *                      and containing signature
+//             *                          NOT verifiable with CERT_ROOT.subject_attributes['verification_key'].key
+//             *                  and containing certificates[1] (CERT_TS_A_AT)
+//             *                      containing signer_info.digest
+//             *                          referencing to a CERT_TS_A_AA
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_05_02_BO +// * @reference ETSI TS 103 097 [1] Clauses 6.1 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_05_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_prepareSecuredCam_Bo( +// cc_taCert_A, +// -, +// 1, +// -, +// e_certificate_chain, +// true, +// false, +// true +// ); +// f_sendGeoNetMessage(valueof(m_geoNwReq_linkLayerBroadcast(v_securedGnPdu))); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(valueof(v_securedGnPdu.gnPacket.packet.payload)); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_05_02_BO +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the same circular region validity restriction as its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_06_01_BV_AT
+//             *      and the IUT current location is inside the CURCULAR_REGION_AA
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_06_01_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'circle'
+//             *                              containing circular_region
+//             *                                  indicating CURCULAR_REGION_AA
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_B_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'circle'
+//             *                                      and containing circular_region
+//             *                                          indicating CURCULAR_REGION_AA
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_01_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_01_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0601_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_01_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_06_02_BV_AT
+//             *      and the IUT current location is inside the CURCULAR_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_06_02_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'circle'
+//             *                              containing circular_region
+//             *                                  indicating CURCULAR_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_B_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'circle'
+//             *                                      and containing circular_region
+//             *                                          indicating CURCULAR_REGION_AA
+//             *                                              fully covering CURCULAR_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_02_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_02_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0602_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_02_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_06_03_BV_AT
+//             *      and the IUT current location is inside the CURCULAR_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_06_03_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'circle'
+//             *                              containing circular_region
+//             *                                  indicating CURCULAR_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_C_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'rectangle'
+//             *                                      and containing rectangular_region[0]
+//             *                                          indicating RECT_REGION_AA
+//             *                                              fully covering CURCULAR_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_03_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_03_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0603_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_03_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_06_04_BV_AT
+//             *      and the IUT current location is inside the CURCULAR_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_06_04_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'circle'
+//             *                              containing circular_region
+//             *                                  indicating CURCULAR_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_D_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'polygon'
+//             *                                      and containing polygonal_region
+//             *                                          indicating POLYGON_REGION_AA
+//             *                                              fully covering CURCULAR_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_04_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_04_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0604_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_04_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_06_05_BV_AT
+//             *      and the IUT current location is inside the CURCULAR_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_06_05_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'circle'
+//             *                              containing circular_region
+//             *                                  indicating CURCULAR_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_E_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'id'
+//             *                                      and containing id_region
+//             *                                          containing region_dictionary
+//             *                                              indicating 'iso_3166_1'
+//             *                                          and containing local_region
+//             *                                              indicating 0
+//             *                                          and containing region_identifier
+//             *                                              indicating ID_REGION_AT
+//             *                                                  fully covering CURCULAR_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_05_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_05_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0605_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_05_BV +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the circular region validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_06_06_BO_AT
+//             *      and the IUT current location is inside the CURCULAR_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_06_06_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'circle'
+//             *                              containing circular_region
+//             *                                  indicating CURCULAR_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_B_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'circle'
+//             *                                      and containing circular_region
+//             *                                          indicating CURCULAR_REGION_AT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_06_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_06_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0606_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_06_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is outside of the circular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_06_07_BO_AT
+//             *      and the IUT current location is inside the CURCULAR_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_06_07_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'circle'
+//             *                              containing circular_region
+//             *                                  indicating CURCULAR_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_06_07_BO_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'circle'
+//             *                                      and containing circular_region
+//             *                                          indicating CURCULAR_REGION_AA_OUTSIDE
+//             *                                              not including CURCULAR_REGION_AT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_07_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_07_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0607_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_07_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is not fully covered by the the circular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_06_08_BO_AT
+//             *      and the IUT current location is inside the CURCULAR_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_06_08_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'circle'
+//             *                              containing circular_region
+//             *                                  indicating CURCULAR_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_06_08_BO_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'circle'
+//             *                                      and containing circular_region
+//             *                                          indicating CURCULAR_REGION_AA_INTERSECT
+//             *                                              including partially CURCULAR_REGION_AT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_06_08_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_06_08_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_RECTANGULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_RECTANGULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0608_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_06_08_BO +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the same rectangular region validity restriction as its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_07_01_BV_AT
+//             *      and the IUT current location is inside the RECT_REGION_AA
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_07_01_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'rectangle'
+//             *                              containing rectangular_region[0]
+//             *                                  indicating RECT_REGION_AA
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_C_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'rectangle'
+//             *                                      and containing rectangular_region[0]
+//             *                                          indicating RECT_REGION_AA
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_01_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_01_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0701_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_01_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_07_02_BV_AT
+//             *      and the IUT current location is inside the RECT_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_07_02_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'rectangle'
+//             *                              containing rectangular_region[0]
+//             *                                  indicating RECT_REGION_AA
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_B_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'circle'
+//             *                                      and containing circular_region
+//             *                                          indicating CURCULAR_REGION_AA
+//                                                            fully covering the RECT_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_02_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_02_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0702_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_02_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the validity restriction with rectangular region which is fully inside in the rectangular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_07_03_BV_AT
+//             *      and the IUT current location is inside the RECT_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_07_03_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'rectangle'
+//             *                              containing rectangular_region[0]
+//             *                                  indicating RECT_REGION_AA
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_B_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'rectangle'
+//             *                                      and containing rectangular_region
+//             *                                          indicating RECT_REGION_AA
+//                                                            fully covering RECT_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_03_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_03_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0703_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_03_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_07_04_BV_AT
+//             *      and the IUT current location is inside the RECT_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_07_04_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'rectangle'
+//             *                              containing rectangular_region[0]
+//             *                                  indicating RECT_REGION_AA
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_D_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'polygon'
+//             *                                      and containing polygonal_region
+//             *                                          indicating POLYGON_REGION_AA
+//                                                            fully covering RECT_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_04_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_04_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0704_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_04_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_07_05_BV_AT
+//             *      and the IUT current location is inside the RECT_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_07_05_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'rectangle'
+//             *                              containing rectangular_region[0]
+//             *                                  indicating RECT_REGION_AA
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_E_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'id'
+//             *                                      and containing id_region
+//             *                                          containing region_dictionary
+//             *                                              indicating 'iso_3166_1'
+//             *                                          and containing local_region
+//             *                                              indicating 0
+//             *                                          and containing region_identifier
+//             *                                              indicating ID_REGION_AT
+//                                                                fully covering RECT_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_05_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_05_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0705_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_05_BV +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the rectangular region validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_07_06_BO_AT
+//             *      and the IUT current location is inside the RECT_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_07_06_BO_AT)
+//             *                          not containing validity_restrictions['region']
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_C_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'rectangle'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_06_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_06_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0706_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_06_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is outside of the rectangular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_07_07_BO_AT
+//             *      and the IUT current location is inside the RECT_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_07_07_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'rectangle'
+//             *                              containing rectangular_region[0]
+//             *                                  indicating RECT_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_07_07_BO_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'rectangle'
+//             *                                      and containing rectangular_region[0]
+//             *                                          indicating RECT_REGION_AA_OUTSIDE
+//             *                                              not including RECT_REGION_AT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_07_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_07_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0707_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_07_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is not fully covered by the the rectangular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_07_08_BO_AT
+//             *      and the IUT current location is inside the RECT_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_07_08_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'rectangle'
+//             *                              containing rectangular_region[0]
+//             *                                  indicating RECT_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_07_08_BO_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'rectangle'
+//             *                                      and containing rectangular_region[0]
+//             *                                          indicating RECT_REGION_AA_INTERSECT
+//             *                                              not partialy RECT_REGION_AT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_07_08_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_07_08_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_CIRCULAR_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_CIRCULAR_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0708_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_07_08_BO +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the same polygonal region validity restriction as its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_08_01_BV_AT
+//             *      and the IUT current location is inside the POLYGON_REGION_AA
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_08_01_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'polygon'
+//             *                              containing polygonal_region
+//             *                                  indicating POLYGON_REGION_AA
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_D_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'polygon'
+//             *                                      and containing polygonal_region
+//             *                                          indicating POLYGON_REGION_AA
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_01_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_01_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0801_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_01_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_08_02_BV_AT
+//             *      and the IUT current location is inside the POLYGON_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_08_02_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'polygon'
+//             *                              containing polygonal_region
+//             *                                  indicating POLYGON_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_B_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'circle'
+//             *                                      and containing circular_region
+//             *                                          indicating CURCULAR_REGION_AA
+//             *                                              fully including POLYGON_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_02_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_02_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0802_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_02_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_08_03_BV_AT
+//             *      and the IUT current location is inside the POLYGON_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_08_03_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'polygon'
+//             *                              containing polygonal_region
+//             *                                  indicating POLYGON_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_C_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'rectangle'
+//             *                                      and containing rectangular_region[0]
+//             *                                          indicating RECT_REGION_AA
+//             *                                              fully including POLYGON_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_03_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_03_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0803_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_03_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_08_04_BV_AT
+//             *      and the IUT current location is inside the POLYGON_REGION_AA
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_08_04_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'polygon'
+//             *                              containing polygonal_region
+//             *                                  indicating POLYGON_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_D_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'polygon'
+//             *                                      and containing polygonal_region[0]
+//             *                                          indicating POLYGON_REGION_AA
+//             *                                              fully including POLYGON_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_04_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_04_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0804_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_04_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_08_05_BV_AT
+//             *      and the IUT current location is inside the POLYGON_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_08_05_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'polygon'
+//             *                              containing polygonal_region
+//             *                                  indicating POLYGON_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_D_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'id'
+//             *                                      and containing id_region
+//             *                                          containing region_dictionary
+//             *                                              indicating 'iso_3166_1'
+//             *                                          and containing local_region
+//             *                                              indicating 0
+//             *                                          and containing region_identifier
+//             *                                              indicating ID_REGION_AT
+//             *                                                  fully including POLYGON_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_05_BV +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_05_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0805_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_05_BV +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the polygonal region validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_08_06_BO_AT
+//             *      and the IUT current location is inside the POLYGON_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_08_06_BO_AT)
+//             *                          not containing validity_restrictions['region']
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_C_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'rectangle'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_06_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_06_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0806_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_06_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the polygonal region validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_08_07_BO_AT
+//             *      and the IUT current location is inside the POLYGON_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_08_07_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'polygon'
+//             *                              containing polygonal_region (POLYGON_REGION_08_04_BO)
+//             *                                  indicating length = 2
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_D_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'polygon'
+//             *                                      and containing polygonal_region
+//             *                                          indicating POLYGON_REGION_AA
+//             *                                              fully covering all points of POLYGON_REGION_08_04_BO
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_07_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_07_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0807_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_07_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is outside of the polygonal region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_08_08_BO_AT
+//             *      and the IUT current location is inside the POLYGON_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_08_08_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'polygon'
+//             *                              containing polygonal_region
+//             *                                  indicating POLYGON_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_D_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'polygon'
+//             *                                      and containing polygonal_region
+//             *                                          indicating POLYGON_REGION_AA_OUTSIDE
+//             *                                              not including POLYGON_REGION_AT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_08_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_08_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0808_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_08_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is not fully covered by the the polygonal region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_08_09_BO_AT
+//             *      and the IUT current location is inside the POLYGON_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_08_09_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'polygon'
+//             *                              containing polygonal_region
+//             *                                  indicating POLYGON_REGION_AT
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_08_08_BO_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'polygon'
+//             *                                      and containing polygonal_region
+//             *                                          indicating POLYGON_REGION_AA_INTERSECT
+//             *                                              including partialy POLYGON_REGION_AT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_08_09_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_08_09_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_POLYGONAL_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_POLYGONAL_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0809_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_08_09_BO +// +// /** +// * @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and without local area definition +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_01_BV_AT
+//             *      and the IUT current location is inside the ID_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_01_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_AT
+//             *                                  and containing local_region
+//             *                                      indicating 0
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_E_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'id'
+//             *                                      and containing id_region
+//             *                                          containing region_dictionary
+//             *                                              indicating 'iso_3166_1'
+//             *                                          and containing region_identifier
+//             *                                              indicating ID_REGION_AT
+//             *                                          and containing local_region
+//             *                                              indicating 0
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_01_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_01_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0901_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_01_BV +// +// /** +// * @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and with local area definition +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_02_BV_AT
+//             *      and the IUT current location is inside the ID_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_02_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_AT
+//             *                                  and containing local_region
+//             *                                      indicating ID_LOCAL_REGION_1
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_E_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'id'
+//             *                                      and containing id_region
+//             *                                          containing region_dictionary
+//             *                                              indicating 'iso_3166_1'
+//             *                                          and containing region_identifier
+//             *                                              indicating ID_REGION_AT
+//             *                                          and containing local_region
+//             *                                              indicating 0
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_02_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_02_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0902_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_02_BV +// +// /** +// * @desc Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction fully containing in the circular validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_03_BV_AT
+//             *      and the IUT current location is inside the ID_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_03_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_AT
+//             *                                  and containing local_region
+//             *                                      indicating 0
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_09_03_BV_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'circle'
+//             *                                      and containing circular_region
+//             *                                          fully covering ID_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_03_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_03_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0903_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_03_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_04_BV_AT
+//             *      and the IUT current location is inside the ID_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_04_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_AT
+//             *                                  and containing local_region
+//             *                                      indicating 0
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_E_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'rectangle'
+//             *                                      and containing rectangular_region[0]
+//             *                                          fully covering ID_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_04_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_04_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0904_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_04_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_05_BV_AT
+//             *      and the IUT current location is inside the ID_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_05_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_AT
+//             *                                  and containing local_region
+//             *                                      indicating 0
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_E_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'polygon'
+//             *                                      and containing polygonal_region
+//             *                                          fully covering ID_REGION_AT
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_05_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_05_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0905_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_05_BV +// +// /** +// * @desc Check that the IUT accepts a message when the signing certificate of the message contains the identified region validity restriction with the identified region which is fully covered by the identified region of the validity restriction of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_06_BV_AT
+//             *      and the IUT current location is inside the ID_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_06_BV_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_AT
+//             *                                  and containing local_region
+//             *                                      indicating 0
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_E_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'id'
+//             *                                      and containing id_region
+//             *                                          containing region_dictionary
+//             *                                              indicating 'un_stats'
+//             *                                          and containing region_identifier
+//             *                                              indicating ID_REGION_AA_UNSTATS
+//             *                                                  which includes ID_REGION_AT
+//             *                                          and containing local_region
+//             *                                              indicating 0
+//             *      } then {
+//             *          the IUT accepts the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_06_BV +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_06_BV() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0906_BV, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": PASS: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// else { +// log("*** " & testcasename() & ": FAIL: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_06_BV +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the identified region validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_07_BO_AT
+//             *      and the IUT current location is inside the ID_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_07_BO_AT)
+//             *                          not containing validity_restrictions['region']
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_E_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                      containing region_type
+//             *                                          indicating 'id'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_07_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_07_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0907_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_07_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing certificate and its issuing certificate are both containing the identified region validity restrictions with the same region id but different local regions +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_08_BO_AT
+//             *      and the IUT current location is inside the ID_REGION_AA, local region 1
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_08_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_AT
+//             *                                  and containing local_region
+//             *                                      indicating ID_LOCAL_REGION_1
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_09_08_BO_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                          indicating 'id'
+//             *                                  and containing id_region
+//             *                                      containing region_dictionary
+//             *                                          indicating 'iso_3166_1'
+//             *                                      and containing region_identifier
+//             *                                          indicating ID_REGION_AA
+//             *                                      and containing local_region
+//             *                                          indicating ID_LOCAL_REGION_2
+//             *                                              not equal to ID_LOCAL_REGION_1
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_08_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_08_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0908_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_08_BO +// +// /** +// * @desc Check that the IUT discards a message when the identified region of the validity restriction of its signing certificate is different and not fully covered by the one in the issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_09_BO_AT
+//             *      and the IUT current location is inside the ID_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_09_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_AT
+//             *                                  and containing local_region
+//             *                                      indicating 0
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_09_09_BO_AA
+//             *                                  containing validity_restrictions['region']
+//             *                                          indicating 'id'
+//             *                                  and containing id_region
+//             *                                      containing region_dictionary
+//             *                                          indicating 'iso_3166_1'
+//             *                                      and containing region_identifier
+//             *                                          indicating ID_REGION_AA_OTHER
+//             *                                              other than ID_REGION_AT
+//             *                                      and containing local_region
+//             *                                          indicating 0
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_09_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_09_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0909_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_09_BO +// +// /** +// * @desc Check that the IUT discards a message when the identified region validity restriction of its signing certificate contains unknown area code +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_10_BO_AT
+//             *      and the IUT current location is inside the ID_REGION_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_10_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_UNKNOWN
+//             *                                  and containing local_region
+//             *                                      indicating 0
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_A_AA
+//             *                                  not containing validity_restrictions['region']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_10_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_10_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0910_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_10_BO +// +// /** +// * @desc Check that the IUT discards a message when the validity restriction of its signing certificate contains the identified region of type iso-3166-1 but region code is from the UN-Stats dictionary +// * 
    +//             * Pics Selection: PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_09_11_BO_AT
+//             *      and the IUT current location is inside the ID_REGION_AA_UNSTATS
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_09_11_BO_AT)
+//             *                          containing validity_restrictions['region']
+//             *                              containing region_type
+//             *                                  indicating 'id'
+//             *                              and containing id_region
+//             *                                  containing region_dictionary
+//             *                                      indicating 'iso_3166_1'
+//             *                                  and containing region_identifier
+//             *                                      indicating ID_REGION_AA_UNSTATS
+//             *                                  and containing local_region
+//             *                                      indicating 0
+//             *                          and containing signer_info.digest
+//             *                              referencing to a CERT_TS_A_AA
+//             *                                  not containing validity_restrictions['region']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_09_11_BO +// * @reference ETSI TS 103 097 [1] Clauses 4.2.26 and 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_09_11_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY) or not(PICS_USE_IDENTIFIED_REGION)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_USE_IDENTIFIED_REGION' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert0911_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_09_11_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate does not contain the time validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_10_01_BO_AT
+//             *      and the IUT current location is inside the CERT_TS_10_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_10_01_BO_AT)
+//             *                          containing validity_restrictions['time_start_and_end']
+//             *                          and not containing validity_restrictions['time_end']
+//             *                          and not containing validity_restrictions['time_start_and_duration']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1001_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_01_BO +// +// /** +// * @desc Check that the IUT discards a message when the issuing certificate of the message signing certificate does not contain the time validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current location is inside the CERT_TS_10_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_10_02_BO_AT)
+//             *                          containing signer_info.digest
+//             *                              referencing to CERT_TS_10_02_BO_AA
+//             *                                  containing validity_restrictions['time_start_and_end']
+//             *                                  and not containing validity_restrictions['time_end']
+//             *                                  and not containing validity_restrictions['time_start_and_duration']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1002_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_02_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate contains 'time_end' validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is less then time_end validity restricyion of CERT_TS_10_03_BO_AT
+//             *      and the IUT current location is inside the CERT_TS_10_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_10_03_BO_AT)
+//             *                          containing validity_restrictions['time_end']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_03_BO +// * @reference ETSI TS 103 097 [1] Clauses 7.4.2 & 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1003_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_03_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_10_04_BO_AT
+//             *      and the IUT current location is inside the CERT_TS_10_04_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_10_04_BO_AT)
+//             *                          containing validity_restrictions['time_start_and_duration']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_04_BO +// * @reference ETSI TS 103 097 [1] Clauses 7.4.2 & 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1004_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_04_BO +// +// /** +// * @desc Check that the IUT discards a message when the issuing certificate of the message signing certificate contains 'time_end' validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is less then time_end validity restricyion of CERT_TS_10_05_BO_AT
+//             *      and the IUT current location is inside the CERT_TS_10_05_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_10_05_BO_AT)
+//             *                          containing signer_info.digest
+//             *                              referencing to CERT_TS_10_05_BO_AA
+//             *                                  containing validity_restrictions['time_end']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_05_BO +// * @reference ETSI TS 103 097 [1] Clauses 7.4.2 & 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_05_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1005_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_05_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is less then time_end validity restricyion of CERT_TS_10_06_BO_AT
+//             *      and the IUT current location is inside the CERT_TS_10_06_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields['signer_info']
+//             *                  and containing signer 
+//             *                      containing type
+//             *                          containing certificate
+//             *                      and containing certificate (CERT_TS_10_06_BO_AT)
+//             *                          containing signer_info.digest
+//             *                              referencing to CERT_TS_10_06_BO_AA
+//             *                                  containing validity_restrictions['time_start_and_duration']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_10_06_BO +// * @reference ETSI TS 103 097 [1] Clauses 7.4.2 & 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_10_06_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1006_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_10_06_BO +// +// /** +// * @desc Check that the IUT discards a message when the validity period of the signing certificate ends after the validity period of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_01_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to CERT_TS_A_AA
+//             *                          containing validity_restrictions['time_start_and_end']
+//             *                              containing start_validity
+//             *                                  indicating START_VALIDITY_AA
+//             *                              and containing end_validity
+//             *                                  indicating END_VALIDITY_AA
+//             *              and containing validity_restrictions['time_start_and_end'] 
+//             *                  containing start_validity
+//             *                      indicating START_VALIDITY_AA
+//             *                  and containing end_validity
+//             *                      indicating END_VALIDITY_AA + 1d
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_11_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_11_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1101_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_11_01_BO +// +// /** +// * @desc Check that the IUT discards a message when the validity period of its signing certificate starts before the validity period of the issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_02_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to CERT_TS_A_AA
+//             *                          containing validity_restrictions['time_start_and_end']
+//             *                              containing start_validity
+//             *                                  indicating START_VALIDITY_AA
+//             *                              and containing end_validity
+//             *                                  indicating END_VALIDITY_AA
+//             *              and containing validity_restrictions['time_start_and_end'] 
+//             *                  containing start_validity
+//             *                      indicating START_VALIDITY_AA - 1d
+//             *                  and containing end_validity
+//             *                      indicating END_VALIDITY_AA
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_11_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_11_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1102_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_11_02_BO +// +// /** +// * @desc Check that the IUT discards a message when the issuing certificate of signing certificate is expired but the signing certificate is not expired yet. +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_03_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to CERT_TS_A_AA
+//             *                          containing validity_restrictions['time_start_and_end']
+//             *                              containing start_validity
+//             *                                  indicating START_VALIDITY_AA - 365d
+//             *                              and containing end_validity
+//             *                                  indicating END_VALIDITY_AA - 1d
+//             *              and containing validity_restrictions['time_start_and_end'] 
+//             *                  containing start_validity
+//             *                      indicating START_VALIDITY_AA - 365d
+//             *                  and containing end_validity
+//             *                      indicating END_VALIDITY_AA
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_11_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_11_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1103_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_11_03_BO +// +// /** +// * @desc Check that the IUT discards a message when the validity period of the signing certificate is after the validity period of its issuing certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data
+//             *              containing header_fields ['signer_info'].signer.certificate (CERT_TS_11_04_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to CERT_TS_A_AA
+//             *                          containing validity_restrictions['time_start_and_end']
+//             *                              containing start_validity
+//             *                                  indicating START_VALIDITY_AA
+//             *                              and containing end_validity
+//             *                                  indicating END_VALIDITY_AA + 365d
+//             *              and containing validity_restrictions['time_start_and_end'] 
+//             *                  containing start_validity
+//             *                      indicating START_VALIDITY_AA
+//             *                  and containing end_validity
+//             *                      indicating END_VALIDITY_AA + 365d
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_11_04_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_11_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1104_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_11_04_BO +// +// /** +// * @desc Check that the IUT discards a message when its signing certificate does not contain the SSP-AID subject attribute +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_12_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Ieee1609Dot2Data 
+//             *              containing header_fields ['signer_info'].signer.certificate (CERT_TS_12_01_BO_AT)
+//             *                  not containing subject_attributes['its_aid_ssp_list']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_12_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_12_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1201_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_12_01_BO +// +// /** +// * @desc Check that the IUT discards a Secured CAM when its signing certificate does not contain a record with AID_CAM in the its_aid_ssp_list subject attribute +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_12_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['its_aid']
+//             *                      containing its_aid
+//             *                          indicating 'AID_CAM'
+//             *              and containing header_fields ['signer_info']
+//             *                  containing signer
+//             *                      containing certificate 
+//             *                          indicating CERT_TS_12_02_BO_AT
+//             *                              containing subject_attributes['its_aid_ssp_list']
+//             *                                  not containing an item
+//             *                                      containing its_aid
+//             *                                          indicating 'AID_CAM'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_12_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_12_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1202_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_12_02_BO +// +// /** +// * @desc Check that the IUT discards a Secured DENM when its signing certificate does not contain a record with AID_DENM in the its_aid_ssp_list subject attribute +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_12_03_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured DENM (MSG_SEC_RCV_DENM_A)
+//             *              containing header_fields ['its_aid']
+//             *                      containing its_aid
+//             *                          indicating 'AID_DENM'
+//             *              and containing header_fields ['signer_info']
+//             *                  containing signer
+//             *                      containing certificate 
+//             *                          indicating CERT_TS_12_03_BO_AT
+//             *                              containing subject_attributes['its_aid_ssp_list']
+//             *                                  not containing an item
+//             *                                      containing its_aid
+//             *                                          indicating 'AID_DENM'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_12_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_12_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredDenm(cc_taCert1203_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_12_03_BO +// +// /** +// * @desc Check that the IUT discards a Secured CAM when its signing certificate contains two records with AID_CAM in the its_aid_ssp_list subject attribute +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is greater than START_VALIDITY_AA and less than END_VALIDITY_AA
+//             *      and the IUT current location is inside the CERT_TS_12_04_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['its_aid']
+//             *                      containing its_aid
+//             *                          indicating 'AID_CAM'
+//             *              and containing header_fields ['signer_info']
+//             *                  containing signer
+//             *                      containing certificate 
+//             *                          indicating CERT_TS_12_04_BO_AT
+//             *                              containing subject_attributes['its_aid_ssp_list']
+//             *                                  containing item [0].its_aid
+//             *                                      indicating 'AID_CAM'
+//             *                                  and containing item [1].its_aid
+//             *                                      indicating 'AID_CAM'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_12_04_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_12_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1204_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_12_04_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing AT certificate contains a CAM AID-SSP record whereas the issuing AA certificate does not contain the record with AID_CAM +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_13_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_01_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to CERT_TS_13_01_BO_AA
+//             *                          containing validity_restrictions['its_aid_list']
+//             *                              not containing 'AID_CAM'
+//             *              and containing validity_restrictions['its_aid_ssp_list']
+//             *                  containing a record
+//             *                      containing its_aid
+//             *                          indicating 'AID_CAM'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_13_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_13_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1301_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_13_01_BO +// +// /** +// * @desc Check that the IUT discards a message when the signing AT certificate contains a DENM AID-SSP record whereas the issuing AA certificate does not contain the AID record with AID_DENM +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_13_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured DENM (MSG_SEC_RCV_DENM_A)
+//             *              containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_02_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to CERT_TS_13_02_BO_AA
+//             *                          containing validity_restrictions['its_aid_list']
+//             *                              not containing 'AID_DENM'
+//             *              and containing validity_restrictions['its_aid_ssp_list']
+//             *                  containing a record
+//             *                      containing its_aid
+//             *                          indicating 'AID_DENM'
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_13_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_13_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredDenm(cc_taCert1302_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_13_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the AA certificate does not contain a subject_attribute of type its_aid_list +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_13_03_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.certificate (CERT_TS_13_03_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to CERT_TS_13_03_BO_AA
+//             *                          not containing validity_restrictions['its_aid_list']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_13_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_13_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredDenm(cc_taCert1303_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_13_03_BO +// +// /** +// * @desc Check that IUT discards the AT certificate with signer info of type 'certificate' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_14_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_14_01_BO_AT)
+//             *                  containing signer_info.type
+//             *                      containing certificate
+//             *                      and containing certificate
+//             *                          indicating CERT_TS_AA_A
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_14_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_14_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1401_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_14_01_BO +// +// /** +// * @desc Check that IUT discards the AT certificate with signer info of type 'certificate_chain' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_14_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_14_02_BO_AT)
+//             *                  containing signer_info.type
+//             *                      indicating 'certificate_chain'
+//             *                      and containing certificates[0]
+//             *                          indicating certificate (CERT_TEST_ROOT)
+//             *                      and containing certificates[1]
+//             *                          indicating certificate (CERT_TS_AA_A)
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_14_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_14_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1402_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_14_02_BO +// +// /** +// * @desc Check that IUT discards the AT certificate with signer info of type 'certificate_digest_with_other_algorithm' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_14_03_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_14_03_BO_AT)
+//             *                  containing signer_info.type
+//             *                      indicating 'certificate_digest_with_other_algorithm'
+//             *                      and containing digest
+//             *                          referencing CERT_TS_AA_A
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_14_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_14_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1403_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_14_03_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with signer info of type 'certificate' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_15_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_15_01_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to certificate (CERT_TS_15_01_BO_AA)
+//             *                          containing signer_info
+//             *                              containing type
+//             *                                  containing certificate
+//             *                          and containing certificate
+//             *                              indicating CERT_TEST_ROOT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_15_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_15_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1501_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_15_01_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with signer info of type 'certificate_chain' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_15_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_15_02_BO_AT)
+//             *                  containing signer_info.type
+//             *                      indicating 'certificate_chain'
+//             *                      and containing certificates[0]
+//             *                          indicating certificate (CERT_TEST_ROOT)
+//             *                      and containing certificates[1]
+//             *                          indicating certificate (CERT_TS_15_02_BO_CA)
+//             *                              containing signer_info
+//             *                                  containing type
+//             *                                      indicating 'certificate_digest_with_sha256'
+//             *                                  and containing digest 
+//             *                                      referencing to CERT_TEST_ROOT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_15_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_15_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1502_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_15_02_BO +// +// /** +// * @desc Check that IUT discards the AA certificate with signer info of type 'certificate_digest_with_other_algorithm' +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_15_03_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_15_03_BO_AT)
+//             *                  containing signer_info.type
+//             *                      indicating 'certificate_digest_with_other_algorithm'
+//             *                      and containing digest
+//             *                          referencing CERT_TEST_ROOT
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_15_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.4 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_15_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1503_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_15_03_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject_name of the AT certificate is not an empty name field +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_16_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_16_01_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to certificate (CERT_TS_16_01_BO_AA)
+//             *                          containing signer_infosubject_name
+//             *                              indicating non-empty string ('Invalid name')
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_16_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.2 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_16_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1601_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_16_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject attribute of type assurance_level is missing in the AT certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_17_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_17_01_BO_AT)
+//             *                  not containing subject_attributes['assurance_level']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_17_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_17_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1701_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_17_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject attribute of type assurance_level is missing in the AA certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_17_02_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_17_02_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to certificate (CERT_TS_17_02_BO_AA)
+//             *                          not containing subject_attributes['assurance_level']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_17_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_17_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1702_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_17_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the assurance level of issuing certificate is less then assurance level of subordinate certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_17_03_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_17_03_BO_AT)
+//             *                  containing subject_attributes['assurance_level']
+//             *                      containing assurance_level
+//             *                          indicating 0x80 (assurance level=4, confidence=0)
+//             *                  and containing signer_info.digest
+//             *                      referencing to certificate (CERT_TS_A_AA)
+//             *                          containing subject_attributes['assurance_level']
+//             *                              containing assurance_level
+//             *                                  indicating 0x60 (assurance level=3, confidence=0)
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_17_03_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_17_03_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1703_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_17_03_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the assurance level of issuing certificate is equal to the assurance level of the subordinate certificate but the confidence of subject assurance of issuing certificate is less then the confidence of the subordinate certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_17_04_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_17_04_BO_AT)
+//             *                  containing subject_attributes['assurance_level']
+//             *                      containing assurance_level
+//             *                          indicating 0x61 (assurance level=3, confidence=1)
+//             *                  and containing signer_info.digest
+//             *                      referencing to certificate (CERT_TS_A_AA)
+//             *                          containing subject_attributes['assurance_level']
+//             *                              containing assurance_level
+//             *                                  indicating 0x60 (assurance level=3, confidence=0)
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_17_04_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_17_04_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1704_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_17_04_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject attribute of type verification_key is missing in the AT certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_18_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_18_01_BO_AT)
+//             *                  not containing subject_attributes['verification_key']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_18_01_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_18_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1801_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_18_01_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the subject attribute of type verification_key is missing in the AA certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *      and the IUT current time is inside the time validity period of CERT_TS_18_01_BO_AT
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.type
+//             *                  containing certificate
+//             *              and containing certificate (CERT_TS_18_02_BO_AT)
+//             *                  containing signer_info.digest
+//             *                      referencing to certificate (CERT_TS_18_02_BO_AA)
+//             *                          not containing subject_attributes['verification_key']
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_18_02_BO +// * @reference ETSI TS 103 097 [1] Clause 7.4.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_18_02_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1802_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_18_02_BO +// +// /** +// * @desc Check that IUT discards a Ieee1609Dot2Data if the reserved region type has been used in region validity restriction of the AT certificate +// * 
    +//             * Pics Selection: PICS_GN_SECURITY
+//             * Config Id: CF01
+//             * Initial conditions:
+//             *  with {
+//             *      the IUT being in the 'authorized' state
+//             *  }
+//             *  ensure that {
+//             *      when { 
+//             *          the IUT is receiving a Secured CAM (MSG_SEC_RCV_CAM_01)
+//             *              containing header_fields ['signer_info'].signer.certificate (CERT_TS_19_01_BO_AT)
+//             *                  containing region_type
+//             *                      indicating 240
+//             *      } then {
+//             *          the IUT discards the message
+//             *      }
+//             *  }
+//             *
    +// * +// * @see ETSI TS 103 096-2 v1.5.1 TP_SEC_ITSS_RCV_CERT_19_01_BO +// * @reference ETSI TS 103 097 [1] Clause 4.2.2.1 +// */ +// testcase TC_SEC_ITSS_RCV_CERT_19_01_BO() runs on ItsGeoNetworking system ItsSecSystem { +// +// // Local variables +// var integer i; +// var GeoNetworkingPdu v_securedGnPdu; +// var GnRawPayload v_sentRawPayload; +// +// // Test adapter configuration +// if (not(PICS_GN_SECURITY)) { +// log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY' required for executing the TC ***"); +// stop; +// } +// +// // Test component configuration +// f_cf01Up(); +// +// // Test adapter configuration +// +// // Preamble +// f_prNeighbour(); +// f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success); +// +// // Test Body +// v_securedGnPdu := f_sendSecuredCam(cc_taCert1901_BO, omit, e_certificate); +// +// f_sleep(PX_TNOAC); +// v_sentRawPayload := valueof(v_securedGnPdu.gnPacket.packet.payload); +// for (i := 0; i < lengthof(vc_utInds) and not match(vc_utInds[i].rawPayload, v_sentRawPayload); i := i + 1) { +// // Empty on purpose +// } +// if (i < lengthof(vc_utInds)) { +// log("*** " & testcasename() & ": FAIL: GN was transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error); +// } +// else { +// log("*** " & testcasename() & ": PASS: GN was not transmitted to upper layer***"); +// f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success); +// } +// +// // Postamble +// f_poNeighbour(); +// f_cf01Down(); +// } // End of testcase TC_SEC_ITSS_RCV_CERT_19_01_BO +// + } // End of group recvCertificatesProfile +// + } // End of group receiverbehavior + +} // End of module ItsSecurity_TestCase diff --git a/ItsSecurity_TestControl.ttcn b/ItsSecurity_TestControl.ttcn new file mode 100755 index 0000000..7292128 --- /dev/null +++ b/ItsSecurity_TestControl.ttcn @@ -0,0 +1,104 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 + * @version $Url$ + * $Id$ + * @desc Test Control file for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module ItsSecurity_TestControl { + + // LibItsGeoNetworking + import from LibItsGeoNetworking_Pics all; + + // ItsSecurity + import from ItsSecurity_TestCases all; + import from LibItsSecurity_Pics all; + + // Test Execution + control { + + /** + * @desc Sending behaviour test cases + * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2 Sending behaviour + */ + if (PICS_GN_SECURITY) { + execute(TC_SEC_ITSS_SND_MSG_01_BV()); + + /** + * @desc Sending behaviour test cases for CAM profile + * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.4 CAM profile + */ + execute(TC_SEC_ITSS_SND_CAM_01_BV()); + execute(TC_SEC_ITSS_SND_CAM_02_BV()); + execute(TC_SEC_ITSS_SND_CAM_03_BV()); + execute(TC_SEC_ITSS_SND_CAM_04_BV()); + execute(TC_SEC_ITSS_SND_CAM_05_BV()); + execute(TC_SEC_ITSS_SND_CAM_06_BV()); + execute(TC_SEC_ITSS_SND_CAM_07_BV()); + execute(TC_SEC_ITSS_SND_CAM_08_BV()); + execute(TC_SEC_ITSS_SND_CAM_09_BV()); + execute(TC_SEC_ITSS_SND_CAM_10_BV()); + execute(TC_SEC_ITSS_SND_CAM_11_01_BV()); + execute(TC_SEC_ITSS_SND_CAM_11_02_BV()); + execute(TC_SEC_ITSS_SND_CAM_12_BV()); + execute(TC_SEC_ITSS_SND_CAM_13_BV()); + execute(TC_SEC_ITSS_SND_CAM_14_BV()); + execute(TC_SEC_ITSS_SND_CAM_15_BV()); + execute(TC_SEC_ITSS_SND_CAM_16_BV()); + execute(TC_SEC_ITSS_SND_CAM_17_BV()); + execute(TC_SEC_ITSS_SND_CAM_18_BV()); + execute(TC_SEC_ITSS_SND_CAM_19_BV()); + execute(TC_SEC_ITSS_SND_CAM_20_BV()); + execute(TC_SEC_ITSS_SND_CAM_21_BV()); + execute(TC_SEC_ITSS_SND_CAM_22_BV()); + execute(TC_SEC_ITSS_SND_CAM_23_BV()); + execute(TC_SEC_ITSS_SND_CAM_24_BV()); + execute(TC_SEC_ITSS_SND_CAM_25_BV()); + execute(TC_SEC_ITSS_SND_CAM_26_BV()); + execute(TC_SEC_ITSS_SND_CAM_27_BV()); + + /** + * @desc Sending behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.5 DENM profile + */ + execute(TC_SEC_ITSS_SND_DENM_01_BV()); + execute(TC_SEC_ITSS_SND_DENM_02_BV()); + execute(TC_SEC_ITSS_SND_DENM_03_BV()); + execute(TC_SEC_ITSS_SND_DENM_04_BV()); + execute(TC_SEC_ITSS_SND_DENM_05_BV()); + execute(TC_SEC_ITSS_SND_DENM_06_BV()); + execute(TC_SEC_ITSS_SND_DENM_07_BV()); + //execute(TC_SEC_ITSS_SND_DENM_08_BV()); Removed + execute(TC_SEC_ITSS_SND_DENM_09_BV()); + execute(TC_SEC_ITSS_SND_DENM_10_BV()); + execute(TC_SEC_ITSS_SND_DENM_11_BV()); + execute(TC_SEC_ITSS_SND_DENM_12_BV()); + execute(TC_SEC_ITSS_SND_DENM_13_BV()); + execute(TC_SEC_ITSS_SND_DENM_14_BV()); + execute(TC_SEC_ITSS_SND_DENM_15_BV()); + execute(TC_SEC_ITSS_SND_DENM_16_BV()); + execute(TC_SEC_ITSS_SND_DENM_17_BV()); + execute(TC_SEC_ITSS_SND_DENM_18_BV()); + + /** + * @desc Sending behaviour test cases for DENM profile + * @see ETSI TS 103 096-2 V1.2.2 (2016-01) Clause 5.2.6 Generic signed message profile + */ + execute(TC_SEC_ITSS_SND_GENMSG_01_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_02_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_03_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_04_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_05_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_06_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_07_BV()); + execute(TC_SEC_ITSS_SND_GENMSG_08_BV()); + + } + + } // End of 'control' statement + +} // End of module ItsSecurity_TestControl diff --git a/ItsSecurity_TestSystem.ttcn b/ItsSecurity_TestSystem.ttcn new file mode 100755 index 0000000..62762a3 --- /dev/null +++ b/ItsSecurity_TestSystem.ttcn @@ -0,0 +1,40 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF538 / STF545 + * @version $Url: https://oldforge.etsi.org/svn/ITS/tags/20170222_STF527_Final/ttcn/AtsSecurity/ItsSecurity_TestSystem.ttcn $ + * $Id: ItsSecurity_TestSystem.ttcn 2655 2017-01-26 10:46:08Z filatov $ + * @desc Module containing t fest system description for the secured GN ATS + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module ItsSecurity_TestSystem { + + import from LibItsCam_TestSystem all; + import from LibItsDenm_TestSystem all; + import from LibItsGeoNetworking_TestSystem all; + + /** + * @desc Secured GN test system description + * @member acPort Test Adapter control port + * @member geoNetworkingPort GeoNetworking port + * @member utPort GeoNetworking UT port + * @member denmUtPort DENM UT port + * @member cammUtPort CAM UT port + */ + type component ItsSecSystem { + + port LibItsGeoNetworking_TestSystem.AdapterControlPort acPort; + + // NT2 ports + port LibItsGeoNetworking_TestSystem.UpperTesterPort utPort; + port GeoNetworkingPort geoNetworkingPort; + + // FA ports + port LibItsDenm_TestSystem.UpperTesterPort denmUtPort; + port LibItsCam_TestSystem.UpperTesterPort camUtPort; + + } // end ItsGeoNetworkingSystem + +} // End of module ItsSecurity_TestSystem \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100755 index 0000000..3e059d3 --- /dev/null +++ b/LICENSE @@ -0,0 +1,23 @@ +Copyright 2021 ETSI + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: +1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. +3. Neither the name of the copyright holder nor the names of its contributors + may be used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +OF THE POSSIBILITY OF SUCH DAMAGE. \ No newline at end of file diff --git a/lib/LibItsSecurity_EncdecDeclarations.ttcn b/lib/LibItsSecurity_EncdecDeclarations.ttcn new file mode 100755 index 0000000..d48e56d --- /dev/null +++ b/lib/LibItsSecurity_EncdecDeclarations.ttcn @@ -0,0 +1,58 @@ +module LibItsSecurity_EncdecDeclarations { + + // LibIts + //import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; + import from IEEE1609dot2 language "ASN.1:1997" all; + //import from EtsiTs103097Module language "ASN.1:1997" all; + + import from LibItsSecurity_TypesAndValues all; + + /** + * @desc Encoding function for EtsiTs103097Certificate certificate + * @param p The certificate to encode + * @return The encode message in OER format + */ + external function fx_enc_CertificateBase(in IEEE1609dot2.CertificateBase p) return bitstring + with {extension "prototype(convert) encode(PER)"} + + external function fx_dec_CertificateBase(inout bitstring b, out IEEE1609dot2.CertificateBase p) return integer + with {extension "prototype(sliding) decode(PER)"} + + /** + * @desc Encoding function for IEEE1609dot2.ToBeSignedCertificate + * @param p The ToBeSign part of the certificate + * @return The encode message in OER format + */ + external function fx_enc_ToBeSignedCertificate(in IEEE1609dot2.ToBeSignedCertificate p) return bitstring + with {extension "prototype(convert) encode(PER)"} + + /** + * @desc Encoding function for IEEE1609dot2.Ieee1609Dot2Data + * @param p The Ieee1609Dot2Data part of the certificate + * @return The encode message in OER format + */ + external function fx_enc_Ieee1609Dot2Data(in IEEE1609dot2.Ieee1609Dot2Data p) return bitstring + with {extension "prototype(convert) encode(PER)"} + + external function fx_dec_Ieee1609Dot2Data(inout bitstring p_data, out IEEE1609dot2.Ieee1609Dot2Data p_ieee1609Dot2Data) return integer + with {extension "prototype(sliding) decode(PER)"} + + external function fx_enc_Ieee1609Dot2ToBeSignedData(in IEEE1609dot2.ToBeSignedData p) return bitstring + with {extension "prototype(convert) encode(PER)"} + + external function fx_dec_Ieee1609Dot2ToBeSignedData(inout bitstring p_data, out IEEE1609dot2.ToBeSignedData p_toBeSignedData) return integer + with {extension "prototype(sliding) decode(PER)"} + + external function fx_enc_SspCAM (LibItsSecurity_TypesAndValues.SspCAM p_ssp) return bitstring + with {extension "prototype(convert) encode(LibItsSecurity)"} + + external function fx_dec_SspCAM (inout bitstring p_data, out LibItsSecurity_TypesAndValues.SspCAM p_ssp) return integer + with {extension "prototype(sliding) decode(LibItsSecurity)"} + + external function fx_enc_SspDENM (LibItsSecurity_TypesAndValues.SspDENM p_ssp) return bitstring + with {extension "prototype(convert) encode(LibItsSecurity)"} + + external function fx_dec_SspDENM (inout bitstring p_data, out LibItsSecurity_TypesAndValues.SspDENM p_ssp) return integer + with {extension "prototype(sliding) decode(LibItsSecurity)"} + +} // End of module LibItsSecurity_EncdecDeclarations diff --git a/lib/LibItsSecurity_Functions.ttcn b/lib/LibItsSecurity_Functions.ttcn new file mode 100755 index 0000000..84af841 --- /dev/null +++ b/lib/LibItsSecurity_Functions.ttcn @@ -0,0 +1,3546 @@ +/** + * @Author ETSI / STF481 / STF507 / STF517 / STF538 / STF545 + * @version $Url$ + * $Id$ + * @desc Module containing functions for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module LibItsSecurity_Functions { + + // Libcommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_DataStrings all; + + // LibIts + import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; + import from IEEE1609dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + // LibItsCommon + import from LibItsCommon_Functions all; + //import from LibItsCommon_TypesAndValues all; + import from LibItsCommon_Pixits all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + import from LibItsSecurity_Templates all; + import from LibItsSecurity_Pixits all; + import from LibItsSecurity_Pics all; + import from LibItsSecurity_TestSystem all; + + group helpersFunctions { + + /** + * @desc Produces a 256-bit (32-byte) hash value + * @param p_toBeHashedData Data to be used to calculate the hash value + * @return The hash value + */ + function f_hashWithSha256( + in octetstring p_toBeHashedData + ) return Oct32 { + return fx_hashWithSha256(p_toBeHashedData); + } // End of function f_hashWithSha256 + + /** + * @desc Produces a 384-bit (48-byte) hash value + * @param p_toBeHashedData Data to be used to calculate the hash value + * @return The hash value + */ + function f_hashWithSha384( + in octetstring p_toBeHashedData + ) return Oct48 { + return fx_hashWithSha384(p_toBeHashedData); + } // End of function f_hashWithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 + * @param p_toBeSignedSecuredMessage The data to be signed + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_privateKey The private key for signature + * @return The signature value + */ + function f_signWithEcdsaNistp256WithSha256( + in octetstring p_toBeSignedSecuredMessage, + in Oct32 p_certificateIssuer, + in Oct32 p_privateKey + ) return octetstring { + log(">>> f_signWithEcdsaNistp256WithSha256: p_toBeSignedSecuredMessage= ", p_toBeSignedSecuredMessage); + log(">>> f_signWithEcdsaNistp256WithSha256: p_certificateIssuer= ", p_certificateIssuer); + log(">>> f_signWithEcdsaNistp256WithSha256: p_privateKey= ", p_privateKey); + + return fx_signWithEcdsaNistp256WithSha256( + p_toBeSignedSecuredMessage, + p_certificateIssuer, + p_privateKey + ); + + } // End of function f_signWithEcdsaNistp256WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 + * @param p_toBeSignedSecuredMessage The data to be signed + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_privateKey The private key for signature + * @return The signature value + */ + function f_signWithEcdsaBrainpoolp256r1WithSha256( + in octetstring p_toBeSignedSecuredMessage, + in Oct32 p_certificateIssuer, + in Oct32 p_privateKey + ) return octetstring { + return fx_signWithEcdsaBrainpoolp256r1WithSha256( + p_toBeSignedSecuredMessage, + p_certificateIssuer, + p_privateKey + ); + + } // End of function f_signWithEcdsaBrainpoolp256r1WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature based on standard IEEE 1609.2 + * @param p_toBeSignedSecuredMessage The data to be signed + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_privateKey The private key for signature + * @return The signature value + */ + function f_signWithEcdsaBrainpoolp384r1WithSha384( + in octetstring p_toBeSignedSecuredMessage, + in Oct48 p_certificateIssuer, + in Oct48 p_privateKey + ) return octetstring { + log(">>> f_signWithEcdsaBrainpoolp384r1WithSha384: ", p_toBeSignedSecuredMessage); + log(">>> f_signWithEcdsaBrainpoolp384r1WithSha384: ", p_certificateIssuer); + log(">>> f_signWithEcdsaBrainpoolp384r1WithSha384: ", p_privateKey); + return fx_signWithEcdsaBrainpoolp384r1WithSha384( + p_toBeSignedSecuredMessage, + p_certificateIssuer, + p_privateKey + ); + + } // End of function f_signWithEcdsaBrainpoolp384r1WithSha384 + + function f_decrypt( + in octetstring p_encryptPrivateKey, + in EtsiTs103097Data p_encrypedSecuredMessage, + in octetstring p_salt, + out EtsiTs103097Data p_decrypedSecuredMessage, + out octetstring p_aes_sym_enc_key + ) return boolean { + if (ischosen(p_encrypedSecuredMessage.content.encryptedData)) { + var PKRecipientInfo v_pKRecipientInfo; + var RecipientInfo v_recipientInfo := p_encrypedSecuredMessage.content.encryptedData.recipients[0]; + var octetstring v_decryptedSecuredMessage; + + log(">>> f_decrypt: p_encryptPrivateKey=", p_encryptPrivateKey); + log(">>> f_decrypt: p_encrypedSecuredMessage=", p_encrypedSecuredMessage); + log(">>> f_decrypt: p_salt=", p_salt); + + // Check the private encryption key + if (not(isbound(p_encryptPrivateKey))) { + log("*** " & testcasename() & ":ERROR: Failed to load encryption private key ***"); + return false; + } + + if (ischosen(v_recipientInfo.certRecipInfo)) { + v_pKRecipientInfo := p_encrypedSecuredMessage.content.encryptedData.recipients[0].certRecipInfo; + // Read the certificate based on the recipientId + } else if (ischosen(v_recipientInfo.signedDataRecipInfo)) { + v_pKRecipientInfo := p_encrypedSecuredMessage.content.encryptedData.recipients[0].signedDataRecipInfo; + // Read the certificate based on the recipientId + } else { + log("*** " & testcasename() & ":ERROR: Unsupported RecipientInfo variant ***"); + return false; + } + + log("f_decrypt: v_pKRecipientInfo=", v_pKRecipientInfo); + if (isbound(v_pKRecipientInfo)) { + if (ischosen(v_pKRecipientInfo.encKey.eciesNistP256)) { + var SymmetricCiphertext v_ciphertext := p_encrypedSecuredMessage.content.encryptedData.ciphertext; + + log("f_decrypt: v_ciphertext=", v_ciphertext); + if (ischosen(v_pKRecipientInfo.encKey.eciesNistP256.v.compressed_y_0)) { + v_decryptedSecuredMessage := f_decryptWithEciesNistp256WithSha256( + v_ciphertext.aes128ccm.ccmCiphertext, + p_encryptPrivateKey, + v_pKRecipientInfo.encKey.eciesNistP256.v.compressed_y_0, + 0, + v_pKRecipientInfo.encKey.eciesNistP256.c, + v_pKRecipientInfo.encKey.eciesNistP256.t, + v_ciphertext.aes128ccm.nonce, + p_salt, + p_aes_sym_enc_key + ); + } else if (ischosen(v_pKRecipientInfo.encKey.eciesNistP256.v.compressed_y_1)) { + v_decryptedSecuredMessage := f_decryptWithEciesNistp256WithSha256( + v_ciphertext.aes128ccm.ccmCiphertext, + p_encryptPrivateKey, + v_pKRecipientInfo.encKey.eciesNistP256.v.compressed_y_1, + 1, + v_pKRecipientInfo.encKey.eciesNistP256.c, + v_pKRecipientInfo.encKey.eciesNistP256.t, + v_ciphertext.aes128ccm.nonce, + p_salt, + p_aes_sym_enc_key + ); + } else { + log("*** " & testcasename() & ":ERROR: Non canonical ephemeral encryption keys ***"); + return false; + } + if (isbound(v_decryptedSecuredMessage)) { + var bitstring v_decode := oct2bit(v_decryptedSecuredMessage); + if (decvalue(v_decode, p_decrypedSecuredMessage) == 0) { + return true; + } else { + log("*** " & testcasename() & ":ERROR: Faild to decode secured message ***"); + } + } + } else if (ischosen(v_pKRecipientInfo.encKey.eciesBrainpoolP256r1)) { + var SymmetricCiphertext v_ciphertext := p_encrypedSecuredMessage.content.encryptedData.ciphertext; + if (ischosen(v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.v.compressed_y_0)) { + v_decryptedSecuredMessage := f_decryptWithEciesBrainpoolp256r1WithSha256( + v_ciphertext.aes128ccm.ccmCiphertext, + p_encryptPrivateKey, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.v.compressed_y_0, + 0, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.c, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.t, + v_ciphertext.aes128ccm.nonce, + p_salt, p_aes_sym_enc_key + ); + } else if (ischosen(v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.v.compressed_y_1)) { + v_decryptedSecuredMessage := f_decryptWithEciesBrainpoolp256r1WithSha256( + v_ciphertext.aes128ccm.ccmCiphertext, + p_encryptPrivateKey, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.v.compressed_y_1, + 1, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.c, + v_pKRecipientInfo.encKey.eciesBrainpoolP256r1.t, + v_ciphertext.aes128ccm.nonce, + p_salt, + p_aes_sym_enc_key + ); + } else { + log("*** " & testcasename() & ":ERROR: Non canonical ephemeral encryption keys ***"); + return false; + } + } else { + log("*** " & testcasename() & ":ERROR: Non canonical ephemeral encryption keys ***"); + return false; + } + // TODO else, other variants shall be processed here if + } else { + log("*** " & testcasename() & ":ERROR: Invalid recipient info ***"); + return false; + } + if (isbound(v_decryptedSecuredMessage)) { + var bitstring v_decode := oct2bit(v_decryptedSecuredMessage); + if (decvalue(v_decode, p_decrypedSecuredMessage) == 0) { + return true; + } else { + log("*** " & testcasename() & ":ERROR: Faild to decode secured message ***"); + } + } + } else { + log("*** " & testcasename() & ":ERROR: Message not encrypted ***"); + } + + return false; + } // End of function f_decrypt + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm + * @param p_toBeEncryptedSecuredMessage The data to be encrypted + * @param p_recipientsPublicKeyCompressed The Recipient's compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES + * @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ + * @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf + * @return The encrypted message + */ + function f_encryptWithEciesNistp256WithSha256( + in octetstring p_toBeEncryptedSecuredMessage, + in Oct32 p_recipientsPublicKeyCompressed, + in integer p_compressed_mode, + in octetstring p_salt, + out Oct32 p_publicEphemeralKeyCompressed, + out integer p_ephemeralKeyModeCompressed, + out Oct16 p_aes_sym_key, + out Oct16 p_encrypted_sym_key, + out Oct16 p_authentication_vector, + out Oct12 p_nonce + ) return octetstring { + return fx_encryptWithEciesNistp256WithSha256( + p_toBeEncryptedSecuredMessage, + p_recipientsPublicKeyCompressed, + p_compressed_mode, + p_salt, + p_publicEphemeralKeyCompressed, + p_ephemeralKeyModeCompressed, + p_aes_sym_key, + p_encrypted_sym_key, + p_authentication_vector, + p_nonce + ); + } // End of function f_encryptWithEciesNistp256WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Nist-P256 algorithm + * @param p_encryptedSecuredMessage The data to be decrypted + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The decrypted message + * @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES + * @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ + * @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf + */ + function f_decryptWithEciesNistp256WithSha256( + in octetstring p_encryptedSecuredMessage, + in Oct32 p_privateEncKey, + in Oct32 p_publicEphemeralKeyCompressed, + in integer p_ephemeralKeyModeCompressed, + in Oct16 p_encrypted_sym_key, + in Oct16 p_authentication_vector, + in Oct12 p_nonce, + in Oct32 p_salt, + out Oct16 p_aes_sym_enc_key + ) return octetstring { + return fx_decryptWithEciesNistp256WithSha256( + p_encryptedSecuredMessage, + p_privateEncKey, + p_publicEphemeralKeyCompressed, + p_ephemeralKeyModeCompressed, + p_encrypted_sym_key, + p_authentication_vector, + p_nonce, + p_salt, + p_aes_sym_enc_key + ); + } // End of function f_decryptWithEcdsaNistp256WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Brainpool-P256 algorithm + * @param p_toBeEncryptedSecuredMessage The data to be encrypted + * @param p_recipientsPublicKeyCompressed The Recipient's compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The encrypted message + * @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES + * @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ + * @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf + */ + function f_encryptWithEciesBrainpoolp256r1WithSha256( + in octetstring p_toBeEncryptedSecuredMessage, + in Oct32 p_recipientsPublicKeyCompressed, + in integer p_compressed_mode, + in octetstring p_salt, + out Oct32 p_publicEphemeralKeyCompressed, + out integer p_ephemeralKeyModeCompressed, + out Oct16 p_aes_sym_key, + out Oct16 p_encrypted_sym_key, + out Oct16 p_authentication_vector, + out Oct12 p_nonce + ) return octetstring { + return fx_encryptWithEciesBrainpoolp256r1WithSha256( + p_toBeEncryptedSecuredMessage, + p_recipientsPublicKeyCompressed, + p_compressed_mode, + p_salt, + p_publicEphemeralKeyCompressed, + p_ephemeralKeyModeCompressed, + p_aes_sym_key, + p_encrypted_sym_key, + p_authentication_vector, + p_nonce + ); + } // End of function f_encryptWithEciesBrainpoolp256r1WithSha256 + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Brainpool-P256 algorithm + * @param p_encryptedSecuredMessage The data to be decrypted + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The decrypted message + * @see IEEE Std 1609.2-2017 Clause 5.3.5 Public key encryption algorithms: ECIES + * @see https://www.nominet.uk/researchblog/how-elliptic-curve-cryptography-encryption-works/ + * @see http://digital.csic.es/bitstream/10261/32671/1/V2-I2-P7-13.pdf + */ + function f_decryptWithEciesBrainpoolp256r1WithSha256( + in octetstring p_encryptedSecuredMessage, + in Oct32 p_privateEncKey, + in Oct32 p_publicEphemeralKeyCompressed, + in integer p_ephemeralKeyModeCompressed, + in Oct16 p_encrypted_sym_key, + in Oct16 p_authentication_vector, + in Oct12 p_nonce, + in Oct32 p_salt, + out Oct16 p_aes_sym_enc_key + ) return octetstring { + return fx_decryptWithEciesBrainpoolp256r1WithSha256( + p_encryptedSecuredMessage, + p_privateEncKey, + p_publicEphemeralKeyCompressed, + p_ephemeralKeyModeCompressed, + p_encrypted_sym_key, + p_authentication_vector, + p_nonce, + p_salt, + p_aes_sym_enc_key + ); + } // End of function f_decryptWithEcdsaBrainpoolp256r1WithSha256 + + /** + * @desc Compute the HashedId8 value from the hash value + * @param p_hash The hash value + * @return The HashedId8 value + * @verdict + */ + function f_hashedId8FromSha256( + in Oct32 p_hash + ) return HashedId8 { + return substr(p_hash, lengthof(p_hash) - 8, 8); + } // End of function f_hashedId8FromSha256 + + /** + * @desc Compute the HashedId8 value from the hash value + * @param p_hash The hash value + * @return The HashedId8 value + * @verdict + */ + function f_hashedId8FromSha384( + in Oct48 p_hash + ) return HashedId8 { + return substr(p_hash, lengthof(p_hash) - 8, 8); + } // End of function f_hashedId8FromSha384 + + /** + * @desc Compute the HashedId3 value from the HashedId8 value + * @param p_hashp_hashedId8 The HashedId8 value + * @return The HashedId3 value + * @verdict Unchanged + */ + function f_hashedId3FromHashedId8( + in HashedId8 p_hashedId8 + ) return HashedId3 { + return substr(p_hashedId8, lengthof(p_hashedId8) - 3, 3); + } // End of function f_hashedId3FromHashedId8 + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaNistp256PublicKeyCompressed The compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaNistp256WithSha256( + in octetstring p_toBeVerifiedData, + in Oct32 p_certificateIssuer, + in Oct64 p_signature, + in Oct32 p_ecdsaNistp256PublicKeyCompressed, + in integer p_compressed_mode + ) return boolean { +// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaNistp256WithSha256: signature", p_signature); +// log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyCompressed", p_ecdsaNistp256PublicKeyCompressed); + return fx_verifyWithEcdsaNistp256WithSha256( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaNistp256PublicKeyCompressed, + p_compressed_mode + ); + } // End of function f_verifyWithEcdsaNistp256WithSha256 + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaNistp256PublicKeyX The public key (x coordinate) + * @param p_ecdsaNistp256PublicKeyY The public key (y coordinate) + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaNistp256WithSha256_1( // TODO To be removed + in octetstring p_toBeVerifiedData, + in Oct32 p_certificateIssuer, + in Oct64 p_signature, + in Oct32 p_ecdsaNistp256PublicKeyX, + in Oct32 p_ecdsaNistp256PublicKeyY + ) return boolean { +// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaNistp256WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaNistp256WithSha256: signature", p_signature); +// log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyX", p_ecdsaNistp256PublicKeyX); +// log("f_verifyWithEcdsaNistp256WithSha256: ecdsaNistp256PublicKeyY", p_ecdsaNistp256PublicKeyY); + return fx_verifyWithEcdsaNistp256WithSha256_1( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaNistp256PublicKeyX, + p_ecdsaNistp256PublicKeyY); + } // End of function f_verifyWithEcdsaNistp256WithSha256_1 + + /** + * @Desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaBrainpoolp256PublicKeyCompressed The compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaBrainpoolp256r1WithSha256( + in octetstring p_toBeVerifiedData, + in Oct32 p_certificateIssuer, + in Oct64 p_signature, + in Oct32 p_ecdsaBrainpoolp256PublicKeyCompressed, + in integer p_compressed_mode + ) return boolean { + log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: toBeVerifiedData", p_toBeVerifiedData); + log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); + log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: signature", p_signature); + log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: ecdsaBrainpoolp256PublicKeyCompressed", p_ecdsaBrainpoolp256PublicKeyCompressed); + return fx_verifyWithEcdsaBrainpoolp256r1WithSha256( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaBrainpoolp256PublicKeyCompressed, + p_compressed_mode + ); + } // End of function f_verifyWithEcdsaBrainpoolp256r1WithSha256 + + /** + * @Desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaBrainpoolp256PublicKeyX The public key (x coordinate) + * @param p_ecdsaBrainpoolp256PublicKeyY The public key (y coordinate) + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaBrainpoolp256r1WithSha256_1( // TODO To be removed + in octetstring p_toBeVerifiedData, + in Oct32 p_certificateIssuer, + in Oct64 p_signature, + in Oct32 p_ecdsaBrainpoolp256PublicKeyX, + in Oct32 p_ecdsaBrainpoolp256PublicKeyY + ) return boolean { +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: signature", p_signature); +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: ecdsaBrainpoolp256PublicKeyX", p_ecdsaBrainpoolp256PublicKeyX); +// log("f_verifyWithEcdsaBrainpoolp256r1WithSha256: ecdsaBrainpoolp256PublicKeyY", p_ecdsaBrainpoolp256PublicKeyY); + return fx_verifyWithEcdsaBrainpoolp256r1WithSha256_1( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaBrainpoolp256PublicKeyX, + p_ecdsaBrainpoolp256PublicKeyY); + } // End of function f_verifyWithEcdsaBrainpoolp256r1WithSha256_1 + + /** + * @Desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaBrainpoolp384PublicKeyX The public key (x coordinate) + * @param p_ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaBrainpoolp384r1WithSha384( + in octetstring p_toBeVerifiedData, + in Oct48 p_certificateIssuer, + in Oct96 p_signature, + in Oct48 p_ecdsaBrainpoolp384PublicKeyCompressed, + in integer p_compressed_mode + ) return boolean { +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: signature", p_signature); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: ecdsaBrainpoolp384PublicKeyCompressed", p_ecdsaBrainpoolp384PublicKeyCompressed); + return fx_verifyWithEcdsaBrainpoolp384r1WithSha384( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaBrainpoolp384PublicKeyCompressed, + p_compressed_mode + ); + } // End of function f_verifyWithEcdsaBrainpoolp384r1WithSha384 + + /** + * @Desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaBrainpoolp384PublicKeyX The public key (x coordinate) + * @param p_ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) + * @return true on success, false otherwise + */ + function f_verifyWithEcdsaBrainpoolp384r1WithSha384_1( // TODO To be removed + in octetstring p_toBeVerifiedData, + in Oct48 p_certificateIssuer, + in Oct96 p_signature, + in Oct48 p_ecdsaBrainpoolp384PublicKeyX, + in Oct48 p_ecdsaBrainpoolp384PublicKeyY + ) return boolean { +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: toBeVerifiedData", p_toBeVerifiedData); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: toBeVerifiedData length", lengthof(p_toBeVerifiedData)); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: signature", p_signature); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: ecdsaBrainpoolp384PublicKeyX", p_ecdsaBrainpoolp384PublicKeyX); +// log("f_verifyWithEcdsaBrainpoolp384r1WithSha384: ecdsaBrainpoolp384PublicKeyY", p_ecdsaBrainpoolp384PublicKeyY); + return fx_verifyWithEcdsaBrainpoolp384r1WithSha384_1( + p_toBeVerifiedData, + p_certificateIssuer, + p_signature, + p_ecdsaBrainpoolp384PublicKeyX, + p_ecdsaBrainpoolp384PublicKeyY); + } // End of function f_verifyWithEcdsaBrainpoolp384r1WithSha384_1 + + /** + * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. + * This function should not be used by the ATS + * @param p_privateKey The new private key value + * @param p_publicKeyX The new public key value (x coordinate) + * @param p_publicKeyX The new public key value (y coordinate) + * @param p_publicKeyCompressed The compressed public keys + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_generate_key_pair_nistp256( + out Oct32 p_privateKey, + out Oct32 p_publicKeyX, + out Oct32 p_publicKeyY, + out Oct32 p_publicKeyCompressed, + out integer p_compressed_mode + ) return boolean { + log(">>> f_generate_key_pair_nistp256"); + return fx_generateKeyPair_nistp256(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressed_mode); + } + + /** + * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. + * This function should not be used by the ATS + * @param p_privateKey The new private key value + * @param p_publicKeyX The new public key value (x coordinate) + * @param p_publicKeyX The new public key value (y coordinate) + * @param p_publicKeyCompressed The compressed public keys + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_generate_key_pair_brainpoolp256r1( + out Oct32 p_privateKey, + out Oct32 p_publicKeyX, + out Oct32 p_publicKeyY, + out Oct32 p_publicKeyCompressed, + out integer p_compressed_mode + ) return boolean { + log(">>> f_generate_key_pair_brainpoolp256r1"); + return fx_generateKeyPair_brainpoolp256r1(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressed_mode); + } + + /** + * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. + * This function should not be used by the ATS + * @param p_privateKey The new private key value + * @param p_publicKeyX The new public key value (x coordinate) + * @param p_publicKeyX The new public key value (y coordinate) + * @param p_publicKeyCompressed The compressed public keys + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + function f_generate_key_pair_brainpoolp384r1( + out Oct48 p_privateKey, + out Oct48 p_publicKeyX, + out Oct48 p_publicKeyY, + out Oct48 p_publicKeyCompressed, + out integer p_compressed_mode + ) return boolean { + return fx_generateKeyPair_brainpoolp384r1(p_privateKey, p_publicKeyX, p_publicKeyY, p_publicKeyCompressed, p_compressed_mode); + } + + /** + * @desc Calculate digest over the certificate + * @param p_cert The certificate + * @return the HashedId8 value + * @see Draft ETSI TS 103 097 V1.1.14 Clause 4.2.13 HashedId8 + */ + function f_calculateDigestFromCertificate( + in Certificate p_cert + ) return HashedId8 { + var octetstring v_hash; + + if (PICS_SEC_SHA256) { + v_hash := f_calculateDigestSha256FromCertificate(p_cert); + } if (PICS_SEC_SHA384) { + v_hash := f_calculateDigestSha384FromCertificate(p_cert); + } + + return substr(v_hash, lengthof(v_hash) - 8, 8); + } // End of function f_calculateDigestFromCertificate + + /** + * @desc Calculate digest over the certificate + * @param p_cert The certificate + * @return the HashedId8 value + * @see Draft ETSI TS 103 097 V1.1.14 Clause 4.2.13 HashedId8 + */ + function f_calculateDigestSha256FromCertificate( + in EtsiTs103097Certificate p_cert + ) return HashedId8 { + var octetstring v_toBeHashedData; + var octetstring v_hash; + + v_toBeHashedData := bit2oct(encvalue(p_cert)); + v_hash := f_hashWithSha256(v_toBeHashedData); + return substr(v_hash, lengthof(v_hash) - 8, 8); + } // End of function f_calculateDigestSha256FromCertificate + + function f_calculateDigestSha384FromCertificate( + in EtsiTs103097Certificate p_cert + ) return HashedId8 { + var octetstring v_toBeHashedData; + var octetstring v_hash; + + v_toBeHashedData := bit2oct(encvalue(p_cert)); + v_hash := f_hashWithSha384(v_toBeHashedData); + return substr(v_hash, lengthof(v_hash) - 8, 8); + } // End of function f_calculateDigestSha384FromCertificate + + function f_duration2time( + in Duration p_duration + ) return UInt16 { + if (ischosen(p_duration.seconds)) { + return p_duration.seconds; + } else if (ischosen(p_duration.minutes)) { + return p_duration.minutes; + } else if (ischosen(p_duration.hours)) { + return p_duration.hours; + } else if (ischosen(p_duration.sixtyHours)) { + return p_duration.sixtyHours; + } else if (ischosen(p_duration.years)) { + return p_duration.years; + } + + return 0; // Unrechable code + } // End of function f_duration2time + + group hostSignatureHelpers { + + /** + * @desc Initialize [out] certificates according to the specified certificate name + * @param p_certificateName The certificate name to be used + * @param p_aaCertificate The AA certificate [out] + * @param p_atCertificate The AT certificate [out] + * @return true on succes, false otherwise + * @see Draft ETSI TS 103 097 V1.1.14 Clause 4.2.13 HashedId8 + */ + function f_prepareCertificates( + in template (omit) charstring p_certificateName, + out EtsiTs103097Certificate p_aaCertificate, + out EtsiTs103097Certificate p_atCertificate + ) runs on ItsSecurityBaseComponent return boolean { + //log(">>> f_prepareCertificates: ", p_certificateName); + + // Load certificates if required + if ((lengthof(p_certificateName) > 0) and (valueof(p_certificateName) != cc_taCert_A)) { + var HashedId8 v_digest; + var charstring v_cert; + + if (f_readCertificate(valueof(p_certificateName), p_atCertificate) == false){ + log("f_prepareCertificates: Failed to read certificate ", p_certificateName); + return false; + } + if (ischosen(p_atCertificate.issuer.sha256AndDigest)) { + v_digest := p_atCertificate.issuer.sha256AndDigest; + } else if (ischosen(p_atCertificate.issuer.sha384AndDigest)) { + v_digest := p_atCertificate.issuer.sha384AndDigest; + } else { + log("f_prepareCertificates: Invalid certificate issuer ", p_atCertificate.issuer); + return false; + } + if (f_getCertificateFromDigest(v_digest, p_aaCertificate, v_cert) == false) { + log("f_prepareCertificates: Failed to read certificate issuer ", v_digest); + return false; + } + } else { + p_atCertificate := vc_atCertificate; + p_aaCertificate := vc_aaCertificate; + } + // Store the certificate to build this message + vc_lastAtCertificateUsed := p_atCertificate; + + return true; + } // End of function f_prepareCertificates + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process + * @param p_securedMessage The signed SecureMessage part + * @param p_payloadField Payloads to be included in the message + * @param p_mandatoryHeaders Mandatory headers for the selected profile + * @param p_headerInfo HeaderInfo to be inserted in the message + * @param p_securityProfile Selected security profile + * @return true on success, false otherwise + */ + function f_buildGnSecuredMessage( + inout EtsiTs103097Data p_securedMessage, + in charstring p_certificateName, + in ToBeSignedData p_payloadField + ) runs on ItsSecurityBaseComponent return boolean { + + // Local variables + var octetstring v_secPayload, v_signature; + var ToBeSignedData v_toBeSignedData; + var octetstring v_certificateIssuer; + var octetstring v_privateKey; + + log(">>> f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); + log(">>> f_buildGnSecuredMessage: p_payloadField=", p_payloadField); + + // Prepare payload to be signed + v_toBeSignedData := valueof(p_payloadField); + v_secPayload := bit2oct(encvalue(v_toBeSignedData)); + log("f_buildGnSecuredMessage: v_secPayload=", v_secPayload); + + // Signed payload + if (ispresent(p_certificateName) and (valueof(p_certificateName) != cc_taCert_A)) { + if(not f_readSigningKey(valueof(p_certificateName), v_privateKey)){ + return false; + } + } else { + if(not f_readSigningKey(cc_taCert_A, v_privateKey)){ + return false; + } + } +// log("f_buildGnSecuredMessage: v_privateKey=", v_privateKey); + f_getCertificateHash(p_certificateName, v_certificateIssuer); + + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature)) { + v_signature := f_signWithEcdsaNistp256WithSha256( + v_secPayload, + v_certificateIssuer, + v_privateKey + ); + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaNistP256( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), + substr(v_signature, 32, 32) + ) + )); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { + v_signature := f_signWithEcdsaBrainpoolp256r1WithSha256( + v_secPayload, + v_certificateIssuer, + v_privateKey + ); + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(substr(v_signature, 0, 32)), + substr(v_signature, 32, 32) + ) + )); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) { + v_signature := f_signWithEcdsaBrainpoolp384r1WithSha384( + v_secPayload, + v_certificateIssuer, + v_privateKey + ); + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( + m_ecdsaP384Signature( + m_eccP384CurvePoint_x_only(substr(v_signature, 0, 48)), + substr(v_signature, 48, 48) + ) + )); + } // TODO To be continued + +// log("<<< f_buildGnSecuredMessage: p_securedMessage=", p_securedMessage); + return true; + } // End of function f_buildGnSecuredMessage + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process including wrong elements of protocols. It is used for BO test cases + * @param p_securedMessage The signed SecureMessage part + * @param p_certificateName The certificate name + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *
  • 0 for no trailer
    • + *
  • 1 for invalid trailer
    • + *
  • 2 for duplicated trailer
    • + * @param p_payloadField Payloads to be included in the message + * @param p_mandatoryHeaders Mandatory headers for the selected profile + * @param p_headerInfo HeaderInfo to be inserted in the message + * @param p_securityProfile Selected security profile + * @return true on success, false otherwise + */ + function f_buildGnSecuredMessage_Bo( + inout EtsiTs103097Data p_securedMessage, + in template (value) charstring p_certificateName, + in UInt8 p_protocolVersion := c_protocol_version, + in integer p_trailerStatus := 0, + in template (value) ToBeSignedData p_payloadField, + in template (value) HeaderInfo p_mandatoryHeaders, + in template (omit) HeaderInfo p_headerInfo := omit + ) return boolean { + + // Local variables + var octetstring v_secPayload, v_signature; + var template (value) ToBeSignedData v_toBeSignedData; + var integer i, j, k, n; + var HeaderInfo v_headerFields; + var Ieee1609Dot2Content v_toBeSignedPayload; + var Oct32 v_privateKey; + var UInt8 v_trailerSize; + + // Prepare headers + if (not(ispresent(p_headerInfo))) { + v_headerFields := valueof(p_mandatoryHeaders); + } else {/* FIXME To be reviewed + // Merge p_headerInfo and v_mandatoryHeaders into v_headerFields + + i := 0; // index for p_headerInfo + j := 0; // index for v_mandatoryHeaders + k := 0; // index for v_headerFields + + // Special processing for signer_info + if (lengthof(valueof(p_headerInfo)) > 0 and valueof(p_headerInfo[i].type_) == e_signer_info) { + v_headerFields[k] := valueof(p_headerInfo[i]); + k := k + 1; + i := i + 1; + } + + for (j := j; j < lengthof(p_mandatoryHeaders); j := j + 1) { + // Search for mandatory header in p_HeaderFields + for (n := 0; n < lengthof(p_headerInfo); n := n + 1) { + if (valueof(p_headerInfo[n].type_) == valueof(p_mandatoryHeaders[j].type_)) { + // mandatory header already in p_HeaderFields + break; + } + } // End of 'for' statement + if (n >= lengthof(p_headerInfo)) { + if (valueof(p_mandatoryHeaders[j].type_) != e_signer_info) { + // Add headers from p_headerInfo having lower number than mandatory header + for (n := i; n < lengthof(p_headerInfo) and valueof(p_headerInfo[n].type_) < valueof(p_mandatoryHeaders[j].type_); n := n + 1) { + v_headerFields[k] := valueof(p_headerInfo[n]); + k := k + 1; + i := i + 1; + } + } + // Add mandatory header + v_headerFields[k] := valueof(p_mandatoryHeaders[j]); + k := k + 1; + } + } // End of 'for' statement + + // Add remaining headers from p_HeaderFields + for ( i := i; i < lengthof(p_headerInfo); i := i + 1) { + // Add headers from p_headerInfo having lower number than mandatory header + v_headerFields[k] := valueof(p_headerInfo[i]); + k := k + 1; + } // End of 'for' statement + */} + + // Prepare payload to be signed + /* FIXME To be reviewed v_toBeSignedPayload := valueof(p_payloadField); +// log("p_trailerStatus=", p_trailerStatus); + if (p_trailerStatus == 0) { + v_trailerSize := 0; + } else if (p_trailerStatus == 1) { + v_trailerSize := 67; + } else if (p_trailerStatus == 2) { + v_trailerSize := 2 * 67; + } else { + v_trailerSize := 67; + } + v_toBeSignedData := m_toBeSignedSecuredMessage_wrong_protocol( + v_headerFields, + v_toBeSignedPayload, + e_signature, + p_protocolVersion, + v_trailerSize + );*/ +// log("m_toBeSignedSecuredMessage_wrong_protocol=", v_toBeSignedData); + + /* FIXME To be reviewedv_secPayload := bit2oct(encvalue(v_toBeSignedData)); +// log("v_secPayload=", v_secPayload); + + // Signed payload + if (ispresent(p_certificateName) and (valueof(p_certificateName) != cc_taCert_A)) { + if(not f_readSigningKey(valueof(p_certificateName), v_privateKey)){ + return false; + } + } else { + if(not f_readSigningKey(cc_taCert_A, v_privateKey)){ + return false; + } + } + v_signature := f_signWithEcdsaNistp256WithSha256( + v_secPayload, + v_privateKey + );*/ +// log("v_signature=", v_signature); + +// log("p_trailerStatus=", p_trailerStatus); + /* FIXME To be reviewed if (p_trailerStatus == 0) { // No signature + p_securedMessage := m_securedMessage( + valueof(v_toBeSignedData.header_fields), + p_payloadField, + { } + ); + v_trailerSize := 0; + } else if (p_trailerStatus == 2) { // Duplicate signature + p_securedMessage := m_securedMessage( + valueof(v_toBeSignedData.header_fields), + p_payloadField, + { + m_trailer_field_signature( + m_signature( + m_ecdsaSignature( + m_eccPointecdsa_nistp256_with_sha256_y_coordinate_only( + substr(v_signature, 2, 32) + ), + substr(v_signature, 34, 32) + ) + ) + ), + m_trailer_field_signature( + m_signature( + m_ecdsaSignature( + m_eccPointecdsa_nistp256_with_sha256_y_coordinate_only( + substr(v_signature, 2, 32) + ), + substr(v_signature, 34, 32) + ) + ) + ) + } + ); + } else if (p_trailerStatus == 3) { // Signature with reserved algorthm + p_securedMessage := m_ieee1609Dot2Data_wrong_protocol( + p_protocolVersion, + valueof(v_toBeSignedData.header_fields), + p_payloadField, + { + m_trailer_field_signature( + m_unknownSignature( + v_signature + ) + ) + } + ); + } else { // Invalid signature + p_securedMessage := m_securedMessage( + valueof(v_toBeSignedData.header_fields), + p_payloadField, + { + m_trailer_field_signature( + m_signature( + m_ecdsaSignature( + m_eccPointecdsa_nistp256_with_sha256_y_coordinate_only( + substr(v_signature, 2, 32) + ), + substr(v_signature, 34, 32) + ) + ) + ) + } + ); + p_securedMessage.trailer_fields[0].trailerField.signature_.ecdsaNistP256Signature.sSig := not4b(valueof(p_securedMessage.trailer_fields[0].trailerField.signature_.ecdsaNistP256Signature.sSig)); + }*/ + + return false;/* FIXME To be reviewed true;*/ + } // End of function f_buildGnSecuredMessage_Bo + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process + * @param p_securedMessage The signed SecureMessage part + * @param p_payloadField Payloads to be included in the message + * @param p_signerIdentifierType Add digest or AT certificate or certificate chain + * @param p_certificateName The certificate identifier to be used. Default: TA_CERT_A + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerInfo + * @return true on success, false otherwise + * + * @see Draft ETSI TS 103 097 V1.1.14 Clause 7.1 Security profile for CAMs + */ + function f_buildGnSecuredCam( + out EtsiTs103097Data p_securedMessage, + in ToBeSignedData p_payloadField, + in SignerIdentifier p_signerIdentifierType, + in charstring p_certificateName := "" + ) runs on ItsSecurityBaseComponent return boolean { + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + + log(">>> f_buildGnSecuredCam: p_securedMessage= ", p_securedMessage); + log(">>> f_buildGnSecuredCam: p_payloadField= ", p_payloadField); + + // Load certificates if required + if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { + return false; + } + //log("f_buildGnSecuredCam: v_atCertificate = ", v_atCertificate); + + // Fill the structure with default values, these values will be updated later + p_securedMessage := valueof(m_etsiTs103097Data_signed( + m_signedData( + sha256, + p_payloadField, + m_signerIdentifier_self, + m_signature_ecdsaNistP256( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(int2oct(0, 32)), + int2oct(0, 32) + ) + ) + ) + )); + // Prepare mandatory headers + log("f_buildGnSecuredCam: p_signerIdentifierType=", p_signerIdentifierType); + if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest + if (ischosen(v_atCertificate.issuer.sha256AndDigest)) { + p_securedMessage.content.signedData.hashId := sha256; + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( + f_calculateDigestSha256FromCertificate(v_atCertificate) + )); + } else if (ischosen(v_atCertificate.issuer.sha384AndDigest)) { + p_securedMessage.content.signedData.hashId := sha384; + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( + f_calculateDigestSha384FromCertificate(v_atCertificate) + )); + } + } + if (ispresent(v_atCertificate.signature_)) { + if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP256r1Signature)) { + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(int2oct(0, 32)), + int2oct(0, 32) + ) + )); + } else if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP384r1Signature)) { + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( + m_ecdsaP384Signature( + m_eccP384CurvePoint_x_only(int2oct(0, 48)), + int2oct(0, 48) + ) + )); + } // else, m_signature_ecdsaNistP256 already chosen by default + } + log("f_buildGnSecuredCam: p_securedMessage = ", p_securedMessage); + + return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/); + + } // End of function f_buildGnSecuredCam + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process including wrong elements of protocols. It is used for BO test cases + * @param p_securedMessage The signed SecureMessage part + * @param p_signerIdentifierType Add digest or AT certificate or certificate chain + * @param p_certificateName The certificate identifier to be used. Default: TA_CERT_A + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_alterIssuerIdentifier Set to true to alter IssuerIdentifier + * @param p_alterATCertificateSignature Set to true to alter the AT certificate signature + * @param p_alterAACertificateSignature Set to true to alter the AA certificate signature + * @return true on success, false otherwise + * + * @see Draft ETSI TS 103 097 V1.1.14 Clause 7.1 Security profile for CAMs + */ + function f_buildGnSecuredCam_Bo( + out EtsiTs103097Data p_securedMessage, + in ToBeSignedData p_payloadField, + in SignerIdentifier p_signerIdentifierType, // FIXME To be reviewed + in charstring p_certificateName, + in UInt8 p_protocolVersion, + in boolean p_alter_psid, + in boolean p_add_generation_location, + in boolean p_add_expiry_time, + in boolean p_add_p2pcd_learning_request, + in boolean p_add_missing_crl_identifier, + in boolean p_add_encryption_key, + in boolean p_alter_signature_algorithm, + in boolean p_alter_signer_identifier, + in boolean p_alter_signature + ) runs on ItsSecurityBaseComponent return boolean { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_signerInfo; + + // Load certificates if required + if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { + return false; + } + + // Fill the structure with default values, these values will be updated later + p_securedMessage := valueof(m_etsiTs103097Data_signed( + m_signedData( + sha256, + p_payloadField, + m_signerIdentifier_self, + m_signature_ecdsaNistP256( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(int2oct(0, 32)), + int2oct(0, 32) + ) + ) + ) + )); + // Prepare mandatory headers + //log("f_buildGnSecuredCam: p_signerIdentifierType=", p_signerIdentifierType); + if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest + if (ischosen(v_atCertificate.issuer.sha256AndDigest)) { + p_securedMessage.content.signedData.hashId := sha256; + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( + f_calculateDigestSha256FromCertificate(v_atCertificate) + )); + } else if (ischosen(v_atCertificate.issuer.sha384AndDigest)) { + p_securedMessage.content.signedData.hashId := sha384; + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( + f_calculateDigestSha384FromCertificate(v_atCertificate) + )); + } + } + if (ispresent(v_atCertificate.signature_)) { + if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP256r1Signature)) { + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(int2oct(0, 32)), + int2oct(0, 32) + ) + )); + } else if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP384r1Signature)) { + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( + m_ecdsaP384Signature( + m_eccP384CurvePoint_x_only(int2oct(0, 48)), + int2oct(0, 48) + ) + )); + } // else, m_signature_ecdsaNistP256 already chosen by default + } + log("f_buildGnSecuredCam_Bo: p_securedMessage = ", p_securedMessage); + + // Alter protocolVersion + p_securedMessage.protocolVersion := p_protocolVersion; + // Alter psid + if (p_alter_psid == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.psid := 99; + } + // Add generationLocation + if (p_add_generation_location == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.generationLocation := valueof(m_threeDLocation(PX_WGSLATITUDE, PX_WGSLONGITUDE, 0)); + } + if (p_add_expiry_time == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.expiryTime := f_getCurrentTimeUtc() + 3600; + } + if (p_add_p2pcd_learning_request == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.p2pcdLearningRequest := 'CAFEDE'O; + } + if (p_add_missing_crl_identifier == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.missingCrlIdentifier := { + cracaId := 'CAFEDE'O, + crlSeries := 0 + }; + } + if (p_add_encryption_key == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.encryptionKey := valueof( + m_encryptionKey_public( + m_encryptionKey( + -, + m_publicEncryptionKey_eciesNistP256( + m_eccP256CurvePoint_x_only(int2oct(5096, 32)) + )))); + } + if (p_alter_signature_algorithm == true) { + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature)) { + // Change it in to Brainpool P256r1 + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature := valueof(m_ecdsaSignature( + p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.rSig, + p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.sSig + )); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { + // Change it in to NistP256 + p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature := valueof(m_ecdsaSignature( + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.rSig, + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig + )); + } else { + var EccP256CurvePoint r_sig; + // Change it in to Brainpool P256r1 + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.compressed_y_0)) { + r_sig := valueof(m_eccP256CurvePoint_compressed_y_0(str2oct(substr(oct2str(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.compressed_y_0), 0, 32 * 2)))); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.compressed_y_1)) { + r_sig := valueof(m_eccP256CurvePoint_compressed_y_1(str2oct(substr(oct2str(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.compressed_y_1), 0, 32 * 2)))); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.x_only)) { + r_sig := valueof(m_eccP256CurvePoint_x_only(str2oct(substr(oct2str(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.x_only), 0, 32 * 2)))); + } else { + // TODO + log("f_buildGnSecuredCam_Bo: Unsupported signature variant"); + } + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature := valueof(m_ecdsaSignature( + r_sig, + str2oct(substr(oct2str(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig), 0, 32 * 2)) + )); + } + } + if (p_alter_signer_identifier == true) { + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_self); + } + if (p_alter_signature == true) { + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature)) { + p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.sSig := not4b(valueof(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.sSig)); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig := not4b(valueof(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig)); + } else { + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig := not4b(valueof(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig)); + } + } + + return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField); + /*if (p_alterATCertificateSignature == true) { + v_atCertificate.signature_.ecdsaNistP256Signature.sSig := not4b(v_atCertificate.signature_.ecdsaNistP256Signature.sSig); + } + if (p_alterAACertificateSignature == true) { + v_aaCertificate.signature_.ecdsaNistP256Signature.sSig := not4b(v_aaCertificate.signature_.ecdsaNistP256Signature.sSig); + }*/ + + /* FIXME To be reviewed if (p_addMissingHeaders == true) { + // Prepare mandatory headers + if (valueof(p_signerIdentifierType) == e_certificate) { // Add the AT certificate + v_signerInfo := valueof( + m_header_info_signer_info( + m_signerIdentifier_certificate( + v_atCertificate + ))); + } else if (valueof(p_signerIdentifierType) == e_certificate_chain) { // Add the AT certificate + AA EtsiTs103097Certificate + v_signerInfo := valueof( + m_header_info_signer_info( + m_signerIdentifier_certificates( + { + v_aaCertificate, + v_atCertificate + } + ) + )); + } else if (valueof(p_signerIdentifierType) == e_certificate_digest_with_sha256) { // Add the AT certificate digest + v_signerInfo := valueof( + m_header_info_signer_info( + m_issuerIdentifier_sha256AndDigest( + f_calculateDigestFromCertificate(v_atCertificate) + ))); + } + v_mandatoryHeaders := { + v_signerInfo, + valueof(m_header_info_generation_time(1000 * f_getCurrentTime())), // In us + valueof(m_header_info_its_aid(c_its_aid_CAM)) + } + } + + return f_buildGnSecuredMessage_Bo(p_securedMessage, p_certificateName, p_protocolVersion, p_trailerStatus, p_payloadField, v_mandatoryHeaders, p_headerInfo);*/ + + } // End of function f_buildGnSecuredCam_Bo + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process + * @param p_securedMessage The signed SecureMessage part + * @param p_payloadField Payloads to be included in the message + * @param p_signerIdentifierType Add digest or AT certificate or certificate chain + * @param p_threeDLocation The 3D location + * @param p_headerInfo HeaderInfo to be inserted in the message + * @param p_certificateName The certificate identifier to be used. Default: TA_CERT_A + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerInfo + * @return true on success, false otherwise + */ + function f_buildGnSecuredDenm( + out EtsiTs103097Data p_securedMessage, + in ToBeSignedData p_payloadField, + in SignerIdentifier p_signerIdentifierType, + in charstring p_certificateName := "" + ) runs on ItsSecurityBaseComponent return boolean { + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + + log(">>> f_buildGnSecuredDenm: p_securedMessage= ", p_securedMessage); + log(">>> f_buildGnSecuredDenm: p_payloadField= ", p_payloadField); + + // Load certificates if required + if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { + return false; + } + //log("f_buildGnSecuredDenm: v_atCertificate = ", v_atCertificate); + + p_securedMessage := valueof(m_etsiTs103097Data_signed( + m_signedData( + sha256, + p_payloadField, + m_signerIdentifier_self, + m_signature_ecdsaNistP256( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(int2oct(0, 32)), + int2oct(0, 32) + ) + ) + ) + )); + // Prepare mandatory headers + log("f_buildGnSecuredDenm: p_signerIdentifierType=", p_signerIdentifierType); + if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest + if (ischosen(v_atCertificate.issuer.sha256AndDigest)) { + p_securedMessage.content.signedData.hashId := sha256; + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( + f_calculateDigestSha256FromCertificate(v_atCertificate) + )); + } else if (ischosen(v_atCertificate.issuer.sha384AndDigest)) { + p_securedMessage.content.signedData.hashId := sha384; + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( + f_calculateDigestSha384FromCertificate(v_atCertificate) + )); + } + } + if (ispresent(v_atCertificate.signature_)) { + if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP256r1Signature)) { + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(int2oct(0, 32)), + int2oct(0, 32) + ) + )); + } else if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP384r1Signature)) { + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( + m_ecdsaP384Signature( + m_eccP384CurvePoint_x_only(int2oct(0, 48)), + int2oct(0, 48) + ) + )); + } // else, m_signature_ecdsaNistP256 already chosen by default + } + log("f_buildGnSecuredDenm: p_securedMessage = ", p_securedMessage); + + return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/); + } // End of function f_buildGnSecuredDenm + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process including wrong elements of protocols. It is used for BO test cases + * @param p_securedMessage The signed SecureMessage part + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *
  • 0 for no trailer
    • + *
  • 1 for invalid trailer
    • + *
  • 2 for duplicated trailer
    • + * @param p_payloadField Payloads to be included in the message + * @param p_signerIdentifierType Add digest or AT certificate or certificate chain + * @param p_threeDLocation The 3D location + * @param p_headerInfo HeaderInfo to be inserted in the message + * @param p_certificateName The certificate identifier to be used. Default: TA_CERT_A + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerInfo + * @return true on success, false otherwise + */ + function f_buildGnSecuredDenm_Bo( + out EtsiTs103097Data p_securedMessage, + in ToBeSignedData p_payloadField, + in SignerIdentifier p_signerIdentifierType, // FIXME To be reviewed + in charstring p_certificateName, + in UInt8 p_protocolVersion, + in boolean p_alter_psid, + in boolean p_remove_generation_location := true, // Shall be present for DENM + in boolean p_add_expiry_time, + in boolean p_add_p2pcd_learning_request, + in boolean p_add_missing_crl_identifier, + in boolean p_add_encryption_key, + in boolean p_alter_signature_algorithm, + in boolean p_alter_signer_identifier, + in boolean p_alter_signature + ) runs on ItsSecurityBaseComponent return boolean { + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_signerInfo; + + // Load certificates if required + if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { + return false; + } + + // Fill the structure with default values, these values will be updated later + p_securedMessage := valueof(m_etsiTs103097Data_signed( + m_signedData( + sha256, + p_payloadField, + m_signerIdentifier_self, + m_signature_ecdsaNistP256( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(int2oct(0, 32)), + int2oct(0, 32) + ) + ) + ) + )); + // Prepare mandatory headers + //log("f_buildGnSecuredCam: p_signerIdentifierType=", p_signerIdentifierType); + if (ischosen(p_signerIdentifierType.digest)) { // Add the AT certificate digest + if (ischosen(v_atCertificate.issuer.sha256AndDigest)) { + p_securedMessage.content.signedData.hashId := sha256; + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( + f_calculateDigestSha256FromCertificate(v_atCertificate) + )); + } else if (ischosen(v_atCertificate.issuer.sha384AndDigest)) { + p_securedMessage.content.signedData.hashId := sha384; + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_digest( + f_calculateDigestSha384FromCertificate(v_atCertificate) + )); + } + } + if (ispresent(v_atCertificate.signature_)) { + if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP256r1Signature)) { + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP256r1( + m_ecdsaP256Signature( + m_eccP256CurvePoint_x_only(int2oct(0, 32)), + int2oct(0, 32) + ) + )); + } else if (ischosen(v_atCertificate.signature_.ecdsaBrainpoolP384r1Signature)) { + p_securedMessage.content.signedData.signature_ := valueof(m_signature_ecdsaBrainpoolP384r1( + m_ecdsaP384Signature( + m_eccP384CurvePoint_x_only(int2oct(0, 48)), + int2oct(0, 48) + ) + )); + } // else, m_signature_ecdsaNistP256 already chosen by default + } + log("f_buildGnSecuredDenm_Bo: p_securedMessage = ", p_securedMessage); + + // Alter protocolVersion + p_securedMessage.protocolVersion := p_protocolVersion; + // Alter psid + if (p_alter_psid == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.psid := 99; + } + // Remove generationLocation + if (p_remove_generation_location == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.generationLocation := omit; + } + if (p_add_expiry_time == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.expiryTime := f_getCurrentTimeUtc() + 3600; + } + if (p_add_p2pcd_learning_request == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.p2pcdLearningRequest := 'CAFEDE'O; + } + if (p_add_missing_crl_identifier == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.missingCrlIdentifier := { + cracaId := 'CAFEDE'O, + crlSeries := 0 + }; + } + if (p_add_encryption_key == true) { + p_securedMessage.content.signedData.tbsData.headerInfo.encryptionKey := valueof( + m_encryptionKey_public( + m_encryptionKey( + -, + m_publicEncryptionKey_eciesNistP256( + m_eccP256CurvePoint_x_only(int2oct(5096, 32)) + )))); + } + if (p_alter_signature_algorithm == true) { + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature)) { + // Change it in to Brainpool P256r1 + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature := valueof(m_ecdsaSignature( + p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.rSig, + p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.sSig + )); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { + // Change it in to NistP256 + p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature := valueof(m_ecdsaSignature( + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.rSig, + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig + )); + } else { + var EccP256CurvePoint r_sig; + // Change it in to Brainpool P256r1 + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.compressed_y_0)) { + r_sig := valueof(m_eccP256CurvePoint_compressed_y_0(str2oct(substr(oct2str(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.compressed_y_0), 0, 32 * 2)))); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.compressed_y_1)) { + r_sig := valueof(m_eccP256CurvePoint_compressed_y_1(str2oct(substr(oct2str(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.compressed_y_1), 0, 32 * 2)))); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.x_only)) { + r_sig := valueof(m_eccP256CurvePoint_x_only(str2oct(substr(oct2str(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.x_only), 0, 32 * 2)))); + } else { + // TODO + log("f_buildGnSecuredDenm_Bo: Unsupported signature variant"); + } + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature := valueof(m_ecdsaSignature( + r_sig, + str2oct(substr(oct2str(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig), 0, 32 * 2)) + )); + } + } + if (p_alter_signer_identifier == true) { + p_securedMessage.content.signedData.signer := valueof(m_signerIdentifier_self); + } + if (p_alter_signature == true) { + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature)) { + p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.sSig := not4b(valueof(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.sSig)); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig := not4b(valueof(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig)); + } else { + p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig := not4b(valueof(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig)); + } + } + return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField); + } // End of function f_buildGnSecuredDenm_Bo + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process + * @param p_securedMessage The signed SecureMessage part + * @param p_payloadField Payloads to be included in the message + * @param p_signerIdentifierType Add digest or AT certificate or certificate chain + * @param p_threeDLocation The 3D location + * @param p_headerInfo HeaderInfo to be inserted in the message + * @param p_certificateName The certificate identifier to be used. Default: TA_CERT_A + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerInfo + * @return true on success, false otherwise + */ + function f_buildGnSecuredOtherMessage( + inout EtsiTs103097Data p_securedMessage, + in ToBeSignedData p_payloadField, + in SignerIdentifier p_signerIdentifierType, // FIXME To be reviewed + in ThreeDLocation p_threeDLocation, + in template (omit) HeaderInfo p_headerInfo := omit, + in charstring p_certificateName := "", + in boolean p_addMissingHeaders := true + ) runs on ItsSecurityBaseComponent return boolean { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_signerInfo; + + // Load certificates if required + if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { + return false; + } + + // Add additional headers if required + /* FIXME To be reviewed if (p_addMissingHeaders == true) { + // Prepare mandatory headers + if (valueof(p_signerIdentifierType) == e_certificate) { // Add the AT certificate + v_signerInfo := valueof( + m_header_info_signer_info( + m_signerIdentifier_certificate( + v_atCertificate + ))); + } else if (valueof(p_signerIdentifierType) == e_certificate_chain) { // Add the AT certificate + AA EtsiTs103097Certificate + v_signerInfo := valueof( + m_header_info_signer_info( + m_signerIdentifier_certificates( + { + v_aaCertificate, + v_atCertificate + } + ) + )); + } else if (valueof(p_signerIdentifierType) == e_certificate_digest_with_sha256) { // Add the AT certificate digest + v_signerInfo := valueof( + m_header_info_signer_info( + m_issuerIdentifier_sha256AndDigest( + v_atCertificate.cracaId + ))); + } + v_mandatoryHeaders := { + v_signerInfo, + valueof(m_header_info_generation_time(1000 * f_getCurrentTime())), // In us + valueof(m_header_info_generation_location(p_threeDLocation)) + } + }*/ + + // Build the secured message and return it + return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/); + } // End of function f_buildGnSecuredOtherMessage + + /** + * @desc This function build and sign the SecureMessage part covered by the signature process including wrong elements of protocols. It is used for BO test cases + * @param p_securedMessage The signed SecureMessage part + * @param p_protocolVersion The protocol version to be set. Default: 2 + * @param p_trailerStatus The Traile behaviour: + *
  • 0 for no trailer
    • + *
  • 1 for invalid trailer
    • + *
  • 2 for duplicated trailer
    • + * @param p_payloadField Payloads to be included in the message + * @param p_signerIdentifierType Add digest or AT certificate or certificate chain + * @param p_threeDLocation The 3D location + * @param p_headerInfo HeaderInfo to be inserted in the message + * @param p_certificateName The certificate identifier to be used. Default: TA_CERT_A + * @param p_addMissingHeaders Whether to add mandatory headers not present in p_headerInfo + * @return true on success, false otherwise + */ + function f_buildGnSecuredOtherMessage_Bo( + inout EtsiTs103097Data p_securedMessage, + in UInt8 p_protocolVersion := c_protocol_version, + in integer p_trailerStatus := 0, + in ToBeSignedData p_payloadField, + in SignerIdentifier p_signerIdentifierType, // FIXME To be reviewed + in ThreeDLocation p_threeDLocation, + in template (omit) HeaderInfo p_headerInfo := omit, + in charstring p_certificateName := "", + in boolean p_addMissingHeaders := true + ) runs on ItsSecurityBaseComponent return boolean { + + // Local variables + var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; + var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_signerInfo; + + // Load certificates if required + if (f_prepareCertificates(p_certificateName, v_aaCertificate, v_atCertificate) == false) { + return false; + } + + // Add additional headers if required + /* FIXME To be reviewed if (p_addMissingHeaders == true) { + // Prepare mandatory headers + if (valueof(p_signerIdentifierType) == e_certificate) { // Add the AT certificate + v_signerInfo := valueof( + m_header_info_signer_info( + m_signerIdentifier_certificate( + v_atCertificate + ))); + } else if (valueof(p_signerIdentifierType) == e_certificate_chain) { // Add the AT certificate + AA EtsiTs103097Certificate + v_signerInfo := valueof( + m_header_info_signer_info( + m_signerIdentifier_certificates( + { + v_aaCertificate, + v_atCertificate + } + ) + )); + } else if (valueof(p_signerIdentifierType) == e_certificate_digest_with_sha256) { // Add the AT certificate digest + v_signerInfo := valueof( + m_header_info_signer_info( + m_issuerIdentifier_sha256AndDigest( + v_atCertificate.cracaId + ))); + } + v_mandatoryHeaders := { + v_signerInfo, + valueof(m_header_info_generation_time(1000 * f_getCurrentTime())), // In us + valueof(m_header_info_generation_location(p_threeDLocation)) + } + }*/ + + // FIXME To be done + + // Build the secured message and return it + return f_buildGnSecuredMessage(p_securedMessage, p_certificateName, p_payloadField/*, v_mandatoryHeaders*/); + } // End of function f_buildGnSecuredOtherMessage_Bo + + } // End of group hostSignatureHelpers + + group deviceSignatureHelpers { + + /** + * @desc Retrieve the HashedId8 to be sent to the IUT, based on the provided certificate identifier + * @param p_certificateName The certificate the IUT shall use + * @return The HashedId8 to be sent to the IUT in the UtInitialize command + * @verdict Unchanged + * @remark Component variable vc_hashedId8ToBeUsed shall be set with the IUT certificate to be used + */ + function f_setupIutCertificate( + in charstring p_certificateName + ) runs on ItsSecurityBaseComponent return HashedId8 { + // Local variables + var HashedId8 v_hashedId8 := '0000000000000000'O; + + // Sanity check + if (lengthof(p_certificateName) == 0) { + return v_hashedId8; + } + + // Load certificates + if(f_getCertificateDigest(p_certificateName, v_hashedId8) == false) { + v_hashedId8 := '0000000000000000'O; + } + + return v_hashedId8; + } // End of function f_setupIutCertificate + + /** + * @desc Verify the signature of the provided certificate + * @param p_certificateToBeVerified EtsiTs103097Certificate to be verified + * @param p_publicKey Public key to verify the certificate signature + * @return true on success, false otherwise + * @verdict + */ + function f_verifyCertificateSignatureWithPublicKey( + in template (value) EtsiTs103097Certificate p_certificateToBeVerified, + in template (value) PublicVerificationKey p_publicVerificationKey + ) return boolean { + var ToBeSignedCertificate v_toBeSignedCertificate; + var octetstring v_enc_msg; + var octetstring v_signature; + var octetstring v_issuer; + + log(">>> f_verifyCertificateSignatureWithPublicKey: p_certificateToBeVerified=", p_certificateToBeVerified); + log(">>> f_verifyCertificateSignatureWithPublicKey: p_publicVerificationKey=", p_publicVerificationKey); + + // Create ToBeSignedCertificate payload to be signed + v_toBeSignedCertificate := valueof(p_certificateToBeVerified.toBeSigned); + log("f_verifyCertificateSignatureWithPublicKey: v_toBeSignedCertificate=", v_toBeSignedCertificate); + + v_enc_msg := bit2oct(encvalue(v_toBeSignedCertificate)); + log("f_verifyCertificateSignatureWithPublicKey: v_enc_msg=", v_enc_msg); + + // Verify payload + if (ischosen(p_publicVerificationKey.ecdsaBrainpoolP256r1)) { + if (ischosen(p_certificateToBeVerified.issuer.self_)) { + v_issuer := int2oct(0, 32); + } else { + var charstring v_certificate; + + if (fx_readCertificateFromDigest(valueof(p_certificateToBeVerified.issuer.sha256AndDigest), v_certificate) == false) { + log("f_verifyCertificateSignatureWithPublicKey: Invalid issuer: ", p_certificateToBeVerified.issuer.sha256AndDigest); + return false; + } + if (f_getCertificateHash(v_certificate, v_issuer) == false) { + log("f_verifyCertificateSignatureWithPublicKey: Invalid certificate: " & v_certificate); + return false; + } + } + v_signature := valueof(p_certificateToBeVerified.signature_.ecdsaBrainpoolP256r1Signature.rSig.x_only) & valueof(p_certificateToBeVerified.signature_.ecdsaBrainpoolP256r1Signature.sSig); + log("f_verifyCertificateSignatureWithPublicKey: v_signedData=", v_signature); + if (ischosen(p_publicVerificationKey.ecdsaBrainpoolP256r1.uncompressedP256)) { + return f_verifyWithEcdsaBrainpoolp256r1WithSha256_1( + v_enc_msg, + v_issuer, + v_signature, + valueof(p_publicVerificationKey.ecdsaBrainpoolP256r1.uncompressedP256.x), + valueof(p_publicVerificationKey.ecdsaBrainpoolP256r1.uncompressedP256.y) + ); + } else if (ischosen(p_publicVerificationKey.ecdsaBrainpoolP256r1.compressed_y_0)) { + return f_verifyWithEcdsaBrainpoolp256r1WithSha256( + v_enc_msg, + v_issuer, + v_signature, + valueof(p_publicVerificationKey.ecdsaBrainpoolP256r1.compressed_y_0), + 0 // Latest bit of the Y-coordinate is 0 + ); + } else if (ischosen(p_publicVerificationKey.ecdsaBrainpoolP256r1.compressed_y_1)) { + return f_verifyWithEcdsaBrainpoolp256r1WithSha256( + v_enc_msg, + v_issuer, + v_signature, + valueof(p_publicVerificationKey.ecdsaBrainpoolP256r1.compressed_y_1), + 1 // Latest bit of the Y-coordinate is 1 + ); + } else { + log("f_verifyCertificateSignatureWithPublicKey: Unknown PublicVerificationKey value"); + return false; + } + } else if (ischosen(p_publicVerificationKey.ecdsaBrainpoolP384r1)) { + if (ischosen(p_certificateToBeVerified.issuer.self_)) { + v_issuer := int2oct(0, 48); + } else { + var charstring v_certificate; + + if (fx_readCertificateFromDigest(valueof(p_certificateToBeVerified.issuer.sha384AndDigest), v_certificate) == false) { + log("f_verifyCertificateSignatureWithPublicKey: Invalid issuer: ", p_certificateToBeVerified.issuer.sha384AndDigest); + return false; + } + if (f_getCertificateHash(v_certificate, v_issuer) == false) { + log("f_verifyCertificateSignatureWithPublicKey: Invalid certificate: " & v_certificate); + return false; + } + } + v_signature := valueof(p_certificateToBeVerified.signature_.ecdsaBrainpoolP384r1Signature.rSig.x_only) & valueof(p_certificateToBeVerified.signature_.ecdsaBrainpoolP384r1Signature.sSig); + log("f_verifyCertificateSignatureWithPublicKey: v_signedData=", v_signature); + if (ischosen(p_publicVerificationKey.ecdsaBrainpoolP384r1.uncompressedP384)) { + return f_verifyWithEcdsaBrainpoolp384r1WithSha384_1( + v_enc_msg, + v_issuer, + v_signature, + valueof(p_publicVerificationKey.ecdsaBrainpoolP384r1.uncompressedP384.x), + valueof(p_publicVerificationKey.ecdsaBrainpoolP384r1.uncompressedP384.y) + ); + } else if (ischosen(p_publicVerificationKey.ecdsaBrainpoolP384r1.compressed_y_0)) { + return f_verifyWithEcdsaBrainpoolp384r1WithSha384( + v_enc_msg, + v_issuer, + v_signature, + valueof(p_publicVerificationKey.ecdsaBrainpoolP384r1.compressed_y_0), + 0 // Latest bit of the Y-coordinate is 0 + ); + } else if (ischosen(p_publicVerificationKey.ecdsaBrainpoolP384r1.compressed_y_1)) { + return f_verifyWithEcdsaBrainpoolp384r1WithSha384( + v_enc_msg, + v_issuer, + v_signature, + valueof(p_publicVerificationKey.ecdsaBrainpoolP384r1.compressed_y_1), + 1 // Latest bit of the Y-coordinate is 1 + ); + } else { + log("f_verifyCertificateSignatureWithPublicKey: Unknown PublicVerificationKey value"); + return false; + } + } else if (ischosen(p_publicVerificationKey.ecdsaNistP256)) { + if (ischosen(p_certificateToBeVerified.issuer.self_)) { + v_issuer := int2oct(0, 32); + } else { + var charstring v_certificate; + + if (fx_readCertificateFromDigest(valueof(p_certificateToBeVerified.issuer.sha256AndDigest), v_certificate) == false) { + log("f_verifyCertificateSignatureWithPublicKey: Invalid issuer: ", p_certificateToBeVerified.issuer.sha256AndDigest); + return false; + } + if (f_getCertificateHash(v_certificate, v_issuer) == false) { + log("f_verifyCertificateSignatureWithPublicKey: Invalid certificate: " & v_certificate); + return false; + } + } + v_signature := valueof(p_certificateToBeVerified.signature_.ecdsaNistP256Signature.rSig.x_only) & valueof(p_certificateToBeVerified.signature_.ecdsaNistP256Signature.sSig); + log("f_verifyCertificateSignatureWithPublicKey: v_signedData=", v_signature); + if (ischosen(p_publicVerificationKey.ecdsaNistP256.uncompressedP256)) { + return f_verifyWithEcdsaNistp256WithSha256_1( + v_enc_msg, + v_issuer, + v_signature, + valueof(p_publicVerificationKey.ecdsaNistP256.uncompressedP256.x), + valueof(p_publicVerificationKey.ecdsaNistP256.uncompressedP256.y) + ); + } else if (ischosen(p_publicVerificationKey.ecdsaNistP256.compressed_y_0)) { + return f_verifyWithEcdsaNistp256WithSha256( + v_enc_msg, + v_issuer, + v_signature, + valueof(p_publicVerificationKey.ecdsaNistP256.compressed_y_0), + 0 // Latest bit of the Y-coordinate is 0 + ); + } else if (ischosen(p_publicVerificationKey.ecdsaNistP256.compressed_y_1)) { + return f_verifyWithEcdsaNistp256WithSha256( + v_enc_msg, + v_issuer, + v_signature, + valueof(p_publicVerificationKey.ecdsaNistP256.compressed_y_1), + 1 // Latest bit of the Y-coordinate is 1 + ); + } else { + log("f_verifyCertificateSignatureWithPublicKey: Unknown PublicVerificationKey value"); + return false; + } + } + + return false; + } // End of finction f_verifyCertificateSignatureWithPublicKey + + /** + * @desc Verify the signature of the provided secured message + * @param p_certificateToBeVerified EtsiTs103097Certificate to be verified + * @param p_issuingCertificate Issuing certificate + * @return true on success, false otherwise + * @verdict + */ + function f_verifyCertificateSignatureWithIssuingCertificate( + in template (value) EtsiTs103097Certificate p_certificateToBeVerified, + in template (value) EtsiTs103097Certificate p_issuingCertificate + ) return boolean { + + // Sanity checks + if (not(ischosen(p_issuingCertificate.toBeSigned.verifyKeyIndicator.verificationKey))) { + return false; + } + return f_verifyCertificateSignatureWithPublicKey( + p_certificateToBeVerified, + p_issuingCertificate.toBeSigned.verifyKeyIndicator.verificationKey + ); + } // End of function f_verifyCertificateSignatureWithIssuingCertificate + + /** + * @desc Verify the signature of the provided secured message for ECDSA Nist-P256 algorithm + * @param p_securedMessage The message to be verified + * @param p_publicKey The ECDSA public key to verify a signature + * @param p_certificate EtsiTs103097Certificate to be used to verify the message + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_verifyGnSecuredMessageSignature_ecdsaNistP256( + in template (value) Ieee1609Dot2Data p_securedMessage, + in template (value) Oct32 p_certificateIssuer, + in template (value) EccP256CurvePoint p_publicKey + ) return boolean { + + // Local variables + var octetstring v_secPayload; + var octetstring v_signedData; + var boolean v_result := false; + var template (value) ToBeSignedData v_toBeSignedData; + + log(">>> f_verifyGnSecuredMessageSignature_ecdsaNistP256: p_securedMessage= ", p_securedMessage); + log(">>> f_verifyGnSecuredMessageSignature_ecdsaNistP256: p_certificateIssuer= ", p_certificateIssuer); + log(">>> f_verifyGnSecuredMessageSignature_ecdsaNistP256: p_publicKey= ", p_publicKey); + + // Create Ieee1609Dot2Data payload to be signed + v_toBeSignedData := valueof(p_securedMessage.content.signedData.tbsData); + log("f_verifyGnSecuredMessageSignature_ecdsaNistP256: v_toBeSignedData=", p_securedMessage.content.signedData.tbsData); + + v_secPayload := bit2oct(encvalue(v_toBeSignedData)); + log("f_verifyGnSecuredMessageSignature_ecdsaNistP256: v_secPayload=", v_secPayload); + + // Verify payload + + // TODO Check in standard if x-only only + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.rSig.x_only)) { + v_signedData := valueof(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.rSig.x_only) & valueof(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.sSig); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.rSig.compressed_y_0)) { + v_signedData := valueof(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.rSig.compressed_y_0) & valueof(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.sSig); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.rSig.compressed_y_1)) { + v_signedData := valueof(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.rSig.compressed_y_1) & valueof(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature.sSig); + } + log("f_verifyGnSecuredMessageSignature_ecdsaNistP256: v_signedData=", v_signedData); + if (ischosen(p_publicKey.uncompressedP256)) { + v_result := f_verifyWithEcdsaNistp256WithSha256_1( + v_secPayload, + valueof(p_certificateIssuer), + v_signedData, + valueof(p_publicKey.uncompressedP256.x), + valueof(p_publicKey.uncompressedP256.y) + ); + } else if (ischosen(p_publicKey.compressed_y_0)) { + v_result := f_verifyWithEcdsaNistp256WithSha256( + v_secPayload, + valueof(p_certificateIssuer), + v_signedData, + valueof(p_publicKey.compressed_y_0), + 0 + ); + } else if (ischosen(p_publicKey.compressed_y_1)) { + v_result := f_verifyWithEcdsaNistp256WithSha256( + v_secPayload, + valueof(p_certificateIssuer), + v_signedData, + valueof(p_publicKey.compressed_y_1), + 1 + ); + } + + log("f_verifyGnSecuredMessageSignature_ecdsaNistP256: v_result=", v_result); + return v_result; + } // End of function f_verifyGnSecuredMessageSignature_ecdsaNistP256 + + /** + * @desc Verify the signature of the provided secured message for ECDSA Brainpool-P256 algorithm + * @param p_securedMessage The message to be verified + * @param p_publicKey The ECDSA public key to verify a signature + * @param p_certificate EtsiTs103097Certificate to be used to verify the message + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1( + in template (value) Ieee1609Dot2Data p_securedMessage, + in template (value) Oct32 p_certificateIssuer, + in template (value) EccP256CurvePoint p_publicKey + ) return boolean { + + // Local variables + var octetstring v_secPayload; + var octetstring v_signedData; + var boolean v_result := false; + var template (value) ToBeSignedData v_toBeSignedData; + + log(">>> f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1: p_securedMessage= ", p_securedMessage); + log(">>> f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1: p_certificateIssuer= ", p_certificateIssuer); + log(">>> f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1: p_publicKey= ", p_publicKey); + + // Create Ieee1609Dot2Data payload to be signed + v_toBeSignedData := valueof(p_securedMessage.content.signedData.tbsData); + log("f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1: v_toBeSignedData=", p_securedMessage.content.signedData.tbsData); + + v_secPayload := bit2oct(encvalue(v_toBeSignedData)); + log("f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1: v_secPayload=", v_secPayload); + + // Verify payload + v_signedData := valueof(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.rSig.x_only) & valueof(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature.sSig); + log("f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1: v_signedData=", v_signedData); + if (ischosen(p_publicKey.uncompressedP256)) { + v_result := f_verifyWithEcdsaBrainpoolp256r1WithSha256_1( + v_secPayload, + valueof(p_certificateIssuer), + v_signedData, + valueof(p_publicKey.uncompressedP256.x), + valueof(p_publicKey.uncompressedP256.y) + ); + } else if (ischosen(p_publicKey.compressed_y_0)) { + v_result := f_verifyWithEcdsaBrainpoolp256r1WithSha256( + v_secPayload, + valueof(p_certificateIssuer), + v_signedData, + valueof(p_publicKey.compressed_y_0), + 0 + ); + } else if (ischosen(p_publicKey.compressed_y_1)) { + v_result := f_verifyWithEcdsaBrainpoolp256r1WithSha256( + v_secPayload, + valueof(p_certificateIssuer), + v_signedData, + valueof(p_publicKey.compressed_y_1), + 1 + ); + } + + log("f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1: v_result=", v_result); + return v_result; + } // End of function f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1 + + /** + * @desc Verify the signature of the provided secured message for ECDSA Brainpool-P384 algorithm + * @param p_securedMessage The message to be verified + * @param p_publicKey The ECDSA public key to verify a signature + * @param p_certificate EtsiTs103097Certificate to be used to verify the message + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1( + in template (value) Ieee1609Dot2Data p_securedMessage, + in template (value) Oct48 p_certificateIssuer, + in template (value) EccP384CurvePoint p_publicKey + ) return boolean { + + // Local variables + var octetstring v_secPayload; + var octetstring v_signedData; + var boolean v_result := false; + var template (value) ToBeSignedData v_toBeSignedData; + + log(">>> f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1: p_securedMessage= ", p_securedMessage); + log(">>> f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1: p_certificateIssuer= ", p_certificateIssuer); + log(">>> f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1: p_publicKey= ", p_publicKey); + + // Create Ieee1609Dot2Data payload to be signed + v_toBeSignedData := valueof(p_securedMessage.content.signedData.tbsData); + log("f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1: v_toBeSignedData=", p_securedMessage.content.signedData.tbsData); + + v_secPayload := bit2oct(encvalue(v_toBeSignedData)); + log("f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1: v_secPayload=", v_secPayload); + + // Verify payload + v_signedData := valueof(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.rSig.x_only) & valueof(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature.sSig); + log("f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1: v_signedData=", v_signedData); + if (ischosen(p_publicKey.uncompressedP384)) { + v_result := f_verifyWithEcdsaBrainpoolp384r1WithSha384_1( + v_secPayload, + valueof(p_certificateIssuer), + v_signedData, + valueof(p_publicKey.uncompressedP384.x), + valueof(p_publicKey.uncompressedP384.y) + ); + } else if (ischosen(p_publicKey.compressed_y_0)) { + v_result := f_verifyWithEcdsaBrainpoolp384r1WithSha384( + v_secPayload, + valueof(p_certificateIssuer), + v_signedData, + valueof(p_publicKey.compressed_y_0), + 0 + ); + } else if (ischosen(p_publicKey.compressed_y_1)) { + v_result := f_verifyWithEcdsaBrainpoolp384r1WithSha384( + v_secPayload, + valueof(p_certificateIssuer), + v_signedData, + valueof(p_publicKey.compressed_y_1), + 1 + ); + } + + log("f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1: v_result=", v_result); + return v_result; + } // End of function f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1 + + /** + * @desc Verify the signature of the provided secured message + * @param p_securedMessage + * @param p_certificate EtsiTs103097Certificate to be used to verify the message + * @return true on success, false otherwise + * @verdict + */ + function f_verifyGnSecuredMessageSignatureWithCertificate( + in template (value) Ieee1609Dot2Data p_securedMessage, + in template (value) charstring p_certificate_id, + in template (value) EtsiTs103097Certificate p_certificate + + ) return boolean { + var octetstring v_issuer; + var EtsiTs103097Certificate v_certificate; + + log(">>> f_verifyGnSecuredMessageSignatureWithCertificate: p_securedMessage=", p_securedMessage); + log(">>> f_verifyGnSecuredMessageSignatureWithCertificate: p_certificate_id=", p_certificate_id); + log(">>> f_verifyGnSecuredMessageSignatureWithCertificate: p_certificate=", p_certificate); + + if (f_getCertificateHash(valueof(p_certificate_id), v_issuer) == false) { + log("f_verifyCertificateSignatureWithPublicKey: Invalid certificate id: " & valueof(p_certificate_id)); + return false; + } + if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP256r1Signature)) { + return f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP256r1(p_securedMessage, v_issuer, p_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP256r1); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaBrainpoolP384r1Signature)) { + return f_verifyGnSecuredMessageSignature_ecdsaBrainpoolP384r1(p_securedMessage, v_issuer, p_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1); + } else if (ischosen(p_securedMessage.content.signedData.signature_.ecdsaNistP256Signature)) { + return f_verifyGnSecuredMessageSignature_ecdsaNistP256(p_securedMessage, v_issuer, p_certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaNistP256); + } + + return false; + } // End of function f_verifyGnSecuredOtherMessageWithDeviceCertificate + + } // End of group deviceSignatureHelpers + + group sspPermissions { + + function f_verifySspPermissions( + in SequenceOfPsidSsp p_issuer_ssp_permissions, + in SequenceOfPsidSsp p_subordinate_ssp_permissions, + in boolean p_strict_checks := false + ) return boolean { + // Local variables + var integer v_idx := 0; + + log(">>> f_verifySspPermissions: p_issuer_ssp_permissions:", p_issuer_ssp_permissions); + log(">>> f_verifySspPermissions: p_subordinate_ssp_permissions: ", p_subordinate_ssp_permissions); + + for (v_idx := 0; v_idx < lengthof(p_issuer_ssp_permissions); v_idx := v_idx + 1) { + var PsidSsp v_issuerPsidSsp := p_issuer_ssp_permissions[v_idx]; + var PsidSsp v_subordinatePsidSsp; + var boolean v_found := false; + var integer v_jdx := 0; + log("f_verifySspPermissions: v_issuerPsidSsp: ", v_issuerPsidSsp); + // 1. Check permission from issuer is present + for (v_jdx := 0; v_jdx < lengthof(p_subordinate_ssp_permissions); v_jdx := v_jdx + 1) { + log("f_verifySspPermissions: match=", match(v_issuerPsidSsp, m_appPermissions(p_subordinate_ssp_permissions[v_jdx].psid, p_subordinate_ssp_permissions[v_jdx].ssp))); + // 1. Check the version + if (p_subordinate_ssp_permissions[v_jdx].ssp.bitmapSsp[0] != '01'O) { + log("f_verifySspPermissions: Wrong SSP version control (1 is expected): ", p_subordinate_ssp_permissions[v_jdx].ssp.bitmapSsp[0]); + return false; + } + // 2. Check the version + if (match(v_issuerPsidSsp, m_appPermissions(p_subordinate_ssp_permissions[v_jdx].psid, p_subordinate_ssp_permissions[v_jdx].ssp)) == true) { + v_subordinatePsidSsp := p_subordinate_ssp_permissions[v_jdx]; + v_found := true; + break; + } + } // End of 'for' statement + if (v_found == false) { + log("f_verifySspPermissions: Permission set not found: ", v_issuerPsidSsp); + if (p_strict_checks == true) { + return false; + } else { + return true; + } + } + // 2. Validate bits mask + if (ispresent(v_issuerPsidSsp.ssp)) { + if (ispresent(v_subordinatePsidSsp.ssp) == false) { + log("f_verifySspPermissions: Ssp shall not be omitted: ", v_issuerPsidSsp); + if (p_strict_checks == true) { + return false; + } + } + if ((ischosen(v_issuerPsidSsp.ssp.bitmapSsp) == false) or (ischosen(v_subordinatePsidSsp.ssp.bitmapSsp) == false)) { + log("f_verifySspPermissions: Wrong variant : ", v_issuerPsidSsp, " / ", v_subordinatePsidSsp); + if (p_strict_checks == true) { + return false; + } + } + if (lengthof(v_issuerPsidSsp.ssp.bitmapSsp) < lengthof(v_subordinatePsidSsp.ssp.bitmapSsp)) { + log("f_verifySspPermissions: Ssp not be compliant: ", v_issuerPsidSsp.ssp, " / ", v_subordinatePsidSsp.ssp); + if (p_strict_checks == true) { + return false; + } + } else { + var charstring v_issuerSsp := bit2str(oct2bit(v_issuerPsidSsp.ssp.bitmapSsp)); + var charstring v_subordinateSsp := bit2str(oct2bit(v_subordinatePsidSsp.ssp.bitmapSsp)); + + for (var integer i := 0; i < lengthof(v_issuerSsp); i := i + 1) { + if (v_issuerSsp[i] == "1") { // TODO How to check Permission using SspBitmask/SspValue + if (v_subordinateSsp[i] != "1") { + log("f_verifySspPermissions: Ssp bitmask mismatch at index: ", i); + return false; + } + } // else, no restriction, subordinate certificate can have any value. + } // End of 'for' statement + } + } + } // End of 'for' statement + + return true; + } // End of function f_verifySspPermissions + + } // End of group sspPermissions + + group messageGetters { + + /** + * @desc return Ieee1609Dot2Data header field of given type or null if none + * @param p_msg the Ieee1609Dot2Data + * @param p_type header field type + * @return HeaderInfo of given type if any or null + */ + function f_getMsgHeaderInfo( + in template(omit) Ieee1609Dot2Data p_securedMessage, + out HeaderInfo p_return + ) return boolean { + var integer v_length; + var Ieee1609Dot2Data v_securedMessage; + + if (not isvalue(p_securedMessage)) { + testcase.stop(__SCOPE__ & " can not handle omitted secured message values"); + } + v_securedMessage := valueof(p_securedMessage); + if (ischosen(v_securedMessage.content.signedData)) { + p_return := v_securedMessage.content.signedData.tbsData.headerInfo; + return true; + } + + log("f_getMsgHeaderField: return false"); + return false; + } + + /** + * @desc return SignerIdentifier Ieee1609Dot2Data field + */ + function f_getMsgSignerIdentifier ( + in template(omit) Ieee1609Dot2Data p_securedMessage, + out SignerIdentifier p_signerIdentifier + ) return boolean { + if (not isvalue(p_securedMessage)) { + testcase.stop(__SCOPE__ & " can not handle omitted secured message values"); + } + + if (ischosen(p_securedMessage.content.signedData)) { + p_signerIdentifier := valueof(p_securedMessage.content.signedData.signer); + return true; + } + + log("f_getMsgSignerIdentifier: return false"); + return false; + } + + } // End of group messageGetters + + group certificateGetters { + + /** + * @desc Set the generation location as defined in Draft ETSI TS 103 097 V1.1.14 Clause 7.2 Security profile for DENMs + * @param p_latitude The latitude value of the ITS-S position + * @param p_longitude The longitude value of the ITS-S position + * @param p_elevation The elevation value of the ITS-S position + * @verdict Unchanged + */ + function f_setGenerationLocation( + in SecLatitude p_latitude, + in SecLongitude p_longitude, + in SecElevation p_elevation := 0 + ) runs on ItsSecurityBaseComponent { + vc_location := { + p_latitude, + p_longitude, + p_elevation + } + } // End of function f_setGenerationLocation + + /** + * @desc Load in memory cache the certificates available + * @param p_configId A configuration identifier + * @remark This method SHALL be call before any usage of certificates + * @return true on success, false otherwise + */ + function f_loadCertificates( + in charstring p_configId + ) runs on ItsSecurityBaseComponent return boolean { + var charstring v_certificate_id; + + // Setup certificates memory cache + if (fx_loadCertificates(PX_CERTIFICATE_POOL_PATH, p_configId) == true) { + // Setup security component variables + if (f_readCertificate(PX_CERT_FOR_TS, vc_atCertificate) == true) { + var HashedId8 v_issuer; +// log("Issuer: ", vc_atCertificate.issuer); + if (ischosen(vc_atCertificate.issuer.sha256AndDigest)) { + v_issuer := vc_atCertificate.issuer.sha256AndDigest; + } else if (ischosen(vc_atCertificate.issuer.sha384AndDigest)) { + v_issuer := vc_atCertificate.issuer.sha384AndDigest; + } else { + log("AT certificate cannot be issued by CA"); + return false; + } + log("Selected issuer: ", v_issuer); + if (f_getCertificateFromDigest(v_issuer, vc_aaCertificate, v_certificate_id)) { + if (f_readSigningKey(cc_taCert_A, vc_signingPrivateKey) == true) { + f_readEncryptingKey(cc_taCert_A, vc_encryptPrivateKey); + return true; + } + log("f_loadCertificates: Failed to load signing key for ", cc_taCert_A); + } else { + log("f_loadCertificates: Failed to load AA certificate for ", cc_taCert_A); + } + } else { + log("f_loadCertificates: Failed to load AT certificate for ", cc_taCert_A); + } + } else { + log("f_loadCertificates: Failed to load certificates from ", PX_CERTIFICATE_POOL_PATH); + } + return false; + } // End of function f_loadCertificates + + /** + * @desc Unload from memory cache the certificates available + * @return true on success, false otherwise + */ + function f_unloadCertificates() runs on ItsSecurityBaseComponent return boolean { + // Reset security component variables + vc_signingPrivateKey := ''O; + vc_encryptPrivateKey := ''O; + // Clear certificates memory cache + return fx_unloadCertificates(); + } // End of function f_unloadCertificates + + /** + * @desc Read the specified certificate + * @param p_certificate_id the certificate identifier + * @param p_certificate the expected certificate + * @return true on success, false otherwise + */ + function f_readCertificate( + in charstring p_certificate_id, + out EtsiTs103097Certificate p_certificate + ) return boolean { + var octetstring v_certificate; + + if (fx_readCertificate(p_certificate_id, v_certificate) == true) { + var bitstring v_oct2bit; + var integer v_result; + + v_oct2bit := oct2bit(v_certificate); + v_result := decvalue(v_oct2bit, p_certificate); + if (v_result == 0) { + return true; + } + } + + log("f_readCertificate: Failed to retrieve ", p_certificate_id); + return false; + } // End of function f_readCertificate + + /** + * @desc Read the specified certificate + * @param p_certificate_id the certificate identifier + * @param p_digest the digest of the certificate + * @return true on success, false otherwise + */ + function f_getCertificateDigest( + in charstring p_certificate_id, + out HashedId8 p_digest + ) return boolean { + if (not fx_readCertificateDigest(p_certificate_id, p_digest)){ + log("f_getCertificateDigest: Failed to retrieve digest for ", p_certificate_id); + return false; + } + return true; + } // End of function f_getCertificateDigest + + /** + * @desc Read the whole-hash of the certificate + * @param p_certificate_id the certificate identifier + * @param p_hash the whole-hash of the certificate + * @return true on success, false otherwise + */ + function f_getCertificateHash( + in charstring p_certificate_id, + out octetstring p_hash + ) return boolean { + log(">>> f_getCertificateHash: ", p_certificate_id); + + if (not fx_readCertificateHash(p_certificate_id, p_hash)){ + log("f_getCertificateHash: Failed to retrieve digest for ", p_certificate_id); + return false; + } + return true; + } // End of function f_getCertificateHash + + /** + * @desc Read the whole-hash of the certificate SHA 256 + * @param p_certificate_id the certificate identifier + * @param p_hash the whole-hash of the certificate using SHA 256 + * @return true on success, false otherwise + */ + function f_getCertificateHash256( + in charstring p_certificate_id, + out Oct32 p_hash + ) return boolean { + if (not fx_readCertificateHash256(p_certificate_id, p_hash)){ + log("f_getCertificateHash256: Failed to retrieve digest for ", p_certificate_id); + return false; + } + return true; + } // End of function f_getCertificateHash256 + + function f_getCertificateFromDigest( + in HashedId8 p_digest, + out EtsiTs103097Certificate p_certificate, + out charstring p_certificate_id + ) return boolean { + if (not(fx_readCertificateFromDigest(p_digest, p_certificate_id))) { + log("f_getCertificateFromDigest: Failed to retrieve digest for ", p_digest); + return false; + } + if (not(f_readCertificate(p_certificate_id, p_certificate))) { + log("f_getCertificateFromDigest: Failed to retrieve digest for ", p_certificate_id); + return false; + } + return true; + } // End of function f_getCertificateFromDigest + + function f_getCertificateFromHashedId3( + in HashedId3 p_digest, + out EtsiTs103097Certificate p_certificate + ) return boolean { + var charstring v_certificate_id; + if (not(fx_readCertificateFromHashedId3(p_digest, v_certificate_id))) { + log("f_getCertificateFromHashedId3: Failed to retrieve digest for ", p_digest); + return false; + } + if (not(f_readCertificate(v_certificate_id, p_certificate))) { + log("f_getCertificateFromHashedId3: Failed to retrieve digest for ", v_certificate_id); + return false; + } + return true; + } // End of function f_getCertificateFromHashedId3 + + function f_getCertificateIssuer( + in IssuerIdentifier p_issuer + ) return HashedId8 { + if (ischosen(p_issuer.sha256AndDigest)) { + return p_issuer.sha256AndDigest; + } else if (ischosen(p_issuer.sha256AndDigest)) { + return p_issuer.sha256AndDigest; + } + return int2oct(0, 8); + } + + function f_getHashAlgorithm( + in IssuerIdentifier p_issuer + ) return HashAlgorithm { + if (ischosen(p_issuer.sha256AndDigest)) { + return sha256; + } else if (ischosen(p_issuer.sha256AndDigest)) { + return sha384; + } + return p_issuer.self_; + } + + /** + * @desc Read the signing private key for the specified certificate + * @param p_keysId the keys identifier + * @param p_signingPrivateKey the signing private key + * @return true on success, false otherwise + */ + function f_readSigningKey( + in charstring p_keysId, + out Oct32 p_signingPrivateKey + ) return boolean { + return fx_readSigningKey(p_keysId, p_signingPrivateKey); + } // End of function f_readSigningKey + + /** + * @desc Read the encrypting private keys for the specified certificate + * @param p_keysId the keys identifier + * @param p_encryptPrivateKey the encrypt private key + * @return true on success, false otherwise + */ + function f_readEncryptingKey( + in charstring p_keysId, + out Oct32 p_encryptPrivateKey + ) return boolean { + return fx_readEncryptingKey(p_keysId, p_encryptPrivateKey); + } // End of function f_readEncryptingKey + + function f_getCertificateValidityRestriction( + in template (value) EtsiTs103097Certificate p_cert, + out template (value) ValidityPeriod p_validityPeriod, + out template (omit) GeographicRegion p_geographicRegion + ) return boolean { + p_validityPeriod := valueof(p_cert.toBeSigned.validityPeriod); + if (ispresent(p_cert.toBeSigned.region)) { + p_geographicRegion := valueof(p_cert.toBeSigned.region); + } else { + p_geographicRegion := omit; + } + return true; + } // End of function f_getCertificateValidityRestriction + + }// End of group certificateGetters + + group certificatesCaching { + + function f_createCertificatesCaching( + in SequenceOfCertificate p_certificates, + out CertificatesCaching p_certificatesCaching + ) return boolean { + p_certificatesCaching := { }; + for (var integer v_counter := 0; v_counter < lengthof(p_certificates); v_counter := v_counter + 1) { + var CertificatesCachingItem v_item; + v_item.certificate := p_certificates[v_counter]; + v_item.hashedId8 := f_calculateDigestSha256FromCertificate(v_item.certificate); + p_certificatesCaching[v_counter] := v_item; + } // End of 'for' statement + + return true; + } + + function f_getCertificateFromCaching( + in CertificatesCaching p_certificatesCaching, + in HashedId8 p_hashedId8, + out EtsiTs103097Certificate p_certificate + ) return boolean { + for (var integer v_counter := 0; v_counter < lengthof(p_certificatesCaching); v_counter := v_counter + 1) { + if (match(p_certificatesCaching[v_counter].hashedId8, p_hashedId8) == true) { + p_certificate := p_certificatesCaching[v_counter].certificate; + return true; + } + } // End of 'for' statement + + return false; + } + + function f_getCertificatesCachingItem( + in CertificatesCaching p_certificatesCaching, + in UInt8 p_index, + out EtsiTs103097Certificate p_certificate + ) return boolean { + if (lengthof(p_certificatesCaching) < p_index) { + p_certificate := p_certificatesCaching[p_index].certificate; + return true; + } + + return false; + } + + function f_getCertificatesCachingItemSize( + in CertificatesCaching p_certificatesCaching + ) return UInt8 { + return lengthof(p_certificatesCaching); + } + + }// End of group certificatesCaching + + + } // End of group helpersFunctions + + group externalFunctions { + + group signing { + + /** + * @desc Produces a 256-bit (32-byte) hash value + * @param p_toBeHashedData Data to be used to calculate the hash value + * @return The hash value + */ + external function fx_hashWithSha256(in octetstring p_toBeHashedData) return Oct32; + + /** + * @desc Produces a 384-bit (48-byte) hash value + * @param p_toBeHashedData Data to be used to calculate the hash value + * @return The hash value + */ + external function fx_hashWithSha384(in octetstring p_toBeHashedData) return Oct48; + + /** + * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature + * @param p_toBeSignedSecuredMessage The data to be signed + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_privateKey The private key + * @return The signature value + */ + external function fx_signWithEcdsaNistp256WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_certificateIssuer, in Oct32 p_privateKey) return octetstring; + + /** + * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature + * @param p_toBeSignedSecuredMessage The data to be signed + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_privateKey The private key for signature + * @return The signature value + */ + external function fx_signWithEcdsaBrainpoolp256r1WithSha256(in octetstring p_toBeSignedSecuredMessage, in Oct32 p_certificateIssuer, in Oct32 p_privateKey) return octetstring; + + /** + * @desc Produces a Elliptic Curve Digital Signature Algorithm (ECDSA) signature + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_privateKey The private key for signature + * @return The signature value + */ + external function fx_signWithEcdsaBrainpoolp384r1WithSha384(in octetstring p_toBeSignedSecuredMessage, in Oct48 p_certificateIssuer, in Oct48 p_privateKey) return octetstring; + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaNistp256PublicKeyCompressed The compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + external function fx_verifyWithEcdsaNistp256WithSha256(in octetstring p_toBeVerifiedData, in Oct32 p_certificateIssuer, in octetstring p_signature, in Oct32 p_ecdsaNistp256PublicKeyCompressed, in integer p_compressed_mode) return boolean; + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaNistp256PublicKeyX The public key (x coordinate) + * @param p_ecdsaNistp256PublicKeyY The public key (y coordinate) + * @return true on success, false otherwise + */ + external function fx_verifyWithEcdsaNistp256WithSha256_1(in octetstring p_toBeVerifiedData, in Oct32 p_certificateIssuer, in Oct64 p_signature, in Oct32 p_ecdsaNistp256PublicKeyX, in Oct32 p_ecdsaNistp256PublicKeyY) return boolean; + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The whole-hash issuer certificate or int2oct(0, 32) in case of self signed certificate + * @param p_signature The signature + * @param p_ecdsaBrainpoolp256PublicKeyCompressed The compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + external function fx_verifyWithEcdsaBrainpoolp256r1WithSha256(in octetstring p_toBeVerifiedData, in Oct32 p_certificateIssuer, in Oct64 p_signature, in Oct32 p_ecdsaBrainpoolp256PublicKeyCompressed, in integer p_compressed_mode) return boolean; + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The certificate issuer + * @param p_signature The signature + * @param p_ecdsaBrainpoolp256PublicKeyX The public key (x coordinate) + * @param p_ecdsaBrainpoolp256PublicKeyY The public key (y coordinate) + * @return true on success, false otherwise + */ + external function fx_verifyWithEcdsaBrainpoolp256r1WithSha256_1(in octetstring p_toBeVerifiedData, in Oct32 p_certificateIssuer, in Oct64 p_signature, in Oct32 p_ecdsaBrainpoolp256PublicKeyX, in Oct32 p_ecdsaBrainpoolp256PublicKeyY) return boolean; + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The certificate issuer + * @param p_signature The signature + * @param p_ecdsaBrainpoolp384PublicKeyCompressed The compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + external function fx_verifyWithEcdsaBrainpoolp384r1WithSha384(in octetstring p_toBeVerifiedData, in Oct48 p_certificateIssuer, in Oct96 p_signature, in Oct48 p_ecdsaBrainpoolp384PublicKeyCompressed, in integer p_compressed_mode) return boolean; + + /** + * @desc Verify the signature of the specified data + * @param p_toBeVerifiedData The data to be verified + * @param p_certificateIssuer The hash of the canonical certificate issuer + * @param p_signature The signature + * @param p_ecdsaBrainpoolp384PublicKeyX The public key (x coordinate) + * @param p_ecdsaBrainpoolp384PublicKeyY The public key (y coordinate) + * @return true on success, false otherwise + */ + external function fx_verifyWithEcdsaBrainpoolp384r1WithSha384_1(in octetstring p_toBeVerifiedData, in Oct48 p_certificateIssuer, in Oct96 p_signature, in Oct48 p_ecdsaBrainpoolp384PublicKeyX, in Oct48 p_ecdsaBrainpoolp384PublicKeyY) return boolean; + + /** + * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. + * This function should not be used by the ATS + * @param p_privateKey The new private key value + * @param p_publicKeyX The new public key value (x coordinate) + * @param p_publicKeyX The new public key value (y coordinate) + * @param p_publicKeyCompressed The compressed public keys + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + external function fx_generateKeyPair_nistp256(out Oct32 p_privateKey, out Oct32 p_publicKeyX, out Oct32 p_publicKeyY, out Oct32 p_publicKeyCompressed, out integer p_compressed_mode) return boolean; + + /** + * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. + * This function should not be used by the ATS + * @param p_privateKey The new private key value + * @param p_publicKeyX The new public key value (x coordinate) + * @param p_publicKeyX The new public key value (y coordinate) + * @param p_publicKeyCompressed The compressed public keys + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + external function fx_generateKeyPair_brainpoolp256r1(out Oct32 p_privateKey, out Oct32 p_publicKeyX, out Oct32 p_publicKeyY, out Oct32 p_publicKeyCompressed, out integer p_compressed_mode) return boolean; + + /** + * @desc Produce a new public/private key pair based on Elliptic Curve Digital Signature Algorithm (ECDSA) algorithm. + * This function should not be used by the ATS + * @param p_privateKey The new private key value + * @param p_publicKeyX The new public key value (x coordinate) + * @param p_publicKeyX The new public key value (y coordinate) + * @param p_publicKeyCompressed The compressed public keys + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @return true on success, false otherwise + */ + external function fx_generateKeyPair_brainpoolp384r1(out Oct48 p_privateKey, out Oct48 p_publicKeyX, out Oct48 p_publicKeyY, out Oct48 p_publicKeyCompressed, out integer p_compressed_mode) return boolean; + + external function fx_get_uncompressed_key_nistp256(in Oct32 p_privateKey, in Oct32 p_publicKeyCompressed, in integer p_compressed_mode, out Oct32 p_publicKeyY) return boolean; + external function fx_get_uncompressed_key_brainpoolp256r1(in Oct32 p_privateKey, in Oct32 p_publicKeyCompressed, in integer p_compressed_mode, out Oct32 p_publicKeyY) return boolean; + external function fx_get_uncompressed_key_brainpoolp384r1(in Oct48 p_privateKey, in Oct48 p_publicKeyCompressed, in integer p_compressed_mode, out Oct48 p_publicKeyY) return boolean; + + } // End of group signing + + group encryption { + + external function fx_hmac_sha256(in octetstring p_k, in octetstring p_m) return octetstring; + + /** + * @desc This function validates AES128 CCM encryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 + * @param[in] The symmetric AES 128 encryption key + * @param[in] The initial vector (aka nonce) + * @param[in] The raw payload + * @return The encrypted payload + */ + external function fx_encrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; + + /** + * @desc TThis function validates AES128 CCM encryption based on AES-GCM-256 + * @param[in] The symmetric AES 128 encryption key + * @param[in] The initial vector (aka nonce) + * @param[in] The raw payload + * @return The encrypted payload + */ + external function fx_encrypt_aes_128_gcm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; + + /** + * @desc This function validates AES128 CCM decryption based on IEEE Std 1609.2-20XX Annex D.6.1 AES-CCM-128 + * @param[in] The symmetric AES 128 encryption key + * @param[in] The initial vector (aka nonce) + * @param[in] The cyphered payload + * @return The raw payload + */ + external function fx_decrypt_aes_128_ccm_test(in octetstring p_k, in octetstring p_n, in octetstring p_pt) return octetstring; + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Nist-P256 algorithm + * @param p_toBeEncryptedSecuredMessage The data to be encrypted + * @param p_recipientsPublicKeyCompressed The Recipient's compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The encrypted message + */ + external function fx_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressed_mode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring; + + external function fx_test_encryptWithEciesNistp256WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_privateEphemeralKey, in Oct32 p_recipientPublicKeyX, in Oct32 p_recipientPublicKeyY, in octetstring p_salt, out Oct32 p_publicEphemeralKeyX, out Oct32 p_publicEphemeralKeyY, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring; + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Nist-P256 algorithm + * @param p_encryptedSecuredMessage The data to be decrypted + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The decrypted message + */ + external function fx_decryptWithEciesNistp256WithSha256(in octetstring p_encryptedSecuredMessage, in Oct32 p_privateEncKey, in Oct32 p_publicEphemeralKeyCompressed, in integer p_ephemeralKeyModeCompressed, in Oct16 p_encrypted_sym_key, in Oct16 p_authentication_vector, in Oct12 p_nonce, in Oct32 p_salt, out Oct16 p_aes_sym_enc_key) return octetstring; + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) encryption using Brainpool-P256 algorithm + * @param p_toBeEncryptedSecuredMessage The data to be encrypted + * @param p_recipientsPublicKeyCompressed The Recipient's compressed public key + * @param p_compressed_mode The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The encrypted message + */ + external function fx_encryptWithEciesBrainpoolp256r1WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_recipientsPublicKeyCompressed, in integer p_compressed_mode, in octetstring p_salt, out Oct32 p_publicEphemeralKeyCompressed, out integer p_ephemeralKeyModeCompressed, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring; + + external function fx_test_encryptWithEciesBrainpoolp256r1WithSha256(in octetstring p_toBeEncryptedSecuredMessage, in Oct32 p_privateEphemeralKey, in Oct32 p_recipientPublicKeyX, in Oct32 p_recipientPublicKeyY, in octetstring p_salt, out Oct32 p_publicEphemeralKeyX, out Oct32 p_publicEphemeralKeyY, out Oct16 p_aes_sym_key, out Oct16 p_encrypted_sym_key, out Oct16 p_authentication_vector, out Oct12 p_nonce) return octetstring; + + /** + * @desc Produces a Elliptic Curve Digital Encrytion Algorithm (ECIES) decryption using Brainpool-P256 algorithm + * @param p_encryptedSecuredMessage The data to be decrypted + * @param p_publicEphemeralKeyCompressed The generated ephemeral compressed key + * @param p_ephemeralKeyModeCompressed The compressed mode, 0 if the latest bit of Y-coordinate is 0, 1 otherwise + * @param p_encrypted_sym_key The encrypted AES 128 CCM symmetric key + * @param p_authentication_vector The tag of the AES 128 CCM symmetric key encryption + * @param p_nonce The nonce vector of the AES 128 CCM symmetric key encryption + * @return The decrypted message + */ + external function fx_decryptWithEciesBrainpoolp256r1WithSha256(in octetstring p_encryptedSecuredMessage, in Oct32 p_privateEncKey, in Oct32 p_publicEphemeralKeyCompressed, in integer p_ephemeralKeyModeCompressed, in Oct16 p_encrypted_sym_key, in Oct16 p_authentication_vector, in Oct12 p_nonce, in Oct32 p_salt, out Oct16 p_aes_sym_enc_key) return octetstring; + + } // End of group encryption + + group certificatesLoader { + + /** + * @desc Load in memory cache the certificates available in the specified directory + * @param p_rootDirectory Root directory to access to the certificates identified by the certificate ID + * @param p_configId A configuration identifier + * @remark This method SHALL be call before any usage of certificates + * @return true on success, false otherwise + */ + external function fx_loadCertificates(in charstring p_rootDirectory, in charstring p_configId) return boolean; + external function fx_store_certificate(in charstring p_cert_id, in octetstring p_cert, in octetstring p_private_key, in octetstring p_public_key_x, in octetstring p_public_key_y, in octetstring p_public_key_compressed, in integer p_public_key_compressed_mode, in octetstring p_hash, in octetstring p_hash_256, in octetstring p_hashid8, in octetstring p_issuer, in template (omit) octetstring p_private_enc_key, in template (omit) octetstring p_public_enc_key_x, in template (omit) octetstring p_public_enc_key_y, in template (omit) octetstring p_public_enc_compressed_key, in template (omit) integer p_public_enc_key_compressed_mode) return boolean; + + /** + * @desc Unload from memory cache the certificates + * @return true on success, false otherwise + */ + external function fx_unloadCertificates() return boolean; + + /** + * @desc Read the specified certificate + * @param p_certificate_id the certificate identifier + * @param p_certificate the expected certificate + * @return true on success, false otherwise + */ + external function fx_readCertificate(in charstring p_certificate_id, out octetstring p_certificate) return boolean; + + /** + * @desc Read the specified certificate digest + * @param p_certificate_id the certificate identifier + * @param p_digest the expected certificate + * @return true on success, false otherwise + */ + external function fx_readCertificateDigest(in charstring p_certificate_id, out HashedId8 p_digest) return boolean; + + /** + * @desc Read the whole-hash of the specified certificate + * @param p_certificate_id the certificate identifier + * @param p_hash the whole-hash of the certificate + * @return true on success, false otherwise + */ + external function fx_readCertificateHash(in charstring p_certificate_id, out octetstring p_hash) return boolean; + + /** + * @desc Read the whole-hash of the specified certificate using SHA 256 + * @param p_certificate_id the certificate identifier + * @param p_hash the whole-hash of the certificate + * @return true on success, false otherwise + */ + external function fx_readCertificateHash256(in charstring p_certificate_id, out Oct32 p_hash) return boolean; + + external function fx_readCertificateFromDigest(in HashedId8 p_digest, out charstring p_certificate_id) return boolean; + + external function fx_readCertificateFromHashedId3(in HashedId3 p_digest, out charstring p_certificate_id) return boolean; + + /** + * @desc Read the private keys for the specified certificate + * @param p_keysId the keys identifier + * @param p_signingPrivateKey the signing private key + * @return true on success, false otherwise + */ + + external function fx_readSigningKey(in charstring p_keysId, out Oct32 p_signingPrivateKey) return boolean; + + /** + * @desc Read the private keys for the specified certificate + * @param p_keysId the keys identifier + * @param p_encryptPrivateKey the encrypt private key + * @return true on success, false otherwise + */ + + external function fx_readEncryptingKey(in charstring p_keysId, out Oct32 p_encryptingPrivateKey) return boolean; + + } // End of group certificatesLoader + + group geodesic { + + /** + * @desc Check that given polygon doesn't have neither self-intersections nor holes. + * @param p_region Polygonal Region + * @return true on success, false otherwise + * @verdict Unchanged + */ + external function fx_isValidPolygonalRegion(in PolygonalRegion p_region) return boolean; + + /** + * @desc Check if a polygonal region is inside another one + * @param p_parent The main polygonal region + * @param p_region The polygonal region to be included + * @return true on success, false otherwise + * @verdict Unchanged + */ + external function fx_isPolygonalRegionInside(in PolygonalRegion p_parent, in PolygonalRegion p_region) return boolean; + + /** + * @desc Check that the location is inside a circular region + * @param p_region The circular region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + external function fx_isLocationInsideCircularRegion(in CircularRegion p_region, in ThreeDLocation p_location) return boolean; + + /** + * @desc Check that the location is inside a rectangular region + * @param p_region The rectangular region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + external function fx_isLocationInsideRectangularRegion(in SequenceOfRectangularRegion p_region, in ThreeDLocation p_location) return boolean; + + /** + * @desc Check that the location is inside a polygonal region + * @param p_region The polygonal region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + external function fx_isLocationInsidePolygonalRegion(in PolygonalRegion p_region, in ThreeDLocation p_location) return boolean; + + /** + * @desc Check if the location is inside an identified region + * @param p_region The identified region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + external function fx_isLocationInsideIdentifiedRegion(in IdentifiedRegion p_region, in ThreeDLocation p_location) return boolean; + + /** + * @desc Check if the location is inside an undefined region + * @param p_region The identified region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + external function fx_isLocationInsideOtherRegion(in octetstring p_region, in ThreeDLocation p_location) return boolean; + + /** + * @desc Check that p_circular_region_1 circular region is included into p_circular_region_2 circular region + * @param p_circular_region_1 Circular region 1 + * @param p_circular_region_2 Circular region 2 + * + * @return true on success, false otherwise + */ + external function fx_areCirclesInside(in CircularRegion p_circular_region_1, in CircularRegion p_circular_region_2) return boolean; + + /** + * @desc Check that p_rectanglar_region_1 rectangular region is included into p_rectanglar_region_2 rectangular region + * @param p_rectanglar_region_1 Rectangular region 1 + * @param p_rectanglar_region_2 Rectangular region 2 + * + * @return true on success, false otherwise + */ + external function fx_areRectanglesInside(in SequenceOfRectangularRegion p_rectanglar_region_1, in SequenceOfRectangularRegion p_rectanglar_region_2) return boolean; + + /** + * @desc Check that p_polygonal_region_1 polygonal region is included into p_polygonal_region_2 polygonal region + * @param p_polygonal_region_1 Polygonal region 1 + * @param p_polygonal_region_2 Polygonal region 2 + * + * @return true on success, false otherwise + */ + external function fx_arePolygonsInside(in PolygonalRegion p_polygonal_region_1, in PolygonalRegion p_polygonal_region_2) return boolean; + + /** + * @desc Convert a spacial coordinate from DMS to Dms + * @param p_degrees The degrees (D) + * @param p_minutes The minutes (M) + * @param p_seconds The seconds (S) + * @param p_latlon The latitude/longitude: (N|S|E|W) + * @return The decimal coordinate on success, 0.0, otherwise + * @verdict Unchanged + */ + external function fx_dms2dd(in Int p_degrees, in Int p_minutes, in float p_seconds, in Oct1 p_latlon) return float; + + } // End of group geodesic + + } // End of group externalFunctions + + group geometryFunctions { + + function f_checkRegionValidityRestiction( + in EtsiTs103097Certificate p_cert, + in EtsiTs103097Certificate p_cert_issuer + ) return boolean { + var ValidityPeriod v_cert_region, v_cert_issuer_region; + var boolean v_cert_issuer_region_result; + + /* FIXME To be reviewed v_cert_issuer_region_result := f_getCertificateValidityRestriction(p_cert_issuer, e_region, v_cert_issuer_region); + if (f_getCertificateValidityRestriction(p_cert, e_region, v_cert_region) == false) { + if (v_cert_issuer_region_result == true) { + if (v_cert_issuer_region.validity.region.region_type != e_none) { + return false; + } + } + } else if ( + (v_cert_issuer_region_result == true) and + (v_cert_issuer_region.validity.region.region_type != e_none) + ) { + if (v_cert_region.validity.region.region_type == e_circle) { + if (v_cert_issuer_region.validity.region.region_type == e_circle) { + // Check v_cert_region 'circle' is inside v_cert_issuer_region 'circle' + if (f_areCirclesInside(v_cert_region.validity.region.region.circular_region, v_cert_issuer_region.validity.region.region.circular_region) == false) { + log("*** " & testcasename() & ": FAIL: Issuer and issuing certificates circle area does not match ***"); + return false; + } + } + } else if (v_cert_region.validity.region.region_type == e_rectangle) { + if (v_cert_issuer_region.validity.region.region_type == e_rectangle) { + // Check v_cert_region 'rectangle' is inside v_cert_issuer_region 'rectangle' + if (f_areRectanglesInside(v_cert_region.validity.region.region.rectangular_region, v_cert_issuer_region.validity.region.region.rectangular_region) == false) { + log("*** " & testcasename() & ": FAIL: Issuer and issuing certificates rectangle area does not match ***"); + return false; + } + } + } else if (v_cert_region.validity.region.region_type == e_polygon) { + if (v_cert_issuer_region.validity.region.region_type == e_polygon) { + // Check v_cert_region 'polygon' is inside v_cert_issuer_region 'polygon' + if (f_arePolygonsInside(v_cert_region.validity.region.region.polygonal_region, v_cert_issuer_region.validity.region.region.polygonal_region) == false) { + log("*** " & testcasename() & ": FAIL: Issuer and issuing certificates polygon area does not match ***"); + return false; + } + } + } else if (v_cert_region.validity.region.region_type == e_id) { + // Check id_region + if (not match (v_cert_region.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_iso3166_any))) { + log("*** " & testcasename() & ": FAIL: Identified region is not conformed to ISO 3166-1 ***"); + return false; + } + if (not match (v_cert_region.validity.region, mw_geographicRegion_identified(mw_identifiedRegion_un_stats_any))) { + log("*** " & testcasename() & ": FAIL: Identified region is not conformed to United Nations Statistics Division ***"); + return false; + } + // Check region_dictionary + if (not match (v_cert_region.validity.region.region.id_region.region_dictionary, v_cert_issuer_region.validity.region.region.id_region.region_dictionary)) { + log("*** " & testcasename() & ": FAIL: Issuer and issuing 'region_dictionary' field does not match ***"); + return false; + } + // Check region_identifier + if (not match (v_cert_region.validity.region.region.id_region.region_identifier, v_cert_issuer_region.validity.region.region.id_region.region_identifier)) { + log("*** " & testcasename() & ": FAIL: Issuer and issuing 'region_identifier' field does not match ***"); + return false; + } + // Check local_region + if ( + (not match (v_cert_issuer_region.validity.region.region.id_region.local_region, v_cert_region.validity.region.region.id_region.local_region)) or + (not match (v_cert_issuer_region.validity.region.region.id_region.local_region, 0)) + ) { + log("*** " & testcasename() & ": FAIL: Issuer and issuing 'local_region' field does not match ***"); + return false; + } + } + }*/ + + return true; + } // End of function f_checkRegionValidityRestiction + + /** + * @desc Check that p_circular_region_1 circular region is included into p_circular_region_2 circular region + * @param p_circular_region_1 Circular region 1 + * @param p_circular_region_2 Circular region 2 + * + * @return true on success, false otherwise + */ + function f_areCirclesInside( + in CircularRegion p_circular_region_1, + in CircularRegion p_circular_region_2 + ) return boolean { + return fx_areCirclesInside(p_circular_region_1, p_circular_region_2); + } + + /** + * @desc Check that p_rectanglar_region_1 rectangular region is included into p_rectanglar_region_2 rectangular region + * @param p_rectanglar_region_1 Rectangular region 1 + * @param p_rectanglar_region_2 Rectangular region 2 + * + * @return true on success, false otherwise + */ + function f_areRectanglesInside( + in SequenceOfRectangularRegion p_rectanglar_region_1, + in SequenceOfRectangularRegion p_rectanglar_region_2 + ) return boolean { + return fx_areRectanglesInside(p_rectanglar_region_1, p_rectanglar_region_2); + } + + /** + * @desc Check that p_polygonal_region_1 polygonal region is included into p_polygonal_region_2 polygonal region + * @param p_polygonal_region_1 Polygonal region 1 + * @param p_polygonal_region_2 Polygonal region 2 + * + * @return true on success, false otherwise + */ + function f_arePolygonsInside( + in PolygonalRegion p_polygonal_region_1, + in PolygonalRegion p_polygonal_region_2 + ) return boolean { + return fx_arePolygonsInside(p_polygonal_region_1, p_polygonal_region_2); + } + + /** + * @desc Check that given location is valid + * @param p_location location to be checked + * @return true on success, false otherwise + */ + function f_isValidTwoDLocation( + in template (value) TwoDLocation p_location + ) return boolean { + return +//FIXME RGY Titan doesn't support dot notation after valueof at the moment +// (valueof(p_location).longitude != c_maxLongitude + 1) and +// (valueof(p_location).latitude != c_maxLatitude + 1); + (valueof(p_location.longitude) != c_maxLongitude + 1) and + (valueof(p_location.latitude) != c_maxLatitude + 1); + } // End of function f_isValidTwoDLocation + + /** + * @desc Check that two given rectanlular regions are intersected + * Note: Regions must be normalized(northWest.latitude >= southEast.latitude) + * @param p_r1 Region 1 + * @param p_r2 Region 2 + * + * @return true on success, false otherwise + */ + function f_isRectangularRegionsIntersected( + in template (value) RectangularRegion p_r1, + in template (value) RectangularRegion p_r2 + ) return boolean { + return not ( +//FIXME RGY Titan doesn't support dot notation after valueof at the moment +// valueof(p_r2).northWest.longitude > valueof(p_r1).southEast.longitude or +// valueof(p_r2).southEast.longitude < valueof(p_r1).northWest.longitude or +// valueof(p_r2).southEast.latitude > valueof(p_r1).northWest.latitude or +// valueof(p_r2).northWest.latitude < valueof(p_r1).southEast.latitude + valueof(p_r2.northWest.longitude) > valueof(p_r1.southEast.longitude) or + valueof(p_r2.southEast.longitude) < valueof(p_r1.northWest.longitude) or + valueof(p_r2.southEast.latitude) > valueof(p_r1.northWest.latitude) or + valueof(p_r2.northWest.latitude) < valueof(p_r1.southEast.latitude) + ); + } // End of function f_isRectangularRegionsIntersected + + function f_isContinuousRectangularRegions( + in template (value) SequenceOfRectangularRegion p_region + ) return boolean { + var integer v_i, v_j; + var boolean v_found; + + for (v_i := 0; v_i < lengthof(p_region); v_i := v_i + 1) { + var PolygonalRegion v_region_base; + f_convertRectangularRegionIntoPolygonalRegion(valueof(p_region[v_i]), v_region_base); + v_found := false; + for (v_j := 0; v_j < lengthof(p_region); v_j := v_j + 1) { + if (v_j != v_i) { + var PolygonalRegion v_region; + f_convertRectangularRegionIntoPolygonalRegion(valueof(p_region[v_j]), v_region); + if (f_isPolygonalRegionInside(v_region, v_region_base) == true) { + v_found := true; + } + } + } // End of 'for' statement + if (v_found == false) { + return false; + } + } // End of 'for' statement + + return true; + } // End of function f_isContinuousRectangularRegions + + /** + * @desc Check if a polygonal region is inside another one + * @param p_parent The main polygonal region + * @param p_region The polygonal region to be included + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_isRectangularRegionsInside( + in template (value) SequenceOfRectangularRegion p_parent, + in template (value) SequenceOfRectangularRegion p_region + ) return boolean { + var integer v_i, v_j; + + for (v_i := 0; v_i < lengthof(p_parent); v_i := v_i + 1) { + var PolygonalRegion v_region_parent, v_region; + f_convertRectangularRegionIntoPolygonalRegion(valueof(p_parent[v_i]), v_region_parent); + for (v_j := 0; v_j < lengthof(p_parent); v_j := v_j + 1) { + f_convertRectangularRegionIntoPolygonalRegion(valueof(p_region[v_j]), v_region); + if (f_isPolygonalRegionInside(v_region, v_region_parent) == true) { + return true; + } + } // End of 'for' statement + } // End of 'for' statement + + return false; + } // End of function f_isRectangularRegionsInside + + /** + * @desc Convert a rectangular region into a polygonal region + * @param p_region The rectangular regions to convert + * @return + * @verdict + */ + function f_convertRectangularRegionIntoPolygonalRegion( + in template (value) RectangularRegion p_rectangular_region, + out PolygonalRegion p_region + ) return boolean { + + // Convert rectangular regions to polygons and check polygons + p_region[0] := valueof(p_rectangular_region.northWest); + p_region[1] := { + valueof(p_rectangular_region.northWest.latitude) + valueof(p_rectangular_region.southEast.latitude), + valueof(p_rectangular_region.northWest.longitude) + }; + p_region[2] := valueof(p_rectangular_region.southEast); + p_region[3] := { + valueof(p_rectangular_region.northWest.latitude), + valueof(p_rectangular_region.northWest.longitude) + valueof(p_rectangular_region.southEast.longitude) + }; + log("f_convertRectangularRegionIntoPolygonalRegion: DEBUG: Northwest location is invalid in rect ", p_region); + + return true; + } // End of function + + /** + * @desc Check that given polygon doesn't have neither self-intersections nor holes. + * @param p_region Polygonal Region + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_isValidPolygonalRegion( + in template (value) PolygonalRegion p_region + ) return boolean { + // Sanity check + if (not isbound(p_region) or (lengthof(p_region) == 0)) { + return false; + } + + return fx_isValidPolygonalRegion(valueof(p_region)); + } // End of function f_isValidPolygonalRegion + + /** + * @desc Check if a polygonal region is inside another one + * @param p_parent The main polygonal region + * @param p_region The polygonal region to be included + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_isPolygonalRegionInside( + in template (value) PolygonalRegion p_parent, + in template (value) PolygonalRegion p_region + ) return boolean { + // Sanity check + if (not isbound(p_parent) or not isbound(p_region) or (lengthof(p_parent) == 0) or (lengthof(p_region) == 0)) { + return false; + } + + return fx_isPolygonalRegionInside(valueof(p_parent), valueof(p_region)); + } // End of function f_isPolygonalRegionInside + + /** + * @desc + */ + function f_isIdentifiedRegionInside( + in template (value) UInt16 p_parent, + in template (value) UInt16 p_region + ) return boolean { + return valueof(p_parent) == valueof(p_region); + } // End of function f_isIdentifiedRegionInside + + /** + * @desc Check that the location is inside a region + * @param p_region The region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_isLocationInsideRegion( + in template (value) GeographicRegion p_region, + in template (value) ThreeDLocation p_location + ) return boolean { + var boolean v_ret := false; + + if (ischosen(p_region.circularRegion)) { + v_ret := f_isLocationInsideCircularRegion(valueof(p_region.circularRegion), p_location); + } else if (ischosen(p_region.rectangularRegion)) { + v_ret := f_isLocationInsideRectangularRegion(valueof(p_region.rectangularRegion), p_location); + } else if (ischosen(p_region.polygonalRegion)) { + v_ret := f_isLocationInsidePolygonalRegion(valueof(p_region.polygonalRegion), p_location); + } else if (ischosen(p_region.identifiedRegion)) { + for (var integer v_i := 0; v_i < lengthof(p_region.identifiedRegion); v_i := v_i + 1) { + if (f_isLocationInsideIdentifiedRegion(valueof(p_region.identifiedRegion[v_i]), p_location) == true) { + v_ret := true; + break; + } + } // End of 'for' statement + } + + return v_ret; + } // End of function f_isLocationInsideRegion + + /** + * @desc Check that the location is inside a circular region + * @param p_region The circular region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_isLocationInsideCircularRegion( + in template (value) CircularRegion p_region, + in template (value) ThreeDLocation p_location + ) return boolean { + // Sanity check + if (not isbound(p_region) or not isbound(p_location)) { + return false; + } + + return fx_isLocationInsideCircularRegion(valueof(p_region), valueof(p_location)); + } // End of function f_isLocationInsideCircularRegion + + /** + * @desc Check that the location is inside a rectangular region + * @param p_region The rectangular region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_isLocationInsideRectangularRegion( + in template (value) SequenceOfRectangularRegion p_region, + in template (value) ThreeDLocation p_location + ) return boolean { + // Sanity check + if (not isbound(p_region) or not isbound(p_location) or (lengthof(p_region) == 0)) { + return false; + } +// log("f_isLocationInsideRectangularRegion: p_polygonalArea: ", p_region); +// log("f_isLocationInsideRectangularRegion: p_location: ", p_location); + + return fx_isLocationInsideRectangularRegion(valueof(p_region), valueof(p_location)); + } // End of function f_isLocationInsideRectangularRegion + + /** + * @desc Check that the location is inside a polygonal region + * @param p_region The polygonal region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_isLocationInsidePolygonalRegion( + in template (value) PolygonalRegion p_region, + in template (value) ThreeDLocation p_location + ) return boolean { + // Sanity check + if (not isbound(p_region) or not isbound(p_location) or (lengthof(p_region) == 0)) { + return false; + } +// log("f_isLocationInsidePolygonalRegion: p_polygonalArea: ", p_region, " - ", valueof(p_region)); +// log("f_isLocationInsidePolygonalRegion: p_location: ", p_location, " - ", valueof(p_location)); + + return fx_isLocationInsidePolygonalRegion(valueof(p_region), valueof(p_location)); + } // End of function f_isLocationInsidePolygonalRegion + + /** + * @desc Check if the location is inside an identified region + * @param p_region The identified region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_isLocationInsideIdentifiedRegion( + in template (value) IdentifiedRegion p_region, + in template (value) ThreeDLocation p_location + ) return boolean { + // Sanity check + if (not isbound(p_region) or not isbound(p_location)) { + return false; + } + + return fx_isLocationInsideIdentifiedRegion(valueof(p_region), valueof(p_location)); + } // End of function f_isLocationInsideIdentifiedRegion + + /** + * @desc Check if the location is inside an undefined region + * @param p_region The identified region to consider + * @param p_location The device location + * @return true on success, false otherwise + * @verdict Unchanged + */ + function f_isLocationInsideOtherRegion( + in template (value) octetstring p_region, + in template (value) ThreeDLocation p_location + ) return boolean { + // Sanity check + if (valueof(p_region) == ''O) { + return false; + } + + return fx_isLocationInsideOtherRegion(valueof(p_region), valueof(p_location)); + } // End of function f_isLocationInsideOtherRegion + + /** + * @desc Convert a spacial coordinate from DMS to Dms + * @param p_degrees The degrees (D) + * @param p_minutes The minutes (M) + * @param p_seconds The seconds (S) + * @param p_latlon The latitude/longitude: (N|S|E|W) + * @return The decimal coordinate on success, 0.0, otherwise + * @verdict Unchanged + */ + function f_dms2dd( + in integer p_degrees, + in integer p_minutes, + in float p_seconds, + in charstring p_latlon + ) return float { + var Oct1 v_latlon; + + // Sanity checks + if (lengthof(p_latlon) != 1) { + return 0.0; + } else if ((p_latlon != "N") and (p_latlon != "S") and (p_latlon != "E") and (p_latlon != "W")) { + return 0.0; + } + v_latlon := char2oct(p_latlon); + + return fx_dms2dd(p_degrees, p_minutes, p_seconds, v_latlon); + } // End of function f_dms2dd + + /** + * @desc Convert the latitude from float to int + * @param p_latitude The latitude to be converted. Significand length shall be 7 digits length + * @return The converted latitude + * @verdict Unchanged + */ + function f_ddlat2int( + in float p_latitude + ) return SecLatitude { + return float2int(p_latitude * 10000000.0); // Significand length shall be 7 digits length + } + + /** + * @desc Convert the longitude from float to int + * @param p_longitude The longitude to be converted. Significand length shall be 6 digits length + * @return The converted longitude + * @verdict Unchanged + */ + function f_ddlon2int( + in float p_longitude + ) return SecLongitude { + return float2int(p_longitude * 1000000.0); // Significand length shall be 6 digits length + } + + } // End of group geometryFunctions + +} // End of module LibItsSecurity_Functions + diff --git a/lib/LibItsSecurity_Pics.ttcn b/lib/LibItsSecurity_Pics.ttcn new file mode 100755 index 0000000..4265a9f --- /dev/null +++ b/lib/LibItsSecurity_Pics.ttcn @@ -0,0 +1,97 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 + * @version $Url: https://oldforge.etsi.org/svn/LibIts/tags/20170222_STF527_Final/ttcn/Security/LibItsSecurity_Pics.ttcn3 $ + * $Id: LibItsSecurity_Pics.ttcn3 1318 2017-01-26 10:20:53Z filatov $ + * @desc Module containing Pics for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module LibItsSecurity_Pics { + + // LibIts + import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; + import from IEEE1609dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + + /** + * Does the IUT support SHA-256 digest + */ + modulepar boolean PICS_SEC_SHA256 := true; + + /** + * Does the IUT support SHA-384 digest + */ + modulepar boolean PICS_SEC_SHA384 := false; + + /** + * Does the IUT support NIST P256 algorithm + */ + modulepar boolean PICS_SEC_NIST_P256 := true; + + /** + * Does the IUT support Brainpool P256r1 algorithm + */ + modulepar boolean PICS_SEC_BRAINPOOL_P256R1 := false; + + /** + * Does the IUT support Brainpool P384r1 algorithm + */ + modulepar boolean PICS_SEC_BRAINPOOL_P384R1 := false; + + /** + * Is the IUT able to distribute AT certificates + */ + modulepar boolean PICS_SEC_P2P_AT_DISTRIBUTION := true; + + /** + * Is the IUT able to distribute AA certificates + */ + modulepar boolean PICS_SEC_P2P_AA_DISTRIBUTION := true; + + /** + * Is the IUT support certificates pushing + */ + modulepar boolean PICS_SEC_CERTIFICATE_SELECTION := true; + + /** + * Is the IUT support circular region geographical restriction + */ + modulepar boolean PICS_SEC_CIRCULAR_REGION := true; + + /** + * Does the IUT support rectangular region geographical restriction + */ + modulepar boolean PICS_SEC_RECTANGULAR_REGION := true; + + /** + * Does the IUT support polygonal region geographical restriction + */ + modulepar boolean PICS_SEC_POLYGONAL_REGION := true; + + /** + * Is the IUT support identified region geographical restriction + */ + modulepar boolean PICS_SEC_IDENTIFIED_REGION := true; + + /** + * Does the IUT support identified region/UN geographical restriction + */ + //TODO Remove modulepar boolean PICS_SEC_UN_STATS_REGION_DICTIONARY := true; + + /** + * Does the IUT support identified region/ISO31661 geographical restriction + */ + //TODO Remove modulepar boolean PICS_ISO31661_REGION_DICTIONARY := true; + + /** + * Does the IUT support ITS-AID for Generic profile? + */ + modulepar boolean PICS_SEC_ITS_AID_OTHER := true; + +} // End of module LibItsSecurity_Pics diff --git a/lib/LibItsSecurity_Pixits.ttcn b/lib/LibItsSecurity_Pixits.ttcn new file mode 100755 index 0000000..c25a11e --- /dev/null +++ b/lib/LibItsSecurity_Pixits.ttcn @@ -0,0 +1,65 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF538 + * @version $Url: https://oldforge.etsi.org/svn/LibIts/tags/20170222_STF527_Final/ttcn/Security/LibItsSecurity_Pixits.ttcn3 $ + * $Id: LibItsSecurity_Pixits.ttcn3 1318 2017-01-26 10:20:53Z filatov $ + * @desc Module containing Pixits for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module LibItsSecurity_Pixits { + + // LibCommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_DataStrings all; + + // LibIts + import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; + import from IEEE1609dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + /** + * @desc Root path to access certificate stored in files, identified by certficate ID + */ + modulepar charstring PX_CERTIFICATE_POOL_PATH := "data/v3/certificates"; + + /** + * @desc Configuration sub-directory to access certificate stored in files + */ + modulepar charstring PX_IUT_SEC_CONFIG_NAME := ""; + + /** + * @desc The certficate the IUT should use. Default: CERT_IUT_A_AT + * @remark If the IUT cannot use the test certificates, set this PIXIT to CERT_NONE + */ + modulepar charstring PX_IUT_DEFAULT_CERTIFICATE := "CERT_IUT_A_AT"; + + /** + * @desc The certficate the IUT should use. Default: CERT_TS_B_AT + * @remark Possible values: CERT_TS_C_AT, CERT_TS_D_AT, or CERT_TS_E_AT + */ + modulepar charstring PX_AT_CERTIFICATE := "CERT_TS_B_AT"; + + /** + * @desc ITS-AID value for other profile. Default: 38 + */ + modulepar Psid PX_OTHER_ITS_AID := 141; // Assign to GN-MGMT, Other than CA, DEN, MAP, SPAT, IVI, SRE, SSE & GN-MGMT: 38 + + /** + * @desc Invalid protocol version. Default: 3 + */ + modulepar UInt8 PX_WRONG_PROTOCOL_VERSION := 4; + + /** + * @desc Invalid WGS longitude + */ + modulepar SecLongitude PX_WGSLONGITUDE := 0; + + /** + * @desc Invalid WGS latitude. Default: 1 + */ + modulepar SecLatitude PX_WGSLATITUDE := 0; + +} // End of module LibItsSecurity_Pixits diff --git a/lib/LibItsSecurity_Templates.ttcn b/lib/LibItsSecurity_Templates.ttcn new file mode 100755 index 0000000..d40792a --- /dev/null +++ b/lib/LibItsSecurity_Templates.ttcn @@ -0,0 +1,2099 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF538 / STF545 + * @version $Url$ + * $Id$ + * @desc Module containing templates for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module LibItsSecurity_Templates { + + // LibCommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_DataStrings all; + + // LibItsCommon + import from LibItsCommon_TypesAndValues all; + + // LibItsGeoNetworking + import from LibItsGeoNetworking_TypesAndValues all; + + // LibIts + import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; + import from IEEE1609dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + import from LibItsSecurity_Pixits all; + + /** + * @desc Constants declaration + */ + group constants { + + /** + * @desc Protocol version + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.1 Ieee1609Dot2Data + */ + const UInt8 c_protocol_version := 3; + + /** + * @desc Certificate version + * @see Draft ETSI TS 103 097 V1.3.1 Clause 6.1 Certificate + */ + const UInt8 c_certificate_version := 3; + + /** + * @desc Its AID for Other + * @see Draft ETSI TS 103 097 V1.3.1 Clause 7.3 Security profile for DENMs + */ + template Psid c_its_aid_Other := PX_OTHER_ITS_AID; + + /** + * @desc Minimal value of Longitude + */ + const SecLongitude c_minLongitude := -1799999999; // TODO Use constant from IEEE1609dot2BaseTypes + + /** + * @desc Maximal value of Longitude + */ + const SecLongitude c_maxLongitude := 1800000000; // TODO Use constant from IEEE1609dot2BaseTypes + + /** + * @desc Minimal value of Latitude + */ + const SecLatitude c_minLatitude := -900000000; // TODO Use constant from IEEE1609dot2BaseTypes + + /** + * @desc Maximal value of Latitude + */ + const SecLatitude c_maxLatitude := 900000000; // TODO Use constant from IEEE1609dot2BaseTypes + + /** + * @desc List of ISO-3166 country codes + */ + const SequenceOfUint16 c_iso3166Codes := { + 4, 8, 10, 12, 16, 20, 24, 28, 31, 32, 36, 40, 44, 48, 50, 51, 52, 56, + 60, 64, 68, 70, 72, 74, 76, 84, 86, 90, 92, 96, 100, 104, 108, 112, 116, 120, + 124, 132, 136, 140, 144, 148, 152, 156, 158, 162, 166, 170, 174, 175, 178, 180, 184, 188, + 191, 192, 196, 203, 204, 208, 212, 214, 218, 222, 226, 231, 232, 233, 234, 238, 239, 242, + 246, 248, 250, 254, 258, 260, 262, 266, 268, 270, 275, 276, 288, 292, 296, 300, 304, 308, + 312, 316, 320, 324, 328, 332, 334, 336, 340, 344, 348, 352, 356, 360, 364, 368, 372, 376, + 380, 384, 388, 392, 398, 400, 404, 408, 410, 414, 417, 418, 422, 426, 428, 430, 434, 438, + 440, 442, 446, 450, 454, 458, 462, 466, 470, 474, 478, 480, 484, 492, 496, 498, 499, 500, + 504, 508, 512, 516, 520, 524, 528, 531, 533, 534, 535, 540, 548, 554, 558, 562, 566, 570, + 574, 578, 580, 581, 583, 584, 585, 586, 591, 598, 600, 604, 608, 612, 616, 620, 624, 626, + 630, 634, 638, 642, 643, 646, 652, 654, 659, 660, 662, 663, 666, 670, 674, 678, 682, 686, + 688, 690, 694, 702, 703, 704, 705, 706, 710, 716, 724, 728, 729, 732, 740, 744, 748, 752, + 756, 760, 762, 764, 768, 772, 776, 780, 784, 788, 792, 795, 796, 798, 800, 804, 807, 810, + 818, 826, 831, 832, 833, 834, 840, 850, 854, 858, 860, 862, 876, 882, 887, 894 + }; + + /** + * @desc List of United Nations Statistics Division country codes + */ + const SequenceOfUint16 c_unStatsAdditionalCodes := { + 1, 2, 5, 9, 11, 13, 14, 15, 17, 18, 19, 21, 29, 30, 34, 35, 39, 53, + 54, 57, 61, 142, 143, 145, 150, 151, 154, 155, 199, 419, 432, 680, 722, 830 + }; + + } // End of group constants + + /** + * @desc Dummy send/receive templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4 Basic format elements + */ + group dummyBasicFormatElements { + + /** + * @desc Dummy receive templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2 Specification of basic format elements + */ + group dummyBasicFormatElementsRecv { + + /** + * @desc Dummy receive template for TwoDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.19 TwoDLocation + */ + template (present) TwoDLocation mw_twoDLocation_dummy := { + latitude := ?, + longitude := ? + } // End of template mw_twoDLocation_dummy + + /** + * @desc Dummy send template for ThreeDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @param p_elevation Elevation relative to the WGS-84 ellipsoid in decimetres + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.20 ThreeDLocation + */ + template (present) ThreeDLocation mw_threeDLocation_dummy := { + latitude := ?, + longitude := ?, + elevation := ? + } // End of template mw_threeDLocation_dummy + + } // End of group dummyBasicFormatElementsRecv + + } // End of group dummyBasicFormatElements + + /** + * @desc Send/receive templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4 Basic format elements + */ + group basicFormatElements { + + /** + * @desc Send templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2 Specification of basic format elements + */ + group basicFormatElementsSend { + + /** + * @desc Send templates for Signature description + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.9 Signature + * @see Draft ETSI TS 103 097 V1.3.1 Table 2: Derivation of field sizes depending on the used algorithm + */ + group signatures { + + /** + * @desc Send template for signatures based on ECDSA algorithm + * @member p_ecdsaSignature The ECDSA based signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.9 Signature + */ + template (value) Signature m_signature( + in template (value) EcdsaP256Signature p_ecdsaSignature + ):= { + ecdsaNistP256Signature := p_ecdsaSignature + } // End of template m_signature_ecdsa + + /** + * @desc Send template for ECDSA based signature + * @member p_r The coordinate of the elliptic curve point resulting from multiplying the generator element by the ephemeral private key + * @member p_s The signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.10 EcdsaP256Signature + */ + template (value) EcdsaP256Signature m_ecdsaSignature( + in template (value) EccP256CurvePoint p_rSig, + in template (value) octetstring p_sSig + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template m_ecdsaSignature + + } // End of group signatures + + group signerInfos { + + /** + * @desc Send template for self signed message + */ + template (value) SignerIdentifier m_signerIdentifier_self := { + self_ := NULL + } // End of template m_signerIdentifier_self + + /** + * @desc Send template for certificate signed message + */ + template (value) SignerIdentifier m_signerIdentifier_certificate( + in template (value) Certificate p_certificate // TODO Use SingleEtsiTs103097Certificate + ) := { + certificate := { p_certificate } // Only one + } // End of template m_signerIdentifier_certificate + + /** + * @desc Send template for digest signed message + */ + template (value) SignerIdentifier m_signerIdentifier_digest( + in template (value) HashedId8 p_digest := '0000000000000000'O + ) := { + digest := p_digest + } // End of template m_signerIdentifier_digest + + /** + * @desc Send template for certificate signed message + */ + template (value) SignerIdentifier m_signerIdentifier_certificates( + in template (value) SequenceOfCertificate p_certificates := {} + ) := { + certificate := p_certificates + } // End of template m_signerIdentifier_certificates + + } // End of group signerInfos + + /** + * @desc Send template for TwoDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.19 TwoDLocation + */ + template (value) TwoDLocation m_twoDLocation( + in template (value) SecLatitude p_latitude, + in template (value) SecLongitude p_longitude + ) := { + latitude := p_latitude, + longitude := p_longitude + } // End of template m_twoDLocation + + /** + * @desc Send template for ThreeDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @param p_elevation Elevation relative to the WGS-84 ellipsoid in decimetres + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.20 ThreeDLocation + */ + template (value) ThreeDLocation m_threeDLocation( + in template (value) SecLatitude p_latitude, + in template (value) SecLongitude p_longitude, + in template (value) SecElevation p_elevation + ) := { + latitude := p_latitude, + longitude := p_longitude, + elevation := p_elevation + } // End of template m_threeDLocation + + /** + * @desc Send template circular geographic region + * @param p_center Circle center + * @param p_radius Circle radius + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (value) GeographicRegion m_geographicRegion_circle( + in template (value) TwoDLocation p_center, + in template (value) UInt16 p_radius + ) := { + circularRegion := { + center := p_center, + radius := p_radius + } + } // End of template m_geographicRegion_circle + + /** + * @desc Send template rectangular geographic region + * @param p_northwest Upper left corner + * @param p_southeast Lower rigth corner + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (value) GeographicRegion m_geographicRegion_rectangular( + in template (value) TwoDLocation p_northwest, + in template (value) TwoDLocation p_southeast + ) := { + rectangularRegion := { + { + northWest := p_northwest, + southEast := p_southeast + } + } + } // End of template m_geographicRegion_rectangular + + /** + * @desc Send template polygonial geographic region + * @param p_polygonal_region Polygonial region description + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (value) GeographicRegion m_geographicRegion_polygonial( + in template (value) PolygonalRegion p_polygonal_region + ) := { + polygonalRegion := p_polygonal_region + } // End of template m_geographicRegion_polygonial + + /** + * @desc Send template for geographic identified region + * @param p_identifiedRegion Indentified region + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (value) GeographicRegion m_geographicRegion_identifiedRegion( + in template (value) SequenceOfIdentifiedRegion p_identifiedRegions + ) := { + identifiedRegion := p_identifiedRegions + } // End of template m_geographicRegion_identifiedRegion + + template (value) IdentifiedRegion m_identifiedRegion_country_only( + in template (value) CountryOnly p_countryOnly + ) := { + countryOnly := p_countryOnly + } // End of template m_identifiedRegion_country_only + + template (value) IdentifiedRegion m_identifiedRegion_country_and_region( + in template (value) CountryOnly p_countryOnly, + in template (value) SequenceOfUint8 p_regions + ) := { + countryAndRegions := { + countryOnly := p_countryOnly, + regions := p_regions + } + } // End of template m_identifiedRegion_country_and_region + + } // End of group basicFormatElementsSend + + /** + * @desc Receive templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2 Specification of basic format elements + */ + group basicFormatElementsRecv { + + group signerIdentifiers { + + /** + * @desc Recv template for message signed with digest + */ + template (present) SignerIdentifier mw_signerIdentifier_digest( + template (present) HashedId8 p_digest := ? + ) := { + digest := p_digest + } // End of template mw_signerIdentifier_digest + + template (present) SignerIdentifier mw_signerIdentifier_certificate( + template (present) EtsiTs103097Certificate p_certificate := ? + ) := { + certificate := { p_certificate } + } // End of template m_signerIdentifier_certificate + + template (present) SignerIdentifier mw_signerIdentifier_certificates( + template (present) SequenceOfCertificate p_certificates := ? + ) := { + certificate := p_certificates + } // End of template mw_signerIdentifier_certificates + + } // End of group signerIdentifiers + + /** + * @desc Receive templates for Signature description + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.9 Signature + * @see Draft ETSI TS 103 097 V1.3.1 Table 2: Derivation of field sizes depending on the used algorithm + */ + group signatures { + + /** + * @desc Receive template for signatures based on ECDSA algorithm + * @member p_ecdsaSignature The ECDSA based signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.9 Signature + */ + template (present) Signature mw_signature( + template (present) EcdsaP256Signature p_ecdsaSignature := ? + ):= { + ecdsaNistP256Signature := p_ecdsaSignature + } // End of template mw_signature + + /** + * @desc Receive template for ECDSA based signature + * @member p_r The coordinate of the elliptic curve point resulting from multiplying the generator element by the ephemeral private key + * @member p_s The signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.10 EcdsaP256Signature + */ + template (present) EcdsaP256Signature mw_ecdsaSignature( + template (present) EccP256CurvePoint p_rSig := ?, + template (present) octetstring p_sSig := ? + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template mw_ecdsaSignature + + } // End of group signatures + + /** + * @desc Receive template for TwoDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.19 TwoDLocation + */ + template (present) TwoDLocation mw_twoDLocation( + template (present) SecLatitude p_latitude, + template (present) SecLongitude p_longitude + ) := { + latitude := p_latitude, + longitude := p_longitude + } // End of template mw_twoDLocation + + /** + * @desc Receive template for ThreeDLocation + * @param p_latitude Latitude range from 900 000 000 to +900 000 000 + * @param p_longitude Longitude range from 1 800 000 000 to +1 800 000 000 + * @param p_elevation Elevation relative to the WGS-84 ellipsoid in decimetres + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.20 ThreeDLocation + */ + template (present) ThreeDLocation mw_threeDLocation( + template (present) SecLatitude p_latitude, + template (present) SecLongitude p_longitude, + template (present) SecElevation p_elevation + ) := { + latitude := p_latitude, + longitude := p_longitude, + elevation := p_elevation + } // End of template mw_threeDLocation + + /** + * @desc Receive template circular geographic region + * @param p_center Circle center + * @param p_radius Circle radius + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (present) GeographicRegion mw_geographicRegion_circle( + template (present) TwoDLocation p_center := ?, + template (present) UInt16 p_radius := ? + ) := { + circularRegion := { + center := p_center, + radius := p_radius + } + } // End of template mw_geographicRegion_circle + + /** + * @desc Basic receive template rectangular geographic region + * @param p_northwest Upper left corner + * @param p_southeast Lower rigth corner + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (present) GeographicRegion mw_geographicRegion_rectangular := { + rectangularRegion := ? + } // End of template mw_geographicRegion_rectangular + + /** + * @desc Receive template polygonial geographic region + * @param p_polygonal_region Polygonial region description + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (present) GeographicRegion mw_geographicRegion_polygonal( + template (present) PolygonalRegion p_polygonal_region := ? + ) := { + polygonalRegion := p_polygonal_region + } // End of template mw_geographicRegion_polygonial + + /** + * @desc Receive template for geographic identified region + * @param p_identifiedRegion Indentified region + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.21 GeographicRegion + */ + template (present) GeographicRegion mw_geographicRegion_identified( + template (present) SequenceOfIdentifiedRegion p_identifiedRegion := ? + ) := { + identifiedRegion := p_identifiedRegion + } // End of template mw_geographicRegion_identifiedRegion + + template (present) IdentifiedRegion mw_identifiedRegion_country_only + := { + countryOnly := ?// FIXME ((all from c_iso3166Codes), (all from c_unStatsAdditionalCodes)) + } + + template (present) IdentifiedRegion mw_identifiedRegion_country_and_region := { + countryAndRegions := { + countryOnly := ?, // FIXME ((all from c_iso3166Codes), (all from c_unStatsAdditionalCodes)), + regions := ? + } + } + + } // End of group basicFormatElementsRecv + + } // End of group dummyBasicFormatElements + + /** + * @desc Send templates for security headers + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.1 EtsiTs103097Data + */ + group etsiTs103097Data { + + /** + * @desc Generic send template for EtsiTs103097Data message + */ + template (value) EtsiTs103097Data m_etsiTs103097Data( + in template (value) Ieee1609Dot2Content p_content + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template m_etsiTs103097Data + + /** + * @desc Generic receive template for EtsiTs103097Data message + */ + template (present) EtsiTs103097Data mw_etsiTs103097Data( + template (present) Ieee1609Dot2Content p_content := ? + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template mw_etsiTs103097Data + + template (value) EtsiTs103097Data m_etsiTs103097Data_unsecured( + in template (value) Opaque p_unsecuredData + ) := { + protocolVersion := c_protocol_version, + content := { unsecuredData := p_unsecuredData } + } // End of template m_secured_data_unsecured + + template (value) EtsiTs103097Data m_etsiTs103097Data_signed( + in template (value) SignedData p_signedData + ) := { + protocolVersion := c_protocol_version, + content := { signedData := p_signedData } + } // End of template m_secured_data_signed + + template (present) EtsiTs103097Data mw_etsiTs103097Data_signed( + template (present) SignedData p_signedData := ? + ) := { + protocolVersion := c_protocol_version, + content := { signedData := p_signedData } + } // End of template mw_secured_data_signed + + template (value) EtsiTs103097Data m_etsiTs103097Data_encrypted( + in template (value) EncryptedData p_encryptedData + ) := { + protocolVersion := c_protocol_version, + content := { encryptedData := p_encryptedData } + } // End of template m_etsiTs103097Data_encrypted + + template (present) EtsiTs103097Data mw_etsiTs103097Data_encrypted( + template (present) EncryptedData p_encryptedData := ? + ) := { + protocolVersion := c_protocol_version, + content := { encryptedData := p_encryptedData } + } // End of template mw_etsiTs103097Data_encrypted + + /** + * @desc Generic send template for EtsiTs103097Data message + */ + template (value) EtsiTs103097Data m_etsiTs103097Data_wrong_protocol( + in template (value) UInt8 p_protocol_version, + in template (value) Ieee1609Dot2Content p_content + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template m_etsiTs103097Data_wrong_protocol + + } // End of group etsiTs103097Data + + /** + * @desc Send templates for ToBeSignedData header + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 SignedData + */ + group signedData { + + template (value) SignedData m_signedData( + in template (value) HashAlgorithm p_hashId, + in template (value) ToBeSignedData p_tbsData, + in template (value) SignerIdentifier p_signer, + in template (value) Signature p_signature_ + ) := { + hashId := p_hashId, + tbsData := p_tbsData, + signer := p_signer, + signature_ := p_signature_ + } // End of template m_signedData + + template (present) SignedData mw_signedData( + template (present) HashAlgorithm p_hashId := ?, + template (present) ToBeSignedData p_tbsData := ?, + template (present) SignerIdentifier p_signer := ?, + template (present) Signature p_signature_ := ? + ) := { + hashId := p_hashId, + tbsData := p_tbsData, + signer := p_signer, + signature_ := p_signature_ + } // End of template mw_signedData + + template (value) ToBeSignedData m_toBeSignedData( + in template (value) SignedDataPayload p_payload, + in template (value) HeaderInfo p_headerInfo + ) := { + payload := p_payload, + headerInfo := p_headerInfo + } // End of template m_toBeSignedData + + template (present) ToBeSignedData mw_toBeSignedData( + template (present) SignedDataPayload p_payload := ?, + template (present) HeaderInfo p_headerInfo := ? + ) := { + payload := p_payload, + headerInfo := p_headerInfo + } // End of template mw_toBeSignedData + + template (value) SignedDataPayload m_signedDataPayload( + in template (value) Ieee1609Dot2Data p_data + ) := { + data := p_data, + extDataHash := omit + } // End of template m_signedDataPayload + + template (present) SignedDataPayload mw_signedDataPayload( + template (present) Ieee1609Dot2Data p_data := ? + ) := { + data := p_data, + extDataHash := * + } // End of template mw_signedDataPayload + + template (value) SignedDataPayload m_signedDataPayload_ext( + in template (value) Oct32 p_extDataHash + ) := { + data := omit, + extDataHash := { sha256HashedData := p_extDataHash } + } // End of template m_signedDataPayload_ext + + } // End of group signedData + + /** + * @desc Send templates for ToBeSignedData header + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.3 EncryptedData + */ + group encryptedData { + + template (value) EncryptedData m_encryptedData( + in template (value) SequenceOfRecipientInfo p_recipients, + in template (value) SymmetricCiphertext p_ciphertex + ) := { + recipients := p_recipients, + ciphertext := p_ciphertex + } // End of template m_encryptedData + + template (present) EncryptedData mw_encryptedData( + template (present) SequenceOfRecipientInfo p_recipients := ?, + template (present) SymmetricCiphertext p_ciphertex := ? + ) := { + recipients := p_recipients, + ciphertext := p_ciphertex + } // End of template mw_encryptedData + + template (value) RecipientInfo m_recipientInfo_pskRecipInfo( + in template (value) PreSharedKeyRecipientInfo p_pskRecipInfo + ) := { + pskRecipInfo := p_pskRecipInfo + } // End of template m_recipientInfo_pskRecipInfo + + template (present) RecipientInfo mw_recipientInfo_pskRecipInfo( + template (present) PreSharedKeyRecipientInfo p_pskRecipInfo := ? + ) := { + pskRecipInfo := p_pskRecipInfo + } // End of template mw_recipientInfo_pskRecipInfo + + template (value) RecipientInfo m_recipientInfo_symmRecipInfo( + in template (value) SymmRecipientInfo p_symmRecipInfo + ) := { + symmRecipInfo := p_symmRecipInfo + } // End of template m_recipientInfo_symmRecipInfo + + template (value) RecipientInfo m_recipientInfo_certRecipInfo( + in template (value) PKRecipientInfo p_certRecipInfo + ) := { + certRecipInfo := p_certRecipInfo + } // End of template m_recipientInfo_certRecipInfo + + template (present) RecipientInfo mw_recipientInfo_certRecipInfo( + template (present) PKRecipientInfo p_certRecipInfo := ? + ) := { + certRecipInfo := p_certRecipInfo + } // End of template mw_recipientInfo_certRecipInfo + + template (value) RecipientInfo m_recipientInfo_signedDataRecipInfo( + in template (value) PKRecipientInfo p_signedDataRecipInfo + ) := { + signedDataRecipInfo := p_signedDataRecipInfo + } // End of template m_recipientInfo_signedDataRecipInfo + + template (value) RecipientInfo m_recipientInfo_rekRecipInfo( + in template (value) PKRecipientInfo p_rekRecipInfo + ) := { + rekRecipInfo := p_rekRecipInfo + } // End of template m_recipientInfo_rekRecipInfo + + template (value) PKRecipientInfo m_pKRecipientInfo( + in template (value) HashedId8 p_recipientId, + in template (value) EncryptedDataEncryptionKey p_encKey + ) := { + recipientId := p_recipientId, + encKey := p_encKey + } // End of template m_pKRecipientInfo + + template (present) PKRecipientInfo mw_pKRecipientInfo( + template (present) HashedId8 p_recipientId := ?, + template (present) EncryptedDataEncryptionKey p_encKey := ? + ) := { + recipientId := p_recipientId, + encKey := p_encKey + } // End of template mw_pKRecipientInfo + + template (value) EciesP256EncryptedKey m_evciesP256EncryptedKey( + in template (value) EccP256CurvePoint p_v, + in template (value) Oct16 p_c, + in template (value) Oct16 p_t + ) :={ + v := p_v, + c := p_c, + t := p_t + } // End of template m_evciesP256EncryptedKey + + template (present) EciesP256EncryptedKey mw_evciesP256EncryptedKey( + template (present) EccP256CurvePoint p_v := ?, + template (present) Oct16 p_c := ?, + template (present) Oct16 p_t := ? + ) :={ + v := p_v, + c := p_c, + t := p_t + } // End of template mw_evciesP256EncryptedKey + + template (value) EncryptedDataEncryptionKey m_encryptedDataEncryptionKey_eciesNistP256( + in template (value) EciesP256EncryptedKey p_eciesNistP256 + ) := { + eciesNistP256 := p_eciesNistP256 + } // End of template m_encryptedDataEncryptionKey_eciesNistP256 + + template (present) EncryptedDataEncryptionKey mw_encryptedDataEncryptionKey_eciesNistP256( + template (present) EciesP256EncryptedKey p_eciesNistP256 := ? + ) := { + eciesNistP256 := p_eciesNistP256 + } // End of template mw_encryptedDataEncryptionKey_eciesNistP256 + + template (value) EncryptedDataEncryptionKey m_encryptedDataEncryptionKey_eciesBrainpoolP256r1( + in template (value) EciesP256EncryptedKey p_eciesBrainpoolP256r1 + ) := { + eciesBrainpoolP256r1 := p_eciesBrainpoolP256r1 + } // End of template m_encryptedDataEncryptionKey_eciesBrainpoolP256r1 + + template (present) EncryptedDataEncryptionKey mw_encryptedDataEncryptionKey_eciesBrainpoolP256r1( + template (present) EciesP256EncryptedKey p_eciesBrainpoolP256r1 := ? + ) := { + eciesBrainpoolP256r1 := p_eciesBrainpoolP256r1 + } // End of template mw_encryptedDataEncryptionKey_eciesBrainpoolP256r1 + + template (value) SymmetricCiphertext m_SymmetricCiphertext_aes128ccm( + in template (value) AesCcmCiphertext p_aes128ccm + ) := { + aes128ccm := p_aes128ccm + } // End of template m_SymmetricCiphertext_aes128ccm + + template (present) SymmetricCiphertext mw_SymmetricCiphertext_aes128ccm( + template (present) AesCcmCiphertext p_aes128ccm := ? + ) := { + aes128ccm := p_aes128ccm + } // End of template mw_SymmetricCiphertext_aes128ccm + + template (value) AesCcmCiphertext m_aesCcmCiphertext( + in template (value) Oct12 p_nonce, + in template (value) Opaque p_ccmCiphertext + ) := { + nonce := p_nonce, + ccmCiphertext := p_ccmCiphertext + } // End of template m_aesCcmCiphertext + + template (present) AesCcmCiphertext mw_aesCcmCiphertext( + template (present) Oct12 p_nonce := ?, + template (present) Opaque p_ccmCiphertext := ? + ) := { + nonce := p_nonce, + ccmCiphertext := p_ccmCiphertext + } // End of template mw_aesCcmCiphertext + + } // End of group encryptedData + + /** + * @desc Send/Receive templates for Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + group ieee1609Dot2Data { + + /** + * @desc Send template for Ieee1609Dot2Data + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (value) Ieee1609Dot2Data m_ieee1609Dot2Data( + in template (value) Ieee1609Dot2Content p_content + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template m_ieee1609Dot2Data + + /** + * @desc Receive template for Ieee1609Dot2Data + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (present) Ieee1609Dot2Data mw_ieee1609Dot2Data( + template (present) Ieee1609Dot2Content p_content := ? + ) := { + protocolVersion := c_protocol_version, + content := p_content + } // End of template mw_ieee1609Dot2Data + + /** + * @desc Send template for 'unsecured' Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (value) Ieee1609Dot2Content m_ieee1609Dot2Data_unsecured( + in template (value) Opaque p_unsecuredData + ) := { + unsecuredData := p_unsecuredData + } // End of template m_ieee1609Dot2Data_unsecured + + /** + * @desc Receive template for 'unsecured' Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (present) Ieee1609Dot2Content mw_ieee1609Dot2Data_unsecured( + template (present) Opaque p_unsecuredData := ? + ) := { + unsecuredData := p_unsecuredData + } // End of template mw_ieee1609Dot2Data_unsecured + + /** + * @desc Send template for 'signed' Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (value) Ieee1609Dot2Content m_ieee1609Dot2Data_signed( + in template (value) SignedData p_signedData + ) := { + signedData := p_signedData + } // End of template m_ieee1609Dot2Data_signed + + /** + * @desc Send template for 'signed' Payload + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload + */ + template (present) Ieee1609Dot2Content mw_ieee1609Dot2Data_signed( + template (present) SignedData p_signedData := ? + ) := { + signedData := p_signedData + } // End of template mw_ieee1609Dot2Data_signed + + } // End of group ieee1609Dot2Data + + /** + * @desc Send/Receive templates for HeaderInfo + * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.4 HeaderInfo + */ + group headerFields { + + /** + * @desc Basic send HeaderInfo template with ETSI ITS restrction + */ + template (omit) HeaderInfo m_ieee1609Dot2_headerInfo( + in template (value) Psid p_psid + ) := { + psid := p_psid, + generationTime := omit, + expiryTime := omit, + generationLocation := omit, + p2pcdLearningRequest := omit, + missingCrlIdentifier := omit, + encryptionKey := omit, + inlineP2pcdRequest := omit, + requestedCertificate := omit + } // End of template m_ieee1609Dot2_headerInfo + + /** + * @desc Basic receive HeaderInfo template with ETSI ITS restrction + */ + template (present) HeaderInfo mw_ieee1609Dot2_headerInfo( + template (present) Psid p_psid := ? + ) := { + psid := p_psid, + generationTime := *, + expiryTime := *, + generationLocation := *, + p2pcdLearningRequest := omit, + missingCrlIdentifier := omit, + encryptionKey := omit, + inlineP2pcdRequest := omit, + requestedCertificate := omit + } // End of template mw_ieee1609Dot2_headerInfo + + /** + * @desc Basic receive HeaderInfo template with ETSI ITS restrction + */ + template (present) HeaderInfo mw_ieee1609Dot2_headerInfo_request_certificate( + template (present) Psid p_psid := ?, + template (present) Certificate p_requestedCertificate := ? + ) modifies mw_ieee1609Dot2_headerInfo := { + psid := p_psid, + generationTime := *, + expiryTime := *, + generationLocation := *, + p2pcdLearningRequest := omit, + missingCrlIdentifier := omit, + encryptionKey := omit, + inlineP2pcdRequest := omit, + requestedCertificate := p_requestedCertificate + } // End of template mw_ieee1609Dot2_headerInfo + + /** + * @desc CAM specific send HeaderInfo template with ETSI ITS restrction + * + * @see Clause 7.1.1 Security profile for CAMs + */ + template (omit) HeaderInfo m_headerInfo_cam( + in template (value) Psid p_psid := c_its_aid_CAM, + in template (value) Time64 p_generationTime, + in template (omit) Time64 p_expiryTime := omit, + in template (omit) SequenceOfHashedId3 p_inlineP2pcdRequest := omit + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := p_expiryTime, + generationLocation := omit, + inlineP2pcdRequest := p_inlineP2pcdRequest + } // End of template m_headerInfo_cam + + /** + * @desc CAM specific receive HeaderInfo template with ETSI ITS restrction + * + * Clause 7.1.1 Security profile for CAMs + */ + template (present) HeaderInfo mw_headerInfo_cam( + template (present) Psid p_psid := c_its_aid_CAM, + template (present) Time64 p_generationTime := ?, + template SequenceOfHashedId3 p_inlineP2pcdRequest := omit, + template Certificate p_requestedCertificate := omit + ) modifies mw_ieee1609Dot2_headerInfo := { + psid := c_its_aid_CAM, + generationTime := p_generationTime, + expiryTime := omit, + generationLocation := omit, + inlineP2pcdRequest := p_inlineP2pcdRequest, + requestedCertificate := p_requestedCertificate + } // End of template mw_headerInfo_cam + + /** + * + * Clause 7.1.2 Security profile for DENMs + */ + template (omit) HeaderInfo m_headerInfo_denm( + in template (value) Psid p_psid := c_its_aid_DENM, + in template (value) Time64 p_generationTime, + in template (value) ThreeDLocation p_generationLocation, + in template (omit) Time64 p_expiryTime := omit + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := p_expiryTime, + generationLocation := p_generationLocation + } // End of template m_headerInfo_denm + + /** + * + * Clause 7.1.2 Security profile for DENMs + */ + template (present) HeaderInfo mw_headerInfo_denm( + template (present) Psid p_psid := c_its_aid_DENM, + template (present) Time64 p_generationTime := ?, + template (present) ThreeDLocation p_generationLocation := ?, + template Time64 p_expiryTime := omit + ) modifies mw_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := p_expiryTime, + generationLocation := p_generationLocation + } // End of template mw_headerInfo_denm + + /** + * + * Clause 7.1.3 Generic security profile for other signed messages + */ + template (omit) HeaderInfo m_headerInfo_gn( + in template (value) Psid p_psid := c_its_aid_GN, + in template (value) Time64 p_generationTime + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime + } // End of template m_headerInfo_gn + + /** + * + * Clause 7.1.3 Generic security profile for other signed messages + */ + template (present) HeaderInfo mw_headerInfo_gn( + template (present) Psid p_psid := c_its_aid_GN, + template (present) Time64 p_generationTime := ? + ) modifies mw_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := *, + generationLocation := *, + encryptionKey := *, + inlineP2pcdRequest := *, + requestedCertificate := * + } // End of template mw_headerInfo_gn + + template (omit) HeaderInfo m_headerInfo_inner_pki_request( + in template (value) Psid p_psid := c_its_aid_SCR, + in template (value) Time64 p_generationTime + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime + }; + + template (omit) HeaderInfo m_headerInfo_inner_pki_response( + in template (value) Psid p_psid := c_its_aid_SCR, + in template (value) Time64 p_generationTime + ) modifies m_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime + }; + + template (present) HeaderInfo mw_headerInfo_inner_pki_request( + template (present) Psid p_psid := c_its_aid_SCR, + template (present) Time64 p_generationTime := ? + ) modifies mw_headerInfo_gn := {}; + + template HeaderInfo mw_headerInfo_inner_pki_response( + template (present) Psid p_psid := c_its_aid_SCR, + template Time64 p_generationTime := * + ) modifies mw_ieee1609Dot2_headerInfo := { + generationTime := p_generationTime, + expiryTime := omit, + generationLocation := omit + } + + } // End of group headerFields + + group signatures { + + template (value) Signature m_signature_ecdsaNistP256( + in template (value) EcdsaP256Signature p_ecdsaNistP256Signature + ) := { + ecdsaNistP256Signature := p_ecdsaNistP256Signature + } // End of template m_signature_ecdsaNistP256 + + template (present) Signature mw_signature_ecdsaNistP256( + template (present) EcdsaP256Signature p_ecdsaNistP256Signature := ? + ) := { + ecdsaNistP256Signature := p_ecdsaNistP256Signature + } // End of template mw_signature_ecdsaNistP256 + + template (value) Signature m_signature_ecdsaBrainpoolP256r1( + in template (value) EcdsaP256Signature p_ecdsaBrainpoolP256r1Signature + ) := { + ecdsaBrainpoolP256r1Signature := p_ecdsaBrainpoolP256r1Signature + } // End of template m_signature_ecdsaBrainpoolP256r1 + + template (present) Signature mw_signature_ecdsaBrainpoolP256r1( + template (present) EcdsaP256Signature p_ecdsaBrainpoolP256r1Signature := ? + ) := { + ecdsaBrainpoolP256r1Signature := p_ecdsaBrainpoolP256r1Signature + } // End of template m_signature_ecdsaBrainpoolP256r1 + + template (value) Signature m_signature_ecdsaBrainpoolP384r1( + in template (value) EcdsaP384Signature p_ecdsaBrainpoolP384r1Signature + ) := { + ecdsaBrainpoolP384r1Signature := p_ecdsaBrainpoolP384r1Signature + } // End of template m_signature_ecdsaBrainpoolP384r1 + + template (present) Signature mw_signature_ecdsaBrainpoolP384r1( + template (present) EcdsaP384Signature p_ecdsaBrainpoolP384r1Signature := ? + ) := { + ecdsaBrainpoolP384r1Signature := p_ecdsaBrainpoolP384r1Signature + } // End of template mw_signature_ecdsaBrainpoolP384r1 + + template (value) EcdsaP256Signature m_ecdsaP256Signature( + in template (value) EccP256CurvePoint p_rSig, + in template (value) Oct32 p_sSig + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template m_ecdsaP256Signature + + template (present) EcdsaP256Signature mw_ecdsaP256Signature( + template (present) EccP256CurvePoint p_rSig := ?, + template (present) Oct32 p_sSig := ? + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template mw_ecdsaP256Signature + + template (value) EcdsaP384Signature m_ecdsaP384Signature( + in template (value) EccP384CurvePoint p_rSig, + in template (value) Oct48 p_sSig + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template m_ecdsaP384Signature + + template (present) EcdsaP384Signature mw_ecdsaP384Signature( + template (present) EccP384CurvePoint p_rSig := ?, + template (present) Oct48 p_sSig := ? + ) := { + rSig := p_rSig, + sSig := p_sSig + } // End of template mw_ecdsaP384Signature + + template (value) EccP256CurvePoint m_eccP256CurvePoint_x_only( + in template (value) Oct32 p_x_only + ) := { + x_only := p_x_only + } // End of template m_eccP256CurvePoint_x_only + + template (present) EccP256CurvePoint mw_eccP256CurvePoint_x_only( + template (present) Oct32 p_x_only := ? + ) := { + x_only := p_x_only + } // End of template mw_eccP256CurvePoint_x_only + + template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_y_0( + in template (value) Oct32 p_compressed_y_0 + ) := { + compressed_y_0 := p_compressed_y_0 + } // End of template m_eccP256CurvePoint_compressed_y_0 + + template (present) EccP256CurvePoint mw_eccP256CurvePoint_compressed_y_0( + template (present) Oct32 p_compressed_y_0 := ? + ) := { + compressed_y_0 := p_compressed_y_0 + } // End of template mw_eccP256CurvePoint_compressed_y_0 + + template (value) EccP256CurvePoint m_eccP256CurvePoint_compressed_y_1( + in template (value) Oct32 p_compressed_y_1 + ) := { + compressed_y_1 := p_compressed_y_1 + } // End of template m_eccP256CurvePoint_compressed_y_1 + + template (present) EccP256CurvePoint mw_eccP256CurvePoint_compressed_y_1( + template (present) Oct32 p_compressed_y_1 := ? + ) := { + compressed_y_1 := p_compressed_y_1 + } // End of template mw_eccP256CurvePoint_compressed_y_1 + + template (value) EccP256CurvePoint m_eccP256CurvePoint_uncompressed( + in template (value) Oct32 p_x, + in template (value) Oct32 p_y + ) := { + uncompressedP256 := { + x := p_x, + y := p_y + } + } // End of template m_eccP256CurvePoint_uncompressed + + template (present) EccP256CurvePoint mw_eccP256CurvePoint_uncompressed( + template (present) Oct32 p_x := ?, + template (present) Oct32 p_y := ? + ) := { + uncompressedP256 := { + x := p_x, + y := p_y + } + } // End of template mw_eccP256CurvePoint_uncompressed + + template (value) EccP384CurvePoint m_eccP384CurvePoint_x_only( + in template (value) Oct48 p_x_only + ) := { + x_only := p_x_only + } // End of template m_eccP384CurvePoint_x_only + + template (present) EccP384CurvePoint mw_eccP384CurvePoint_x_only( + template (present) Oct48 p_x_only := ? + ) := { + x_only := p_x_only + } // End of template mw_eccP384CurvePoint_x_only + + template (value) EccP384CurvePoint m_eccP384CurvePoint_compressed_y_0( + in template (value) Oct48 p_compressed_y_0 + ) := { + compressed_y_0 := p_compressed_y_0 + } // End of template m_eccP384CurvePoint_compressed_y_0 + + template (present) EccP384CurvePoint mw_eccP384CurvePoint_compressed_y_0( + template (present) Oct48 p_compressed_y_0 := ? + ) := { + compressed_y_0 := p_compressed_y_0 + } // End of template mw_eccP384CurvePoint_compressed_y_0 + + template (value) EccP384CurvePoint m_eccP384CurvePoint_compressed_y_1( + in template (value) Oct48 p_compressed_y_1 + ) := { + compressed_y_1 := p_compressed_y_1 + } // End of template m_eccP384CurvePoint_compressed_y_1 + + template (present) EccP384CurvePoint mw_eccP384CurvePoint_compressed_y_1( + template (present) Oct48 p_compressed_y_1 := ? + ) := { + compressed_y_1 := p_compressed_y_1 + } // End of template mw_eccP384CurvePoint_compressed_y_1 + + template (value) EccP384CurvePoint m_eccP384CurvePoint_uncompressed( + in template (value) Oct48 p_x, + in template (value) Oct48 p_y + ) := { + uncompressedP384 := { + x := p_x, + y := p_y + } + } // End of template m_eccP384CurvePoint_uncompressed + + template (present) EccP384CurvePoint mw_eccP384CurvePoint_uncompressed( + template (present) Oct48 p_x := ?, + template (present) Oct48 p_y := ? + ) := { + uncompressedP384 := { + x := p_x, + y := p_y + } + } // End of template mw_eccP384CurvePoint_uncompressed + + } // End of group signatures + + /** + * @desc Dummy send/receive templates for certificates + * @see Draft ETSI TS 103 097 V1.3.1 Clause 6 Specification of certificate format + */ + group certificates { + + /** + * @desc Send certificate template of type explicit (signature is included) + * @member p_signer_info Signer information + * @member p_subject_info The subject information + * @member p_subject_attributes List of subject attribute + * @member p_validity_restrictions List of validity restriction + * @member p_signature The signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 6.1 Certificate + */ + template (omit) EtsiTs103097Certificate m_etsiTs103097Certificate( + in template (value) IssuerIdentifier p_issuer, + in template (value) ToBeSignedCertificate p_toBeSigned, + in template (omit) Signature p_signature_ := omit + ) := { + version := c_certificate_version, + type_ := explicit, + issuer := p_issuer, + toBeSigned := p_toBeSigned, + signature_ := p_signature_ + } // End of template m_etsiTs103097Certificate + + /** + * @desc Send certificate template of type explicit (signature is included) + * @member p_signer_info Signer information + * @member p_subject_info The subject information + * @member p_subject_attributes List of subject attribute + * @member p_validity_restrictions List of validity restriction + * @member p_signature The signature + * @see Draft ETSI TS 103 097 V1.3.1 Clause 6.1 Certificate + */ + template (present) EtsiTs103097Certificate mw_etsiTs103097Certificate( + template (present) IssuerIdentifier p_issuer := ?, + template (present) ToBeSignedCertificate p_toBeSigned := ?, + template (present) Signature p_signature_ := ? + ) := { + version := c_certificate_version, + type_ := explicit, + issuer := p_issuer, + toBeSigned := p_toBeSigned, + signature_ := p_signature_ + } // End of template mw_etsiTs103097Certificate + + } // End of group certificates + + group issuerIdentifier { + + template (value) IssuerIdentifier m_issuerIdentifier_self( + in template (value) HashAlgorithm p_self := sha256 + ) := { + self_ := p_self + } // End of template m_issuerIdentifier_self + + template (present) IssuerIdentifier mw_issuerIdentifier_self( + template (present) HashAlgorithm p_self := ? + ) := { + self_ := p_self + } // End of template mw_issuerIdentifier_self + + template (value) IssuerIdentifier m_issuerIdentifier_sha256AndDigest( // FIXME Add opque field for unknown issuer? + in template (value) HashedId8 p_sha256AndDigest + ) := { + sha256AndDigest := p_sha256AndDigest + } // End of template m_issuerIdentifier_sha256AndDigest + + template (present) IssuerIdentifier mw_issuerIdentifier_sha256AndDigest( // FIXME Add opque field for unknown issuer? + template (present) HashedId8 p_sha256AndDigest := ? + ) := { + sha256AndDigest := p_sha256AndDigest + } // End of template mw_issuerIdentifier_sha256AndDigest + + template (value) IssuerIdentifier m_issuerIdentifier_sha384AndDigest( + in template (value) HashedId8 p_sha384AndDigest + ) := { + sha384AndDigest := p_sha384AndDigest + } // End of template m_issuerIdentifier_sha384AndDigest + + template (present) IssuerIdentifier mw_issuerIdentifier_sha384AndDigest( + template (present) HashedId8 p_sha384AndDigest := ? + ) := { + sha384AndDigest := p_sha384AndDigest + } // End of template mw_issuerIdentifier_sha384AndDigest + + } // End of group issuerIdentifier + + group toBeSignedCertificate { + + /** + * @desc Send template for ToBeSignedCertificate with CA restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.3 Root CA certificate + */ + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_ca( + in template (value) CertificateId p_id, + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) SequenceOfPsidGroupPermissions p_certIssuePermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (omit) ValidityPeriod p_validityPeriod := omit, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := p_certIssuePermissions, // ETSI TS 103 097 V1.3.1 Clause 7.2.3 Root CA certificates Bullet 4 + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_ca + + /** + * @desc Receive template for ToBeSignedCertificate with CA restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.3 Root CA certificate + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_ca( + template (present) CertificateId p_id := ?, + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) SequenceOfPsidGroupPermissions p_certIssuePermissions := ?, + template (present) SequenceOfPsidGroupPermissions p_certRequestPermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := p_id, + cracaId := '000000'O, + crlSeries := 0, + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := omit, + certIssuePermissions := p_certIssuePermissions, + certRequestPermissions := p_certRequestPermissions, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate + + /** + * @desc Send template for ToBeSignedCertificate with Enrolment credential restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.2 Enrolment credential + */ + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_ea( + in template (value) CertificateId p_id, + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (value) ValidityPeriod p_validityPeriod, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_ea + + /** + * @desc Send template for ToBeSignedCertificate with Enrolment credential restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.2 Enrolment credential + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_ea( + template (present) CertificateId p_id := ?, + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate_ea + + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_ec( + in template (value) CertificateId p_id, + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (value) ValidityPeriod p_validityPeriod, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_ec + + /** + * @desc Send template for ToBeSignedCertificate with Enrolment credential restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.2 Enrolment credential + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_ec( + template (present) CertificateId p_id := ?, + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate_ec + + /** + * @desc Send template for ToBeSignedCertificate with Authorization authority restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.4 Subordinate certification authority certificates + */ + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_aa( + in template (value) CertificateId p_id, + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (value) ValidityPeriod p_validityPeriod, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_aa + + /** + * @desc Send template for ToBeSignedCertificate with Authorization authority restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.4 Subordinate certification authority certificates + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_aa( + template (present) CertificateId p_id := ?, + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := p_id, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate_aa + + template (present) CertificateId mw_certificateId_name( + template (present) charstring p_name := ? + ) := { + name := p_name + } // End of template mw_certificateId_name + + template CertificateId mw_certificateId_none := { + none_ := NULL + } // End of template mw_certificateId_none + + /** + * @desc Send template for ToBeSignedCertificate with AT restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.1 Authorization tickets + */ + template (omit) ToBeSignedCertificate m_toBeSignedCertificate_at( + in template (value) SequenceOfPsidSsp p_appPermissions, + in template (value) VerificationKeyIndicator p_verifyKeyIndicator, + in template (omit) ValidityPeriod p_validityPeriod := omit, + in template (omit) GeographicRegion p_region := omit, + in template (omit) SubjectAssurance p_assuranceLevel := omit, + in template (omit) PublicEncryptionKey p_encryptionKey := omit + ) := { + id := { none_ := NULL }, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template m_toBeSignedCertificate_at + + /** + * @desc Send template for ToBeSignedCertificate with AT restrictions + * @see ETSI TS 103 097 V1.3.1 Clause 7.2.1 Authorization tickets + */ + template ToBeSignedCertificate mw_toBeSignedCertificate_at( + template (present) SequenceOfPsidSsp p_appPermissions := ?, + template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, + template (present) ValidityPeriod p_validityPeriod := ?, + template GeographicRegion p_region := *, + template SubjectAssurance p_assuranceLevel := *, + template PublicEncryptionKey p_encryptionKey := * + ) := { + id := { none_ := NULL }, + cracaId := '000000'O, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 2 + crlSeries := 0, // ETSI TS 103 097 V1.3.1 Clause 6 Bullet 3 + validityPeriod := p_validityPeriod, + region := p_region, + assuranceLevel := p_assuranceLevel, + appPermissions := p_appPermissions, + certIssuePermissions := omit, + certRequestPermissions := omit, + canRequestRollover := omit, + encryptionKey := p_encryptionKey, + verifyKeyIndicator := p_verifyKeyIndicator + } // End of template mw_toBeSignedCertificate_at + + } // End of group toBeSignedCertificate + + group verificationKeys { + + template (value) VerificationKeyIndicator m_verificationKeyIndicator_verificationKey( + in template (value) PublicVerificationKey p_verificationKey + ) := { + verificationKey := p_verificationKey + } // End of template m_verificationKeyIndicator_verificationKey + + template (present) VerificationKeyIndicator mw_verificationKeyIndicator_verificationKey( + template (present) PublicVerificationKey p_verificationKey := ? + ) := { + verificationKey := p_verificationKey + } // End of template mw_verificationKeyIndicator_verificationKey + + template (value) VerificationKeyIndicator m_verificationKeyIndicator_reconstructionValue( + in template (value) EccP256CurvePoint p_reconstructionValue + ) := { + reconstructionValue := p_reconstructionValue + } // End of template m_verificationKeyIndicator_reconstructionValue + + template (present) VerificationKeyIndicator mw_verificationKeyIndicator_reconstructionValue( + template (present) EccP256CurvePoint p_reconstructionValue := ? + ) := { + reconstructionValue := p_reconstructionValue + } // End of template mw_verificationKeyIndicator_reconstructionValue + + template (value) PublicVerificationKey m_publicVerificationKey_ecdsaNistP256( + in template (value) EccP256CurvePoint p_ecdsaNistP256 + ) := { + ecdsaNistP256 := p_ecdsaNistP256 + } // End of template m_publicVerificationKey_ecdsaNistP256 + + template (present) PublicVerificationKey mw_publicVerificationKey_ecdsaNistP256( + template (present) EccP256CurvePoint p_ecdsaNistP256 := ? + ) := { + ecdsaNistP256 := p_ecdsaNistP256 + } // End of template mw_publicVerificationKey_ecdsaNistP256 + + template (value) PublicVerificationKey m_publicVerificationKey_ecdsaBrainpoolP256r1( + in template (value) EccP256CurvePoint p_ecdsaBrainpoolP256r1 + ) := { + ecdsaBrainpoolP256r1 := p_ecdsaBrainpoolP256r1 + } // End of template m_publicVerificationKey_ecdsaBrainpoolP256r1 + + template (present) PublicVerificationKey mw_publicVerificationKey_ecdsaBrainpoolP256r1( + template (present) EccP256CurvePoint p_ecdsaBrainpoolP256r1 := ? + ) := { + ecdsaBrainpoolP256r1 := p_ecdsaBrainpoolP256r1 + } // End of template mw_publicVerificationKey_ecdsaBrainpoolP256r1 + + template (value) PublicVerificationKey m_publicVerificationKey_ecdsaBrainpoolP384r1( + in template (value) EccP384CurvePoint p_ecdsaBrainpoolP384r1 + ) := { + ecdsaBrainpoolP384r1 := p_ecdsaBrainpoolP384r1 + } // End of template m_publicVerificationKey_ecdsaBrainpoolP384r1 + + template (present) PublicVerificationKey mw_publicVerificationKey_ecdsaBrainpoolP384r1( + template (present) EccP384CurvePoint p_ecdsaBrainpoolP384r1 := ? + ) := { + ecdsaBrainpoolP384r1 := p_ecdsaBrainpoolP384r1 + } // End of template mw_publicVerificationKey_ecdsaBrainpoolP384r1 + + } // End of group verificationKeys + + group encryptionKey { + + template (value) EncryptionKey m_encryptionKey_public( + in template (value) PublicEncryptionKey p_encryptionKey + ) := { + public_ := p_encryptionKey + } + + template (present) EncryptionKey mw_encryptionKey_public( + template (present) PublicEncryptionKey p_encryptionKey := ? + ) := { + public_ := p_encryptionKey + } + + template (value) PublicEncryptionKey m_encryptionKey( + in template (value) SymmAlgorithm p_supportedSymmAlg := aes128Ccm, + in template (value) BasePublicEncryptionKey p_publicKey + ) := { + supportedSymmAlg := p_supportedSymmAlg, + publicKey := p_publicKey + } // End of template m_encryptionKey + + template (present) PublicEncryptionKey mw_encryptionKey( + template (present) SymmAlgorithm p_supportedSymmAlg := aes128Ccm, + template (present) BasePublicEncryptionKey p_publicKey := ? + ) := { + supportedSymmAlg := p_supportedSymmAlg, + publicKey := p_publicKey + } // End of template mw_encryptionKey + + template (value) BasePublicEncryptionKey m_publicEncryptionKey_eciesNistP256( + in template (value) EccP256CurvePoint p_eciesNistP256 + ) := { + eciesNistP256 := p_eciesNistP256 + } // End of template m_publicEncryptionKey_eciesNistP256 + + template (present) BasePublicEncryptionKey mw_publicEncryptionKey_eciesNistP256( + template (present) EccP256CurvePoint p_eciesNistP256 := ? + ) := { + eciesNistP256 := p_eciesNistP256 + } // End of template mw_publicEncryptionKey_eciesNistP256 + + template (value) BasePublicEncryptionKey m_publicEncryptionKey_eciesBrainpoolP256r1( + in template (value) EccP256CurvePoint p_eciesBrainpoolP256r1 + ) := { + eciesBrainpoolP256r1 := p_eciesBrainpoolP256r1 + } // End of template m_publicEncryptionKey_eciesBrainpoolP256r1 + + template (present) BasePublicEncryptionKey mw_publicEncryptionKey_eciesBrainpoolP256r1( + template (present) EccP256CurvePoint p_eciesBrainpoolP256r1 := ? + ) := { + eciesBrainpoolP256r1 := p_eciesBrainpoolP256r1 + } // End of template mw_publicEncryptionKey_eciesBrainpoolP256r1 + + } // End of group encryptionKey + + group appPermissions { + + template (omit) PsidSsp m_appPermissions( + in template (value) Psid p_psid, + in template (omit) ServiceSpecificPermissions p_ssp := omit + ) := { + psid := p_psid, + ssp := p_ssp + } // End of template m_appPermissions + + template PsidSsp mw_appPermissions( + template (present) Psid p_psid := ?, + template ServiceSpecificPermissions p_ssp := * + ) := { + psid := p_psid, + ssp := p_ssp + } // End of template mw_appPermissions + + template (value) PsidSspRange m_psidSspRange( + in Psid p_psid, + in template (value) SspRange p_sspRange := m_SspRange_all + ) := { + psid := p_psid, + sspRange := p_sspRange + } // End of template m_psidSspRange + + template (value) SspRange m_SspRange_all := { + all_ := NULL + } // End of template m_SspRange_all + + template (value) SspRange m_SspRange_opaque( + in template (value) SequenceOfOctetString p_opaque + ) := { + opaque := p_opaque + } // End of template m_SspRange_opaque + + template (value) SspRange m_SspRange_bitmapSspRange( + in template (value) BitmapSspRange p_bitmapSspRange + ) := { + bitmapSspRange := p_bitmapSspRange + } // End of template m_SspRange_bitmapSspRange + + template (value) PsidGroupPermissions m_psidGroupPermissions( + in template (value) SubjectPermissions p_subjectPermissions, + in integer p_minChainLength := 1, + in integer p_chainLengthRange := 0, + in EndEntityType p_eeType := oct2bit('00'O) + ) := { + subjectPermissions := p_subjectPermissions, + minChainLength := p_minChainLength, + chainLengthRange := p_chainLengthRange, + eeType := p_eeType + } // End of template m_psidGroupPermissions + + template (present) PsidGroupPermissions mw_psidGroupPermissions( + template (present) SubjectPermissions p_subjectPermissions := ?, + integer p_minChainLength := 1, + integer p_chainLengthRange := 0, + template (present) EndEntityType p_eeType := ? + ) := { + subjectPermissions := p_subjectPermissions, + minChainLength := p_minChainLength, + chainLengthRange := p_chainLengthRange, + eeType := p_eeType + } // End of template mw_psidGroupPermissions + + template (value) SubjectPermissions m_subjectPermissions_explicit( + in template (value) SequenceOfPsidSspRange p_certIssuePermissions + ) := { + explicit := p_certIssuePermissions + } // End of template m_subjectPermissions_explicit + + template (present) SubjectPermissions mw_subjectPermissions_explicit( + template (present) SequenceOfPsidSspRange p_certIssuePermissions := ? + ) := { + explicit := p_certIssuePermissions + } // End of template mw_subjectPermissions_explicit + + template (value) SubjectPermissions m_subjectPermissions_all := { + all_ := NULL + } // End of template m_subjectPermissions_all + + } // End of group appPermissions + + + group validityRestriction { + + template (value) ValidityPeriod m_validityPeriod( + in template (value) Time32 p_start_, + in template (value) Duration p_duration + ) := { + start_ := p_start_, + duration := p_duration + } // End of template m_validityPeriod + + template (present) ValidityPeriod mw_validityPeriod( + template (present) Time32 p_start_ := ?, + template (present) Duration p_duration := ? + ) := { + start_ := p_start_, + duration := p_duration + } // End of template mw_validityPeriod + + /** + * @desc Send template for Duration (in seconds) + * @param p_duration The duration value + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.18 Duration + */ + template (value) Duration m_duration_in_seconds( + in template (value) Int16 p_duration + ) := { + seconds := p_duration + } // End of template m_duration_in_seconds + + /** + * @desc Send template for Duration (in hours) + * @param p_duration The duration value + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.18 Duration + */ + template (value) Duration m_duration_in_hours( + in template (value) Int16 p_duration + ) := { + hours := p_duration + } // End of template m_duration_in_hours + + /** + * @desc Receive template for Duration (in seconds) + * @param p_duration The duration value + * @see Draft ETSI TS 103 097 V1.3.1 Clause 4.2.18 Duration + */ + template (present) Duration mw_duration_in_seconds( + template (present) Int16 p_duration := ? + ) := { + seconds := p_duration + } // End of template mw_duration_in_seconds + + template (value) Duration m_duration_years( + in template (value) Uint16 p_years + ) := { + years := p_years + } // End of template m_duration_years + + template (present) Duration mw_duration_years( + template (present) Uint16 p_years := ? + ) := { + years := p_years + } // End of template mw_duration_years + + } // End of group validityRestriction + + group ssp { + + group sspCam { + + group sspCamSend { + + template (value) SspCAM m_sspCAMContainer_sign_all := { + cenDsrcTollingZone := '1'B, + publicTransport := '1'B, + specialTransport := '1'B, + dangerousGoods := '1'B, + roadwork := '1'B, + rescue := '1'B, + emergency := '1'B, + safetyCar := '1'B, + closedLanes := '1'B, + requestForRightOfWay := '1'B, + requestForFreeCrossingAtATrafficLight := '1'B, + noPassing := '1'B, + noPassingForTrucks := '1'B, + speedLimit := '1'B, + reserved := '000000000000000000'B + } // End of template m_sspCAMContainer_sign_all + + template (value) SspCAM m_sspCAMContainer_vehicle + modifies m_sspCAMContainer_sign_all := { + cenDsrcTollingZone := '0'B, + closedLanes := '0'B, + noPassing := '0'B, + noPassingForTrucks := '0'B, + speedLimit := '0'B + } // End of template m_sspCAMContainer_vehicle + + template (value) ServiceSpecificPermissions m_sspCAM( + in template (value) BitmapSsp p_bitmapSsp + ) := { + bitmapSsp := p_bitmapSsp + } // End of template m_sspCAM + + } // End of group sspCamSend + + group sspCamRecv { + + template (present) SspCAM mw_sspCAMContainer_dummy := { + cenDsrcTollingZone := ?, + publicTransport := ?, + specialTransport := ?, + dangerousGoods := ?, + roadwork := ?, + rescue := ?, + emergency := ?, + safetyCar := ?, + closedLanes := ?, + requestForRightOfWay := ?, + requestForFreeCrossingAtATrafficLight := ?, + noPassing := ?, + noPassingForTrucks := ?, + speedLimit := ?, + reserved := '000000000000000000'B + } // End of template mw_sspCAMContainer_dummy + + template (present) ServiceSpecificPermissions mw_sspCAM_dummy := { + bitmapSsp := ? + } // End of template mw_sspCAM_dummy + + } // End of group sspCamRecv + + } // End of group sspCam + + group sspDenm { + + group sspDenmSend { + + template (value) SspDENM m_sspDENMContainer_sign_all := { + trafficCondition := '1'B, + accident := '1'B, + roadworks := '1'B, + adverseWeatherCondition_Adhesion := '1'B, + hazardousLocation_SurfaceCondition := '1'B, + hazardousLocation_ObstacleOnTheRoad := '1'B, + hazardousLocation_AnimalOnTheRoad := '1'B, + humanPresenceOnTheRoad := '1'B, + wrongWayDriving := '1'B, + rescueAndRecoveryWorkInProgress := '1'B, + adverseWeatherCondition_ExtremeWeatherCondition := '1'B, + adverseWeatherCondition_Visibility := '1'B, + adverseWeatherCondition_Precipitation := '1'B, + slowVehicle := '1'B, + dangerousEndOfQueue := '1'B, + vehicleBreakdown := '1'B, + postCrash := '1'B, + humanProblem := '1'B, + stationaryVehicle := '1'B, + emergencyVehicleApproaching := '1'B, + hazardousLocation_DangerousCurve := '1'B, + collisionRisk := '1'B, + signalViolation := '1'B, + dangerousSituation := '1'B, + reserved := '00000000'B + } // End of template m_sspDENMContainer_sign_all + + template (value) SspDENM m_sspDENMContainer_vehicle + modifies m_sspDENMContainer_sign_all:= { + trafficCondition := '0'B, + accident := '0'B, + roadworks := '0'B, + adverseWeatherCondition_Adhesion := '0'B, + hazardousLocation_SurfaceCondition := '0'B, + hazardousLocation_ObstacleOnTheRoad := '0'B, + hazardousLocation_AnimalOnTheRoad := '0'B, + slowVehicle := '0'B, + dangerousEndOfQueue := '0'B, + vehicleBreakdown := '0'B, + stationaryVehicle := '0'B + } // End of template m_sspDENMContainer_sign_all + + template (value) SspDENM m_sspDENMContainer_roadSideUnit + modifies m_sspDENMContainer_sign_all:= { + trafficCondition := '0'B, + accident := '0'B, + roadworks := '0'B, + adverseWeatherCondition_Adhesion := '0'B, + hazardousLocation_SurfaceCondition := '0'B, + hazardousLocation_ObstacleOnTheRoad := '0'B, + hazardousLocation_AnimalOnTheRoad := '0'B, + humanPresenceOnTheRoad := '0'B, + wrongWayDriving := '0'B, + rescueAndRecoveryWorkInProgress := '0'B, + adverseWeatherCondition_ExtremeWeatherCondition := '0'B, + adverseWeatherCondition_Visibility := '0'B, + adverseWeatherCondition_Precipitation := '0'B, + postCrash := '0'B, + humanProblem := '0'B, + stationaryVehicle := '0'B, + hazardousLocation_DangerousCurve := '0'B, + collisionRisk := '0'B, + dangerousSituation := '0'B + } // End of template m_sspDENMContainer_roadSideUnit + + template (value) ServiceSpecificPermissions m_sspDENM( + in template (value) BitmapSsp p_bitmapSsp + ) := { + bitmapSsp := p_bitmapSsp + } // End of template m_sspDENM + + } // End of group sspDenmSend + + group sspDenmRecv { + + template (present) SspDENM mw_sspDENMContainer_dummy := { + trafficCondition := ?, + accident := ?, + roadworks := ?, + adverseWeatherCondition_Adhesion := ?, + hazardousLocation_SurfaceCondition := ?, + hazardousLocation_ObstacleOnTheRoad := ?, + hazardousLocation_AnimalOnTheRoad := ?, + humanPresenceOnTheRoad := ?, + wrongWayDriving := ?, + rescueAndRecoveryWorkInProgress := ?, + adverseWeatherCondition_ExtremeWeatherCondition := ?, + adverseWeatherCondition_Visibility := ?, + adverseWeatherCondition_Precipitation := ?, + slowVehicle := ?, + dangerousEndOfQueue := ?, + vehicleBreakdown := ?, + postCrash := ?, + humanProblem := ?, + stationaryVehicle := ?, + emergencyVehicleApproaching := ?, + hazardousLocation_DangerousCurve := ?, + collisionRisk := ?, + signalViolation := ?, + dangerousSituation := ?, + reserved := '00000000'B + } // End of template mw_sspDENMContainer_dummy + + template (present) SspDENM mw_sspDENMContainer_vehicle + modifies mw_sspDENMContainer_dummy := { + trafficCondition := '0'B, + accident := '0'B, + roadworks := '0'B, + adverseWeatherCondition_Adhesion := '0'B, + hazardousLocation_SurfaceCondition := '0'B, + hazardousLocation_ObstacleOnTheRoad := '0'B, + hazardousLocation_AnimalOnTheRoad := '0'B, + slowVehicle := '0'B, + dangerousEndOfQueue := '0'B, + vehicleBreakdown := '0'B, + stationaryVehicle := '0'B + } // End of template mw_sspDENMContainer_vehicle + + template (present) SspDENM mw_sspDENMContainer_roadSideUnit + modifies mw_sspDENMContainer_dummy := { + trafficCondition := '0'B, + accident := '0'B, + roadworks := '0'B, + adverseWeatherCondition_Adhesion := '0'B, + hazardousLocation_SurfaceCondition := '0'B, + hazardousLocation_ObstacleOnTheRoad := '0'B, + hazardousLocation_AnimalOnTheRoad := '0'B, + humanPresenceOnTheRoad := '0'B, + wrongWayDriving := '0'B, + rescueAndRecoveryWorkInProgress := '0'B, + adverseWeatherCondition_ExtremeWeatherCondition := '0'B, + adverseWeatherCondition_Visibility := '0'B, + adverseWeatherCondition_Precipitation := '0'B, + postCrash := '0'B, + humanProblem := '0'B, + stationaryVehicle := '0'B, + hazardousLocation_DangerousCurve := '0'B, + collisionRisk := '0'B, + dangerousSituation := '0'B + } // End of template m_sspDENMContainer_roadSideUnit + + } // End of group sspDenmRecv + + } // End of group sspDenm + + } // End of group ssp + + group utPrimitives { + + template (value) UtGnInitialize m_secGnInitialize( + in Oct8 p_hashedId8 + ) := { + hashedId8 := p_hashedId8 + } // End of template m_secGnInitialize + + } // End of group utPrimitives + +} // End of module LibItsSecurity_Templates diff --git a/lib/LibItsSecurity_TestSystem.ttcn b/lib/LibItsSecurity_TestSystem.ttcn new file mode 100755 index 0000000..3f6b75c --- /dev/null +++ b/lib/LibItsSecurity_TestSystem.ttcn @@ -0,0 +1,50 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 / STF538 + * @version $Url: https://oldforge.etsi.org/svn/LibIts/tags/20170222_STF527_Final/ttcn/Security/LibItsSecurity_TestSystem.ttcn3 $ + * $Id: LibItsSecurity_TestSystem.ttcn3 1318 2017-01-26 10:20:53Z filatov $ + * @desc Test System module for Security Protocol + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + * + */ +module LibItsSecurity_TestSystem { + + // LibCommon + import from LibCommon_DataStrings all; + + // LibIts + import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; + import from IEEE1609dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + // LibItsSecurity + import from LibItsSecurity_TypesAndValues all; + import from LibItsSecurity_Pixits all; + + group componentDefinitions { + + /** + * @desc ITS Security Component + */ + type component ItsSecurityBaseComponent { + + // Certificates + var Certificate vc_aaCertificate; /** Test Adapter AA certificate */ + var Certificate vc_atCertificate; /** Test Adapter AT certificate */ + var Certificate vc_lastAtCertificateUsed; /** Last Test Adapter certificate used in 'f_buildGnSecuredXXX' functions */ + var charstring vc_hashedId8ToBeUsed := PX_IUT_DEFAULT_CERTIFICATE; /** Digest value of the AT certificate to be used by the IUT. Default: CERT_IUT_A_AT */ + + // Private keys + var octetstring vc_signingPrivateKey; + var octetstring vc_encryptPrivateKey; + + // Generation position. See Draft ETSI TS 103 097 V1.1.14 Clause 7.2 Security profiles for DENMs + var ThreeDLocation vc_location; + + } // End of ItsSecurityBaseComponent + + } // End of group componentDefinitions + +} // End of module LibItsSecurity_TestSystem \ No newline at end of file diff --git a/lib/LibItsSecurity_TypesAndValues.ttcn b/lib/LibItsSecurity_TypesAndValues.ttcn new file mode 100755 index 0000000..fb2bcef --- /dev/null +++ b/lib/LibItsSecurity_TypesAndValues.ttcn @@ -0,0 +1,314 @@ +/** + * @author ETSI / STF481 / STF507 / STF517 + * @version $Url: https://oldforge.etsi.org/svn/LibIts/tags/20170222_STF527_Final/ttcn/Security/LibItsSecurity_TypesAndValues.ttcn3 $ + * $Id: LibItsSecurity_TypesAndValues.ttcn3 1318 2017-01-26 10:20:53Z filatov $ + * @desc Module containing types and values for Security Protocol + * @see Draft ETSI TS 103 097 V1.1.14 + * @copyright ETSI Copyright Notification + * No part may be reproduced except as authorized by written permission. + * The copyright and the foregoing restriction extend to reproduction in all media. + * All rights reserved. + */ +module LibItsSecurity_TypesAndValues { + + // LibCommon + import from LibCommon_BasicTypesAndValues all; + import from LibCommon_DataStrings all; + + // LibItsCommon + import from LibItsCommon_Pixits all; + + // LibIts + import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; + import from IEEE1609dot2 language "ASN.1:1997" all; + import from EtsiTs103097Module language "ASN.1:1997" all; + + /** + * @desc Sequence of HashedId8 + */ + type record of HashedId8 HashedId8s; + // Test Adapter certificates & private keys - Valid behavior + const charstring cc_taCert_A := PX_CERT_FOR_TS; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_A_AA := "CERT_TS_A_AA"; + const charstring cc_taCert_A_EA := "CERT_TS_A_EA"; + const charstring cc_taCert_A1 := "CERT_TS_A_A1_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_A2 := "CERT_TS_A_A2_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_A3 := "CERT_TS_A_A3_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_B := "CERT_TS_B_AT"; /** Default certificate, with circular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_B1 := "CERT_TS_B_1_AT"; + const charstring cc_taCert_B_AA := "CERT_TS_B_1_AA"; + const charstring cc_taCert_A_B := "CERT_TS_A_B_AT"; + const charstring cc_taCert_A_B3 := "CERT_TS_A_B3_AT"; + const charstring cc_taCert_C := "CERT_TS_C_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_C1 := "CERT_TS_C1_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_CA1 := "CERT_TS_CA1_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_D := "CERT_TS_D_AT"; /** Certificate with a polygonal region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_E := "CERT_TS_E_AT"; /** Certificate with a region identifier, to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_F := "CERT_TS_F_AT"; /** Certificate that can be used as an unknown certificate for IUT. */ + const charstring cc_taCert_F3 := "CERT_TS_F3_AT"; /** Certificate that can be used as an unknown certificate for IUT with BrainpoolP384 curve. */ + const charstring cc_taCert_G := "CERT_TS_G_AT"; /** to be defined */ + const charstring cc_taCert_EC := "CERT_TS_A_EC"; /** Certificate with a subject type indicating 'enrolment_credentials', to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_AA := "CERT_TS_A_AA"; /** Certificate with a subject type indicating 'authorisation_authority', to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_EA := "CERT_TS_A_EA"; /** Certificate with a subject type indicating 'enrolment_authority', to be used when secured messages are sent from TA to IUT */ + const charstring cc_taCert_CA := "CERT_TS_A_CA"; /** Certificate with a subject type indicating 'root_ca', to be used when secured messages are sent from TA to IUT */ + // Test Adapter certificates & private keys - Inoportune behavior + const charstring cc_taCert_B_BO := "CERT_TS_B_BO_AT"; /** Certificate with a circular region, the IUT position is outside of the region */ + const charstring cc_taCert_C_BO := "CERT_TS_C_BO_AT"; /** Certificate with a rectangular region, the IUT position is outside of the region */ + const charstring cc_taCert_D_BO := "CERT_TS_D_BO_AT"; /** Certificate with a polygonal region, the IUT position is outside of the region */ + const charstring cc_taCert_E_BO := "CERT_TS_E_BO_AT"; /** Certificate with a region identifier, the IUT position is outside of the region */ + const charstring cc_taCert0101_BO := "CERT_TS_01_01_BO_AT"; /** Check that IUT discards the AT certificate with version 3 */ + const charstring cc_taCert0102_BO := "CERT_TS_01_02_BO_AT"; /** Check that IUT discards the AT certificate with version 1 */ + const charstring cc_taCert0103_BO := "CERT_TS_01_03_BO_AT"; /** Check that IUT discards the AA certificate with version 3 */ + const charstring cc_taCert0104_BO := "CERT_TS_01_04_BO_AT"; /** Check that IUT discards the AA certificate with version 1 */ + const charstring cc_taCert0201_BO := "CERT_TS_02_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_credential' */ + const charstring cc_taCert0202_BO := "CERT_TS_02_02_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_credential' */ + const charstring cc_taCert0203_BO := "CERT_TS_02_03_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'enrolment_authority' */ + const charstring cc_taCert0204_BO := "CERT_TS_02_04_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'enrolment_authority' */ + const charstring cc_taCert0301_BO := "CERT_TS_03_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization ticket certificate contains the subject type 'authorization_ticket' */ + const charstring cc_taCert0302_BO := "CERT_TS_03_02_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the authorization authority certificate contains the subject type 'authorization_ticket' */ + const charstring cc_taCert0601_BO := "CERT_TS_06_01_BO_AT"; /** Check that IUT discards a SecuredMessage containing generation_time before the message signing certificate validity period */ + const charstring cc_taCert0602_BO := "CERT_TS_06_02_BO_AT"; /** Check that IUT discards a SecuredMessage containing generation_time after the message signing certificate validity period */ + const charstring cc_taCert0401_BO := "CERT_TS_04_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the issuer certificate of the AA certificate contains the subject type 'authorization_authority' */ + const charstring cc_taCertMsg1301_BO := "CERT_TS_MSG_13_01_BO_AT"; /** Check that IUT discards secured CAM signed with the not yet valid certificate */ + const charstring cc_taCertMsg1302_BO := "CERT_TS_MSG_13_02_BO_AT"; /** Check that IUT discards secured CAM signed with the expired certificate */ + const charstring cc_taCertMsg1303_BO := "CERT_TS_MSG_13_03_BO_AT"; /** Check that IUT discards secured CAM when IUT location is outside the circular validity restriction of the signing certificatee */ + const charstring cc_taCertMsg1304_BO := "CERT_TS_MSG_13_04_BO_AT"; /** Check that IUT discards secured CAM when IUT location is outside the rectangular validity restriction of the signing certificate */ + const charstring cc_taCertMsg1305_BO := "CERT_TS_MSG_13_05_BO_AT"; /** Check that IUT discards secured CAM when IUT location is outside the polygonal validity restriction of the signing certificate */ + const charstring cc_taCertMsg1306_BO := "CERT_TS_MSG_13_06_BO_AT"; /** Check that IUT discards secured CAM when IUT location is outside the identified validity restriction of the signing certificate */ + const charstring cc_taCert0601_BV := "CERT_TS_06_01_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the same circular region validity restriction as its issuing certificate */ + const charstring cc_taCert0602_BV := "CERT_TS_06_02_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0603_BV := "CERT_TS_06_03_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0604_BV := "CERT_TS_06_04_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0605_BV := "CERT_TS_06_05_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the circular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate */ + const charstring cc_taCert0606_BO := "CERT_TS_06_06_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the circular region validity restriction */ + const charstring cc_taCert0607_BO := "CERT_TS_06_07_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is outside of the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0608_BO := "CERT_TS_06_08_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains circular region validity restriction which is not fully covered by the the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0701_BV := "CERT_TS_07_01_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the same rectangular region validity restriction as its issuing certificate */ + const charstring cc_taCert0702_BV := "CERT_TS_07_02_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0703_BV := "CERT_TS_07_03_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the validity restriction with rectangular region which is fully inside in the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0704_BV := "CERT_TS_07_04_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0705_BV := "CERT_TS_07_05_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the rectangular region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate */ + const charstring cc_taCert0706_BO := "CERT_TS_07_06_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the rectangular region validity restriction */ + const charstring cc_taCert0707_BO := "CERT_TS_07_07_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is outside of the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0708_BO := "CERT_TS_07_08_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains rectangular region validity restriction which is not fully covered by the the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0801_BV := "CERT_TS_08_01_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the same polygonal region validity restriction as its issuing certificate */ + const charstring cc_taCert0802_BV := "CERT_TS_08_02_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0803_BV := "CERT_TS_08_03_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0804_BV := "CERT_TS_08_04_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0805_BV := "CERT_TS_08_05_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the identified region validity restriction of its issuing certificate */ + const charstring cc_taCert0806_BO := "CERT_TS_08_06_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the polygonal region validity restriction */ + const charstring cc_taCert0807_BO := "CERT_TS_08_07_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is outside of the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0808_BO := "CERT_TS_08_08_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is outside of the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0809_BO := "CERT_TS_08_09_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message contains polygonal region validity restriction which is not fully covered by the the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0901_BV := "CERT_TS_09_01_BV_AT"; /** Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and without local area definition */ + const charstring cc_taCert0902_BV := "CERT_TS_09_02_BV_AT"; /** Check that the IUT accepts a message when its signing certificate contains the identified region validity restriction with the same identified region as the issuing certificate and with local area definition */ + const charstring cc_taCert0903_BV := "CERT_TS_09_03_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the circular region validity restriction of its issuing certificate */ + const charstring cc_taCert0904_BV := "CERT_TS_09_04_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the rectangular region validity restriction of its issuing certificate */ + const charstring cc_taCert0905_BV := "CERT_TS_09_05_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of this message contains the polygonal region validity restriction which is fully inside in the polygonal region validity restriction of its issuing certificate */ + const charstring cc_taCert0906_BV := "CERT_TS_09_06_BV_AT"; /** Check that the IUT accepts a message when the signing certificate of the message contains the identified region validity restriction with the identified region which is fully covered by the identified region of the validity restriction of its issuing certificate */ + const charstring cc_taCert0907_BO := "CERT_TS_09_07_BO_AT"; /** Check that the IUT discards a message when the signing certificate of this message does not contain the region validity restriction but its issuing certificate contains the identified region validity restriction */ + const charstring cc_taCert0908_BO := "CERT_TS_09_08_BO_AT"; /** Check that the IUT discards a message when the signing certificate and its issuing certificate are both containing the identified region validity restrictions with the same region id but different local regions */ + const charstring cc_taCert0909_BO := "CERT_TS_09_09_BO_AT"; /** Check that the IUT discards a message when the identified region of the validity restriction of its signing certificate is different and not fully covered by the one in the issuing certificate */ + const charstring cc_taCert0910_BO := "CERT_TS_09_10_BO_AT"; /** Check that the IUT discards a message when the identified region validity restriction of its signing certificate contains unknown area code */ + const charstring cc_taCert0911_BO := "CERT_TS_09_11_BO_AT"; /** Check that the IUT discards a message when the identified region validity restriction of its signing certificate contains invalid area code */ + const charstring cc_taCert1001_BO := "CERT_TS_10_01_BO_AT"; /** Check that the IUT discards a message when its signing certificate does not contain the time validity restriction */ + const charstring cc_taCert1002_BO := "CERT_TS_10_02_BO_AT"; /** Check that the IUT discards a message when the issuing certificate of the message signing certificate does not contain the time validity restriction */ + const charstring cc_taCert1003_BO := "CERT_TS_10_03_BO_AT"; /** Check that the IUT discards a message when its signing certificate contains 'time_end' validity restriction */ + const charstring cc_taCert1004_BO := "CERT_TS_10_03_BO_AT"; /** Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction */ + const charstring cc_taCert1005_BO := "CERT_TS_10_03_BO_AT"; /** Check that the IUT discards a message when the issuing certificate of the message signing certificate contains 'time_end' validity restriction */ + const charstring cc_taCert1006_BO := "CERT_TS_10_03_BO_AT"; /** Check that the IUT discards a message when its signing certificate contains 'time_start_and_duration' validity restriction */ + const charstring cc_taCert1101_BO := "CERT_TS_11_01_BO_AT"; /** Check that the IUT discards a message when the validity period of the signing certificate ends after the validity period of its issuing certificate */ + const charstring cc_taCert1102_BO := "CERT_TS_11_02_BO_AT"; /** Check that the IUT discards a message when the validity period of its signing certificate starts before the validity period of the issuing certificate */ + const charstring cc_taCert1103_BO := "CERT_TS_11_03_BO_AT"; /** Check that the IUT discards a message when the issuing certificate of signing certificate is expired but the signing certificate is not expired yet */ + const charstring cc_taCert1104_BO := "CERT_TS_11_04_BO_AT"; /** Check that the IUT discards a message when the validity period of the signing certificate is after the validity period of its issuing certificate */ + const charstring cc_taCert1201_BO := "CERT_TS_12_01_BO_AT"; /** Check that the IUT discards a message when its signing certificate does not contain the SSP-AID subject attribute */ + const charstring cc_taCert1202_BO := "CERT_TS_12_02_BO_AT"; /** Check that the IUT discards a Secured CAM when its signing certificate does not contain a record with AID_CAM in the its_aid_ssp_list subject attribute */ + const charstring cc_taCert1203_BO := "CERT_TS_12_03_BO_AT"; /** Check that the IUT discards a Secured DENM when its signing certificate does not contain a record with AID_DENM in the its_aid_ssp_list subject attribute */ + const charstring cc_taCert1204_BO := "CERT_TS_12_04_BO_AT"; /** Check that the IUT discards a Secured CAM when its signing certificate contains two records with AID_CAM in the its_aid_ssp_list subject attribute */ + const charstring cc_taCert1301_BO := "CERT_TS_13_01_BO_AT"; /** Check that the IUT discards a message when the signing AT certificate contains a CAM AID-SSP record whereas the issuing AA certificate does not contain the record with AID_CAM */ + const charstring cc_taCert1302_BO := "CERT_TS_13_02_BO_AT"; /** Check that the IUT discards a message when the signing AT certificate contains a DENM AID-SSP record whereas the issuing AA certificate does not contain the AID record with AID_DENM */ + const charstring cc_taCert1303_BO := "CERT_TS_13_03_BO_AT"; /** Check that IUT discards a SecuredMessage if the AA certificate does not contain a subject_attribute of type its_aid_list */ + const charstring cc_taCert1401_BO := "CERT_TS_14_01_BO_AT"; /** Check that IUT discards the AT certificate with signer info of type 'certificate' */ + const charstring cc_taCert1402_BO := "CERT_TS_14_02_BO_AT"; /** Check that IUT discards the AT certificate with signer info of type 'certificate_chain' */ + const charstring cc_taCert1403_BO := "CERT_TS_14_03_BO_AT"; /** Check that IUT discards the AT certificate with signer info of type 'certificate_digest_with_other_algorithm' */ + const charstring cc_taCert1501_BO := "CERT_TS_15_01_BO_AT"; /** Check that IUT discards the AA certificate with signer info of type 'certificate' */ + const charstring cc_taCert1502_BO := "CERT_TS_15_02_BO_AT"; /** Check that IUT discards the AA certificate with signer info of type 'certificate_chain' */ + const charstring cc_taCert1503_BO := "CERT_TS_15_03_BO_AT"; /** Check that IUT discards the AA certificate with signer info of type 'certificate_digest_with_other_algorithm' */ + const charstring cc_taCert1601_BO := "CERT_TS_16_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject_name of the AT certificate is not an empty name field */ + const charstring cc_taCert1701_BO := "CERT_TS_17_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject attribute of type assurance_level is missing in the AT certificate */ + const charstring cc_taCert1702_BO := "CERT_TS_17_02_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject attribute of type assurance_level is missing in the AA certificate */ + const charstring cc_taCert1703_BO := "CERT_TS_17_03_BO_AT"; /** Check that IUT discards a SecuredMessage if the assurance level of issuing certificate is less then assurance level of subordinate certificate */ + const charstring cc_taCert1704_BO := "CERT_TS_17_04_BO_AT"; /** Check that IUT discards a SecuredMessage if the assurance level of issuing certificate is equal to the assurance level of the subordinate certificate but the confidence of subject assurance of issuing certificate is less then the confidence of the subordinate certificate */ + const charstring cc_taCert1801_BO := "CERT_TS_18_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject attribute of type verification_key is missing in the AT certificate */ + const charstring cc_taCert1802_BO := "CERT_TS_18_02_BO_AT"; /** Check that IUT discards a SecuredMessage if the subject attribute of type verification_key is missing in the AA certificate */ + const charstring cc_taCert1901_BO := "CERT_TS_19_01_BO_AT"; /** Check that IUT discards a SecuredMessage if the reserved region type has been used in region validity restriction of the AT certificate */ + + // IUT certificates & private keys + const charstring cc_iutCert_C1 := "CERT_IUT_C1_AT"; + const charstring cc_iutCert_CA1 := "CERT_IUT_CA1_AT"; + const charstring cc_iutCert_CA2 := "CERT_IUT_CA2_AT"; + const charstring cc_iutCert_C3 := "CERT_IUT_C3_AA"; + const charstring cc_iutCert_CA3 := "CERT_IUT_CA3_AT"; + const charstring cc_iutCert_CA_AA := "CERT_IUT_CA_AA"; + const charstring cc_iutCert_CC_AA := "CERT_IUT_CC_AA"; + const charstring cc_iutCert_A := "CERT_IUT_A_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_A1 := "CERT_IUT_A1_AT"; + const charstring cc_iutCert_A2 := "CERT_IUT_A2_AT"; + const charstring cc_iutCert_A3 := "CERT_IUT_A3_AT"; + const charstring cc_iutCert_A4 := "CERT_IUT_A4_AT"; + const charstring cc_iutCert_A_AA := "CERT_IUT_A_AA"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT - NistP256*/ + const charstring cc_iutCert_A_N := "CERT_IUT_A_N_AT"; + const charstring cc_iutCert_A_B_N := "CERT_IUT_A_B_N_AT"; + const charstring cc_iutCert_A_B := "CERT_IUT_A_B_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT - BrainpoolP256r1*/ + const charstring cc_iutCert_A_B3 := "CERT_IUT_A_B3_AT"; /** Default certificate, without region validity restriction, to be used when secured messages are sent from TA to IUT - BrainpoolP384r1*/ + const charstring cc_iutCert_A_B3_N := "CERT_IUT_A_B3_N_AT"; + const charstring cc_iutCert_B := "CERT_IUT_B_AT"; /** Default certificate, with circular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_C := "CERT_IUT_C_AT"; /** Certificate with a rectangular region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_D := "CERT_IUT_D_AT"; /** Certificate with a polygonal region, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_E := "CERT_IUT_E_AT"; /** Certificate with a region identifier, to be used when secured messages are sent from TA to IUT */ + const charstring cc_iutCert_F := "CERT_IUT_F_AT"; /** Certificate with a subject type indicating 'enrolment_credentials', to be used when secured messages are sent from TA to IUT */ + + /** + * @desc Specification of basic format elements + * @see Draft ETSI TS 103 097 V1.1.14 Clause 4.2 + */ + group basicFormatElements { + + /** + * @desc Service specific permissions definition for CAM + * @see ETSI EN 302 637-2 V1.3.2 (2014-11) Clause 6.2.2.2 Service Specific Permissions (SSP) + */ + type record SspCAM { + Bit1 cenDsrcTollingZone, + Bit1 publicTransport, + Bit1 specialTransport, + Bit1 dangerousGoods, + Bit1 roadwork, + Bit1 rescue, + Bit1 emergency, + Bit1 safetyCar, + Bit1 closedLanes, + Bit1 requestForRightOfWay, + Bit1 requestForFreeCrossingAtATrafficLight, + Bit1 noPassing, + Bit1 noPassingForTrucks, + Bit1 speedLimit, + Bit18 reserved + } // End of type SspCAM + + /** + * @desc Service specific permissions definition for DENM + * @member trafficCondition + * @member accident + * @member roadworks + * @member adverseWeatherCondition_Adhesion + * @member hazardousLocation_SurfaceCondition + * @member hazardousLocation_ObstacleOnTheRoad + * @member hazardousLocation_AnimalOnTheRoad + * @member humanPresenceOnTheRoad + * @member wrongWayDriving + * @member rescueAndRecoveryWorkInProgress + * @member adverseWeatherCondition_ExtremeWeatherCondition + * @member adverseWeatherCondition_Visibility + * @member adverseWeatherCondition_Precipitation + * @member slowVehicle + * @member dangerousEndOfQueue + * @member vehicleBreakdown + * @member postCrash + * @member humanProblem + * @member stationaryVehicle + * @member emergencyVehicleApproaching + * @member hazardousLocation_DangerousCurve + * @member collisionRisk + * @member signalViolation + * @member dangerousSituation + * @member reserved Reserved for Future Usage + * @see Draft ETSI EN 302 637-3 V1.2.10 Clause 6.2.2.2 Service Specific Permissions (SSP) + */ + type record SspDENM { + Bit1 trafficCondition, + Bit1 accident, + Bit1 roadworks, + Bit1 adverseWeatherCondition_Adhesion, + Bit1 hazardousLocation_SurfaceCondition, + Bit1 hazardousLocation_ObstacleOnTheRoad, + Bit1 hazardousLocation_AnimalOnTheRoad, + Bit1 humanPresenceOnTheRoad, + Bit1 wrongWayDriving, + Bit1 rescueAndRecoveryWorkInProgress, + Bit1 adverseWeatherCondition_ExtremeWeatherCondition, + Bit1 adverseWeatherCondition_Visibility, + Bit1 adverseWeatherCondition_Precipitation, + Bit1 slowVehicle, + Bit1 dangerousEndOfQueue, + Bit1 vehicleBreakdown, + Bit1 postCrash, + Bit1 humanProblem, + Bit1 stationaryVehicle, + Bit1 emergencyVehicleApproaching, + Bit1 hazardousLocation_DangerousCurve, + Bit1 collisionRisk, + Bit1 signalViolation, + Bit1 dangerousSituation, + Bit8 reserved + } // End of type SspDENM + + } // End of group certificateSpecification + + /** + * @desc Send/receive templates for profiles for certificates + * @see Draft ETSI TS 103 097 V1.1.14 Clause 7.4 Profiles for certificate + */ + group profileCertificates { + + type record CertificatesCachingItem { + HashedId8 hashedId8, + EtsiTs103097Certificate certificate + } + type record of CertificatesCachingItem CertificatesCaching; + + } // End of group profileCertificates + + type enumerated SignAlgorithm { + e_nistp_256, + e_brainpool_256, + e_brainpool_384 + } + + group taConfiguration { + + /** + * @desc Describes the Test Adapter security configuration + * @member signingPrivateKey Signing private keys generated by the PKI Infrastructire tool (CertChainGenerator\src\org\etsi\stf440\pki\MainApp.java) + * @member encryptPrivateKey Encryption private keys generated by the PKI Infrastructire tool (CertChainGenerator\src\org\etsi\stf440\pki\MainApp.java) + * @member caCertificate Certificates Authorization certificate generated by the PKI Infrastructire tool + * @member aaCertificate Enrolment Credential certificate generated by the PKI Infrastructire tool + * @member atCertificate Authorization Tickate certificate generated by the PKI Infrastructire tool + * @member location 3D location associated to each configuration + */ + /*type record TaConfig { + Oct32 signingPrivateKey, + Oct32 encryptPrivateKey, + EtsiTs103097Certificate caCertificate, + EtsiTs103097Certificate aaCertificate, + EtsiTs103097Certificate atCertificate, + ThreeDLocation location + }*/ // End of type TaConfig + + /** + * @desc Describes the Test Adapter security configurations + */ + //type set of TaConfig TaConfigs; + + } // End of group taConfiguration + + group utPrimitives { + + } + with { + encode "UpperTester" + } // End of group utPrimitives + +} with { + encode "LibItsSecurity" +} // End of module LibItsSecurity_TypesAndValues diff --git a/lib/asn1 b/lib/asn1 new file mode 160000 index 0000000..d969b70 --- /dev/null +++ b/lib/asn1 @@ -0,0 +1 @@ +Subproject commit d969b705c0b124602867a39a3b48cdf24dfab426 diff --git a/lib/module.mk b/lib/module.mk new file mode 100755 index 0000000..5244864 --- /dev/null +++ b/lib/module.mk @@ -0,0 +1,12 @@ +sources := \ + LibItsSecurity_EncdecDeclarations.ttcn \ + LibItsSecurity_Functions.ttcn \ + LibItsSecurity_Pics.ttcn \ + LibItsSecurity_Pixits.ttcn \ + LibItsSecurity_Templates.ttcn \ + LibItsSecurity_TestSystem.ttcn \ + LibItsSecurity_TypesAndValues.ttcn \ + asn1/EtsiTs103097ExtensionModule.asn \ + asn1/EtsiTs103097Module.asn \ + asn1/ieee1609dot2/Ieee1609Dot2.asn \ + asn1/ieee1609dot2/Ieee1609Dot2BaseTypes.asn \ diff --git a/module.mk b/module.mk new file mode 100755 index 0000000..6559b45 --- /dev/null +++ b/module.mk @@ -0,0 +1,42 @@ +suite := AtsSecurity + +sources := ItsSecurity_Functions.ttcn \ + ItsSecurity_Templates.ttcn \ + ItsSecurity_TestCases.ttcn \ + ItsSecurity_TestControl.ttcn \ + ItsSecurity_TestSystem.ttcn +# ItsSecurity_Pics.ttcn \ + +modules := lib \ + ../LibCommon \ + ../LibIts \ + ../AtsCAM/lib \ + ../AtsDENM/lib \ + ../AtsIS/lib \ + ../AtsGeoNetworking/lib \ + ../AtsIpv6OverGeoNetworking/lib \ + ../AtsBTP/lib \ + ../../ccsrc/Ports/LibIts_ports \ + ../../ccsrc/Ports/LibIts_ports/CAM_ports \ + ../../ccsrc/Ports/LibIts_ports/DENM_ports \ + ../../ccsrc/Ports/LibIts_ports/GN_ports \ + ../../ccsrc/Ports/LibIts_ports/IPv6oGN_ports \ + ../../ccsrc/Ports/LibIts_ports/BTP_ports \ + ../../ccsrc/EncDec \ + ../../ccsrc/Framework \ + ../../ccsrc/Externals \ + ../../ccsrc/geospacial \ + ../../ccsrc/loggers \ + ../../ccsrc/Asn1c \ + ../../ccsrc/Protocols/UpperTester \ + ../../ccsrc/Protocols/Pcap \ + ../../ccsrc/Protocols/ETH \ + ../../ccsrc/Protocols/GeoNetworking \ + ../../ccsrc/Protocols/BTP \ + ../../ccsrc/Protocols/Security \ + ../../ccsrc/Protocols/CAM \ + ../../ccsrc/Protocols/DENM \ +# ../../ccsrc/Protocols/Http \ +# ../../ccsrc/Protocols/IVIM \ +# ../../ccsrc/Protocols/MapemSpatem \ +# ../../ccsrc/Protocols/SremSsem \ -- GitLab From 2ebabe5d85953c2a63d2fa5d249a260162f650b2 Mon Sep 17 00:00:00 2001 From: Denis Filatov Date: Fri, 23 Jul 2021 12:44:24 +0200 Subject: [PATCH 2/9] Initial --- ItsSecurity_Functions.ttcn | 4 +- ItsSecurity_TestCases.ttcn | 32 +++--- lib/LibItsSecurity_EncdecDeclarations.ttcn | 22 ++--- lib/LibItsSecurity_Functions.ttcn | 109 ++++++++++++--------- lib/LibItsSecurity_Pics.ttcn | 4 +- lib/LibItsSecurity_Pixits.ttcn | 4 +- lib/LibItsSecurity_Templates.ttcn | 92 ++++++++--------- lib/LibItsSecurity_TestSystem.ttcn | 4 +- lib/LibItsSecurity_TypesAndValues.ttcn | 4 +- lib/asn1 | 2 +- module.mk | 4 +- 11 files changed, 147 insertions(+), 134 deletions(-) diff --git a/ItsSecurity_Functions.ttcn b/ItsSecurity_Functions.ttcn index 219c35c..b560785 100755 --- a/ItsSecurity_Functions.ttcn +++ b/ItsSecurity_Functions.ttcn @@ -16,8 +16,8 @@ module ItsSecurity_Functions { import from LibCommon_Time all; // LibIts - import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; - import from IEEE1609dot2 language "ASN.1:1997" all; + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; import from ITS_Container language "ASN.1:1997" all; import from DENM_PDU_Descriptions language "ASN.1:1997" all; diff --git a/ItsSecurity_TestCases.ttcn b/ItsSecurity_TestCases.ttcn index 72924b8..38d06f4 100755 --- a/ItsSecurity_TestCases.ttcn +++ b/ItsSecurity_TestCases.ttcn @@ -20,8 +20,8 @@ module ItsSecurity_TestCases { // LibIts //import from DENM_PDU_Descriptions language "ASN.1:1997" all; - import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; - import from IEEE1609dot2 language "ASN.1:1997" all; + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; // LibItsCommon @@ -3000,8 +3000,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_ieee1609Dot2Data( - mw_ieee1609Dot2Data_unsecured + mw_Ieee1609Dot2Data( + mw_Ieee1609Dot2Data_unsecured )), mw_headerInfo_cam ) @@ -3017,8 +3017,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_ieee1609Dot2Data( - mw_ieee1609Dot2Data_unsecured + mw_Ieee1609Dot2Data( + mw_Ieee1609Dot2Data_unsecured )), mw_headerInfo_cam ) @@ -5199,8 +5199,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_ieee1609Dot2Data( - mw_ieee1609Dot2Data_unsecured + mw_Ieee1609Dot2Data( + mw_Ieee1609Dot2Data_unsecured )), mw_headerInfo_denm ) @@ -6775,8 +6775,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_ieee1609Dot2Data( - mw_ieee1609Dot2Data_unsecured + mw_Ieee1609Dot2Data( + mw_Ieee1609Dot2Data_unsecured )), mw_headerInfo_gn ) @@ -6881,8 +6881,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_ieee1609Dot2Data( - mw_ieee1609Dot2Data_unsecured + mw_Ieee1609Dot2Data( + mw_Ieee1609Dot2Data_unsecured )), mw_headerInfo_gn ) @@ -9667,7 +9667,7 @@ module ItsSecurity_TestCases { // [] geoNetworkingPort.receive( // mw_geoNwInd( // mw_geoNwSecPdu( -// mw_ieee1609Dot2Data_dummy, +// mw_Ieee1609Dot2Data_dummy, // mw_geoNwBroadcastPacketWithArea( // mw_longPosVectorPosition( // v_longPosVectorNodeB @@ -9682,7 +9682,7 @@ module ItsSecurity_TestCases { // [] geoNetworkingPort.receive( // mw_geoNwInd( // mw_geoNwSecPdu( -// mw_ieee1609Dot2Data_dummy +// mw_Ieee1609Dot2Data_dummy // ))) { // // Do not restart tc_ac timer // log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); @@ -9718,7 +9718,7 @@ module ItsSecurity_TestCases { // [] geoNetworkingPort.receive( // mw_geoNwInd( // mw_geoNwSecPdu( -// mw_ieee1609Dot2Data_dummy, +// mw_Ieee1609Dot2Data_dummy, // mw_geoNwBroadcastPacketWithArea( // mw_longPosVectorPosition( // v_longPosVectorIut @@ -9733,7 +9733,7 @@ module ItsSecurity_TestCases { // [] geoNetworkingPort.receive( // mw_geoNwInd( // mw_geoNwSecPdu( -// mw_ieee1609Dot2Data_dummy +// mw_Ieee1609Dot2Data_dummy // ))) { // // Do not restart tc_ac timer // log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); diff --git a/lib/LibItsSecurity_EncdecDeclarations.ttcn b/lib/LibItsSecurity_EncdecDeclarations.ttcn index d48e56d..bc18a78 100755 --- a/lib/LibItsSecurity_EncdecDeclarations.ttcn +++ b/lib/LibItsSecurity_EncdecDeclarations.ttcn @@ -1,8 +1,8 @@ module LibItsSecurity_EncdecDeclarations { // LibIts - //import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; - import from IEEE1609dot2 language "ASN.1:1997" all; + //import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; //import from EtsiTs103097Module language "ASN.1:1997" all; import from LibItsSecurity_TypesAndValues all; @@ -12,35 +12,35 @@ module LibItsSecurity_EncdecDeclarations { * @param p The certificate to encode * @return The encode message in OER format */ - external function fx_enc_CertificateBase(in IEEE1609dot2.CertificateBase p) return bitstring + external function fx_enc_CertificateBase(in Ieee1609Dot2.CertificateBase p) return bitstring with {extension "prototype(convert) encode(PER)"} - external function fx_dec_CertificateBase(inout bitstring b, out IEEE1609dot2.CertificateBase p) return integer + external function fx_dec_CertificateBase(inout bitstring b, out Ieee1609Dot2.CertificateBase p) return integer with {extension "prototype(sliding) decode(PER)"} /** - * @desc Encoding function for IEEE1609dot2.ToBeSignedCertificate + * @desc Encoding function for Ieee1609Dot2.ToBeSignedCertificate * @param p The ToBeSign part of the certificate * @return The encode message in OER format */ - external function fx_enc_ToBeSignedCertificate(in IEEE1609dot2.ToBeSignedCertificate p) return bitstring + external function fx_enc_ToBeSignedCertificate(in Ieee1609Dot2.ToBeSignedCertificate p) return bitstring with {extension "prototype(convert) encode(PER)"} /** - * @desc Encoding function for IEEE1609dot2.Ieee1609Dot2Data + * @desc Encoding function for Ieee1609Dot2.Ieee1609Dot2Data * @param p The Ieee1609Dot2Data part of the certificate * @return The encode message in OER format */ - external function fx_enc_Ieee1609Dot2Data(in IEEE1609dot2.Ieee1609Dot2Data p) return bitstring + external function fx_enc_Ieee1609Dot2Data(in Ieee1609Dot2.Ieee1609Dot2Data p) return bitstring with {extension "prototype(convert) encode(PER)"} - external function fx_dec_Ieee1609Dot2Data(inout bitstring p_data, out IEEE1609dot2.Ieee1609Dot2Data p_ieee1609Dot2Data) return integer + external function fx_dec_Ieee1609Dot2Data(inout bitstring p_data, out Ieee1609Dot2.Ieee1609Dot2Data p_Ieee1609Dot2Data) return integer with {extension "prototype(sliding) decode(PER)"} - external function fx_enc_Ieee1609Dot2ToBeSignedData(in IEEE1609dot2.ToBeSignedData p) return bitstring + external function fx_enc_Ieee1609Dot2ToBeSignedData(in Ieee1609Dot2.ToBeSignedData p) return bitstring with {extension "prototype(convert) encode(PER)"} - external function fx_dec_Ieee1609Dot2ToBeSignedData(inout bitstring p_data, out IEEE1609dot2.ToBeSignedData p_toBeSignedData) return integer + external function fx_dec_Ieee1609Dot2ToBeSignedData(inout bitstring p_data, out Ieee1609Dot2.ToBeSignedData p_toBeSignedData) return integer with {extension "prototype(sliding) decode(PER)"} external function fx_enc_SspCAM (LibItsSecurity_TypesAndValues.SspCAM p_ssp) return bitstring diff --git a/lib/LibItsSecurity_Functions.ttcn b/lib/LibItsSecurity_Functions.ttcn index 84af841..c0a90c6 100755 --- a/lib/LibItsSecurity_Functions.ttcn +++ b/lib/LibItsSecurity_Functions.ttcn @@ -16,8 +16,8 @@ module LibItsSecurity_Functions { import from LibCommon_DataStrings all; // LibIts - import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; - import from IEEE1609dot2 language "ASN.1:1997" all; + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; // LibItsCommon @@ -1036,7 +1036,7 @@ module LibItsSecurity_Functions { } ); } else if (p_trailerStatus == 3) { // Signature with reserved algorthm - p_securedMessage := m_ieee1609Dot2Data_wrong_protocol( + p_securedMessage := m_Ieee1609Dot2Data_wrong_protocol( p_protocolVersion, valueof(v_toBeSignedData.header_fields), p_payloadField, @@ -1184,7 +1184,7 @@ module LibItsSecurity_Functions { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; - var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_mandatoryHeaders := valueof(m_Ieee1609Dot2_headerInfo(0)); var HeaderInfo v_signerInfo; // Load certificates if required @@ -1473,7 +1473,7 @@ module LibItsSecurity_Functions { ) runs on ItsSecurityBaseComponent return boolean { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; - var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_mandatoryHeaders := valueof(m_Ieee1609Dot2_headerInfo(0)); var HeaderInfo v_signerInfo; // Load certificates if required @@ -1630,7 +1630,7 @@ module LibItsSecurity_Functions { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; - var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_mandatoryHeaders := valueof(m_Ieee1609Dot2_headerInfo(0)); var HeaderInfo v_signerInfo; // Load certificates if required @@ -1705,7 +1705,7 @@ module LibItsSecurity_Functions { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; - var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_mandatoryHeaders := valueof(m_Ieee1609Dot2_headerInfo(0)); var HeaderInfo v_signerInfo; // Load certificates if required @@ -3076,37 +3076,45 @@ module LibItsSecurity_Functions { in EtsiTs103097Certificate p_cert, in EtsiTs103097Certificate p_cert_issuer ) return boolean { - var ValidityPeriod v_cert_region, v_cert_issuer_region; + var GeographicRegion v_cert_region, v_cert_issuer_region; var boolean v_cert_issuer_region_result; - /* FIXME To be reviewed v_cert_issuer_region_result := f_getCertificateValidityRestriction(p_cert_issuer, e_region, v_cert_issuer_region); - if (f_getCertificateValidityRestriction(p_cert, e_region, v_cert_region) == false) { - if (v_cert_issuer_region_result == true) { - if (v_cert_issuer_region.validity.region.region_type != e_none) { - return false; - } - } - } else if ( - (v_cert_issuer_region_result == true) and - (v_cert_issuer_region.validity.region.region_type != e_none) - ) { - if (v_cert_region.validity.region.region_type == e_circle) { - if (v_cert_issuer_region.validity.region.region_type == e_circle) { - // Check v_cert_region 'circle' is inside v_cert_issuer_region 'circle' - if (f_areCirclesInside(v_cert_region.validity.region.region.circular_region, v_cert_issuer_region.validity.region.region.circular_region) == false) { - log("*** " & testcasename() & ": FAIL: Issuer and issuing certificates circle area does not match ***"); - return false; - } - } - } else if (v_cert_region.validity.region.region_type == e_rectangle) { - if (v_cert_issuer_region.validity.region.region_type == e_rectangle) { - // Check v_cert_region 'rectangle' is inside v_cert_issuer_region 'rectangle' - if (f_areRectanglesInside(v_cert_region.validity.region.region.rectangular_region, v_cert_issuer_region.validity.region.region.rectangular_region) == false) { - log("*** " & testcasename() & ": FAIL: Issuer and issuing certificates rectangle area does not match ***"); - return false; - } - } - } else if (v_cert_region.validity.region.region_type == e_polygon) { + // FIXME To be reviewed + + // Sanity checks + if (ispresent(p_cert.toBeSigned.region) == false) { + log("f_checkRegionValidityRestiction: GeographicRegion missig into certificate"); + return false; + } + if (ispresent(p_cert_issuer.toBeSigned.region) == false) { + // No greographical constraints + return true; + } + v_cert_region := p_cert.toBeSigned.region; + v_cert_issuer_region := p_cert_issuer.toBeSigned.region; + if (ispresent(v_cert_region.circularRegion) and ispresent(v_cert_issuer_region.circularRegion)) { + // Check v_cert_region 'circle' is inside v_cert_issuer_region 'circle' + if (f_areCirclesInside(valueof(v_cert_region.circularRegion), valueof(v_cert_issuer_region.circularRegion)) == false) { + log("f_checkRegionValidityRestiction: FAIL: Issuer and issuing certificates circle area does not match"); + return false; + } + } else if (ispresent(v_cert_region.rectangularRegion) and ispresent(v_cert_issuer_region.rectangularRegion)) { + // Check v_cert_region 'rectangle' is inside v_cert_issuer_region 'rectangle' + if (f_isRectangularRegionsIntersected(v_cert_region.rectangularRegion, v_cert_issuer_region.rectangularRegion) == false) { + log("f_checkRegionValidityRestiction: FAIL: Issuer and issuing certificates rectangle area does not match"); + return false; + } + } else if (ispresent(v_cert_region.polygonalRegion) and ispresent(v_cert_issuer_region.polygonalRegion)) { + // Check v_cert_region 'polygon' is inside v_cert_issuer_region 'polygon' + log("f_checkRegionValidityRestiction: FAIL: Not implemented"); + // TODO + return false; + } else if (ispresent(v_cert_region.identifiedRegion) and ispresent(v_cert_issuer_region.identifiedRegion)) { + log("f_checkRegionValidityRestiction: FAIL: Not implemented"); + // Check id_region + // TODO + } + /*if (v_cert_region.validity.region.region_type == e_polygon) { if (v_cert_issuer_region.validity.region.region_type == e_polygon) { // Check v_cert_region 'polygon' is inside v_cert_issuer_region 'polygon' if (f_arePolygonsInside(v_cert_region.validity.region.region.polygonal_region, v_cert_issuer_region.validity.region.region.polygonal_region) == false) { @@ -3215,20 +3223,23 @@ module LibItsSecurity_Functions { * @return true on success, false otherwise */ function f_isRectangularRegionsIntersected( - in template (value) RectangularRegion p_r1, - in template (value) RectangularRegion p_r2 + in template (value) SequenceOfRectangularRegion p_r1, + in template (value) SequenceOfRectangularRegion p_r2 ) return boolean { - return not ( -//FIXME RGY Titan doesn't support dot notation after valueof at the moment -// valueof(p_r2).northWest.longitude > valueof(p_r1).southEast.longitude or -// valueof(p_r2).southEast.longitude < valueof(p_r1).northWest.longitude or -// valueof(p_r2).southEast.latitude > valueof(p_r1).northWest.latitude or -// valueof(p_r2).northWest.latitude < valueof(p_r1).southEast.latitude - valueof(p_r2.northWest.longitude) > valueof(p_r1.southEast.longitude) or - valueof(p_r2.southEast.longitude) < valueof(p_r1.northWest.longitude) or - valueof(p_r2.southEast.latitude) > valueof(p_r1.northWest.latitude) or - valueof(p_r2.northWest.latitude) < valueof(p_r1.southEast.latitude) - ); + var integer v_min := f_min(lengthof(p_r1), lengthof(p_r2)); + + for (var integer i := 0; i < v_min; i := i + 1) { + if (not ( + valueof(p_r2[i].northWest.longitude) > valueof(p_r1[i].southEast.longitude) or + valueof(p_r2[i].southEast.longitude) < valueof(p_r1[i].northWest.longitude) or + valueof(p_r2[i].southEast.latitude) > valueof(p_r1[i].northWest.latitude) or + valueof(p_r2[i].northWest.latitude) < valueof(p_r1[i].southEast.latitude) + )) { + return false; + } + } // End of 'for' statement + + return true; } // End of function f_isRectangularRegionsIntersected function f_isContinuousRectangularRegions( diff --git a/lib/LibItsSecurity_Pics.ttcn b/lib/LibItsSecurity_Pics.ttcn index 4265a9f..ce71b56 100755 --- a/lib/LibItsSecurity_Pics.ttcn +++ b/lib/LibItsSecurity_Pics.ttcn @@ -12,8 +12,8 @@ module LibItsSecurity_Pics { // LibIts - import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; - import from IEEE1609dot2 language "ASN.1:1997" all; + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; // LibItsSecurity diff --git a/lib/LibItsSecurity_Pixits.ttcn b/lib/LibItsSecurity_Pixits.ttcn index c25a11e..4d62565 100755 --- a/lib/LibItsSecurity_Pixits.ttcn +++ b/lib/LibItsSecurity_Pixits.ttcn @@ -16,8 +16,8 @@ module LibItsSecurity_Pixits { import from LibCommon_DataStrings all; // LibIts - import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; - import from IEEE1609dot2 language "ASN.1:1997" all; + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; /** diff --git a/lib/LibItsSecurity_Templates.ttcn b/lib/LibItsSecurity_Templates.ttcn index d40792a..88a1c4d 100755 --- a/lib/LibItsSecurity_Templates.ttcn +++ b/lib/LibItsSecurity_Templates.ttcn @@ -22,8 +22,8 @@ module LibItsSecurity_Templates { import from LibItsGeoNetworking_TypesAndValues all; // LibIts - import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; - import from IEEE1609dot2 language "ASN.1:1997" all; + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; // LibItsSecurity @@ -56,22 +56,22 @@ module LibItsSecurity_Templates { /** * @desc Minimal value of Longitude */ - const SecLongitude c_minLongitude := -1799999999; // TODO Use constant from IEEE1609dot2BaseTypes + const SecLongitude c_minLongitude := -1799999999; // TODO Use constant from Ieee1609Dot2BaseTypes /** * @desc Maximal value of Longitude */ - const SecLongitude c_maxLongitude := 1800000000; // TODO Use constant from IEEE1609dot2BaseTypes + const SecLongitude c_maxLongitude := 1800000000; // TODO Use constant from Ieee1609Dot2BaseTypes /** * @desc Minimal value of Latitude */ - const SecLatitude c_minLatitude := -900000000; // TODO Use constant from IEEE1609dot2BaseTypes + const SecLatitude c_minLatitude := -900000000; // TODO Use constant from Ieee1609Dot2BaseTypes /** * @desc Maximal value of Latitude */ - const SecLatitude c_maxLatitude := 900000000; // TODO Use constant from IEEE1609dot2BaseTypes + const SecLatitude c_maxLatitude := 900000000; // TODO Use constant from Ieee1609Dot2BaseTypes /** * @desc List of ISO-3166 country codes @@ -793,71 +793,71 @@ module LibItsSecurity_Templates { * @desc Send/Receive templates for Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - group ieee1609Dot2Data { + group Ieee1609Dot2Data { /** * @desc Send template for Ieee1609Dot2Data * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (value) Ieee1609Dot2Data m_ieee1609Dot2Data( + template (value) Ieee1609Dot2Data m_Ieee1609Dot2Data( in template (value) Ieee1609Dot2Content p_content ) := { protocolVersion := c_protocol_version, content := p_content - } // End of template m_ieee1609Dot2Data + } // End of template m_Ieee1609Dot2Data /** * @desc Receive template for Ieee1609Dot2Data * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (present) Ieee1609Dot2Data mw_ieee1609Dot2Data( + template (present) Ieee1609Dot2Data mw_Ieee1609Dot2Data( template (present) Ieee1609Dot2Content p_content := ? ) := { protocolVersion := c_protocol_version, content := p_content - } // End of template mw_ieee1609Dot2Data + } // End of template mw_Ieee1609Dot2Data /** * @desc Send template for 'unsecured' Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (value) Ieee1609Dot2Content m_ieee1609Dot2Data_unsecured( + template (value) Ieee1609Dot2Content m_Ieee1609Dot2Data_unsecured( in template (value) Opaque p_unsecuredData ) := { unsecuredData := p_unsecuredData - } // End of template m_ieee1609Dot2Data_unsecured + } // End of template m_Ieee1609Dot2Data_unsecured /** * @desc Receive template for 'unsecured' Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (present) Ieee1609Dot2Content mw_ieee1609Dot2Data_unsecured( + template (present) Ieee1609Dot2Content mw_Ieee1609Dot2Data_unsecured( template (present) Opaque p_unsecuredData := ? ) := { unsecuredData := p_unsecuredData - } // End of template mw_ieee1609Dot2Data_unsecured + } // End of template mw_Ieee1609Dot2Data_unsecured /** * @desc Send template for 'signed' Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (value) Ieee1609Dot2Content m_ieee1609Dot2Data_signed( + template (value) Ieee1609Dot2Content m_Ieee1609Dot2Data_signed( in template (value) SignedData p_signedData ) := { signedData := p_signedData - } // End of template m_ieee1609Dot2Data_signed + } // End of template m_Ieee1609Dot2Data_signed /** * @desc Send template for 'signed' Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (present) Ieee1609Dot2Content mw_ieee1609Dot2Data_signed( + template (present) Ieee1609Dot2Content mw_Ieee1609Dot2Data_signed( template (present) SignedData p_signedData := ? ) := { signedData := p_signedData - } // End of template mw_ieee1609Dot2Data_signed + } // End of template mw_Ieee1609Dot2Data_signed - } // End of group ieee1609Dot2Data + } // End of group Ieee1609Dot2Data /** * @desc Send/Receive templates for HeaderInfo @@ -868,7 +868,7 @@ module LibItsSecurity_Templates { /** * @desc Basic send HeaderInfo template with ETSI ITS restrction */ - template (omit) HeaderInfo m_ieee1609Dot2_headerInfo( + template (omit) HeaderInfo m_Ieee1609Dot2_headerInfo( in template (value) Psid p_psid ) := { psid := p_psid, @@ -880,12 +880,12 @@ module LibItsSecurity_Templates { encryptionKey := omit, inlineP2pcdRequest := omit, requestedCertificate := omit - } // End of template m_ieee1609Dot2_headerInfo + } // End of template m_Ieee1609Dot2_headerInfo /** * @desc Basic receive HeaderInfo template with ETSI ITS restrction */ - template (present) HeaderInfo mw_ieee1609Dot2_headerInfo( + template (present) HeaderInfo mw_Ieee1609Dot2_headerInfo( template (present) Psid p_psid := ? ) := { psid := p_psid, @@ -897,15 +897,15 @@ module LibItsSecurity_Templates { encryptionKey := omit, inlineP2pcdRequest := omit, requestedCertificate := omit - } // End of template mw_ieee1609Dot2_headerInfo + } // End of template mw_Ieee1609Dot2_headerInfo /** * @desc Basic receive HeaderInfo template with ETSI ITS restrction */ - template (present) HeaderInfo mw_ieee1609Dot2_headerInfo_request_certificate( + template (present) HeaderInfo mw_Ieee1609Dot2_headerInfo_request_certificate( template (present) Psid p_psid := ?, template (present) Certificate p_requestedCertificate := ? - ) modifies mw_ieee1609Dot2_headerInfo := { + ) modifies mw_Ieee1609Dot2_headerInfo := { psid := p_psid, generationTime := *, expiryTime := *, @@ -915,7 +915,7 @@ module LibItsSecurity_Templates { encryptionKey := omit, inlineP2pcdRequest := omit, requestedCertificate := p_requestedCertificate - } // End of template mw_ieee1609Dot2_headerInfo + } // End of template mw_Ieee1609Dot2_headerInfo /** * @desc CAM specific send HeaderInfo template with ETSI ITS restrction @@ -927,7 +927,7 @@ module LibItsSecurity_Templates { in template (value) Time64 p_generationTime, in template (omit) Time64 p_expiryTime := omit, in template (omit) SequenceOfHashedId3 p_inlineP2pcdRequest := omit - ) modifies m_ieee1609Dot2_headerInfo := { + ) modifies m_Ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := p_expiryTime, generationLocation := omit, @@ -944,7 +944,7 @@ module LibItsSecurity_Templates { template (present) Time64 p_generationTime := ?, template SequenceOfHashedId3 p_inlineP2pcdRequest := omit, template Certificate p_requestedCertificate := omit - ) modifies mw_ieee1609Dot2_headerInfo := { + ) modifies mw_Ieee1609Dot2_headerInfo := { psid := c_its_aid_CAM, generationTime := p_generationTime, expiryTime := omit, @@ -962,7 +962,7 @@ module LibItsSecurity_Templates { in template (value) Time64 p_generationTime, in template (value) ThreeDLocation p_generationLocation, in template (omit) Time64 p_expiryTime := omit - ) modifies m_ieee1609Dot2_headerInfo := { + ) modifies m_Ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := p_expiryTime, generationLocation := p_generationLocation @@ -977,7 +977,7 @@ module LibItsSecurity_Templates { template (present) Time64 p_generationTime := ?, template (present) ThreeDLocation p_generationLocation := ?, template Time64 p_expiryTime := omit - ) modifies mw_ieee1609Dot2_headerInfo := { + ) modifies mw_Ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := p_expiryTime, generationLocation := p_generationLocation @@ -990,7 +990,7 @@ module LibItsSecurity_Templates { template (omit) HeaderInfo m_headerInfo_gn( in template (value) Psid p_psid := c_its_aid_GN, in template (value) Time64 p_generationTime - ) modifies m_ieee1609Dot2_headerInfo := { + ) modifies m_Ieee1609Dot2_headerInfo := { generationTime := p_generationTime } // End of template m_headerInfo_gn @@ -1001,7 +1001,7 @@ module LibItsSecurity_Templates { template (present) HeaderInfo mw_headerInfo_gn( template (present) Psid p_psid := c_its_aid_GN, template (present) Time64 p_generationTime := ? - ) modifies mw_ieee1609Dot2_headerInfo := { + ) modifies mw_Ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := *, generationLocation := *, @@ -1013,14 +1013,14 @@ module LibItsSecurity_Templates { template (omit) HeaderInfo m_headerInfo_inner_pki_request( in template (value) Psid p_psid := c_its_aid_SCR, in template (value) Time64 p_generationTime - ) modifies m_ieee1609Dot2_headerInfo := { + ) modifies m_Ieee1609Dot2_headerInfo := { generationTime := p_generationTime }; template (omit) HeaderInfo m_headerInfo_inner_pki_response( in template (value) Psid p_psid := c_its_aid_SCR, in template (value) Time64 p_generationTime - ) modifies m_ieee1609Dot2_headerInfo := { + ) modifies m_Ieee1609Dot2_headerInfo := { generationTime := p_generationTime }; @@ -1032,7 +1032,7 @@ module LibItsSecurity_Templates { template HeaderInfo mw_headerInfo_inner_pki_response( template (present) Psid p_psid := c_its_aid_SCR, template Time64 p_generationTime := * - ) modifies mw_ieee1609Dot2_headerInfo := { + ) modifies mw_Ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := omit, generationLocation := omit @@ -1242,10 +1242,11 @@ module LibItsSecurity_Templates { template (omit) EtsiTs103097Certificate m_etsiTs103097Certificate( in template (value) IssuerIdentifier p_issuer, in template (value) ToBeSignedCertificate p_toBeSigned, - in template (omit) Signature p_signature_ := omit + in template (omit) Signature p_signature_ := omit, + in template (value) CertificateType p_type_ := explicit ) := { version := c_certificate_version, - type_ := explicit, + type_ := p_type_, issuer := p_issuer, toBeSigned := p_toBeSigned, signature_ := p_signature_ @@ -1263,10 +1264,11 @@ module LibItsSecurity_Templates { template (present) EtsiTs103097Certificate mw_etsiTs103097Certificate( template (present) IssuerIdentifier p_issuer := ?, template (present) ToBeSignedCertificate p_toBeSigned := ?, - template (present) Signature p_signature_ := ? + template Signature p_signature_ := ?, + template (present) CertificateType p_type_ := explicit ) := { version := c_certificate_version, - type_ := explicit, + type_ := p_type_, issuer := p_issuer, toBeSigned := p_toBeSigned, signature_ := p_signature_ @@ -1352,9 +1354,9 @@ module LibItsSecurity_Templates { template (present) CertificateId p_id := ?, template (present) SequenceOfPsidSsp p_appPermissions := ?, template (present) SequenceOfPsidGroupPermissions p_certIssuePermissions := ?, - template (present) SequenceOfPsidGroupPermissions p_certRequestPermissions := ?, template (present) VerificationKeyIndicator p_verifyKeyIndicator := ?, template (present) ValidityPeriod p_validityPeriod := ?, + template SequenceOfPsidGroupPermissions p_certRequestPermissions := *, template GeographicRegion p_region := *, template SubjectAssurance p_assuranceLevel := *, template PublicEncryptionKey p_encryptionKey := * @@ -1365,13 +1367,13 @@ module LibItsSecurity_Templates { validityPeriod := p_validityPeriod, region := p_region, assuranceLevel := p_assuranceLevel, - appPermissions := omit, + appPermissions := ?, certIssuePermissions := p_certIssuePermissions, certRequestPermissions := p_certRequestPermissions, canRequestRollover := omit, encryptionKey := p_encryptionKey, verifyKeyIndicator := p_verifyKeyIndicator - } // End of template mw_toBeSignedCertificate + } // End of template mw_toBeSignedCertificate_ca /** * @desc Send template for ToBeSignedCertificate with Enrolment credential restrictions @@ -1726,8 +1728,8 @@ module LibItsSecurity_Templates { } // End of template m_appPermissions template PsidSsp mw_appPermissions( - template (present) Psid p_psid := ?, - template ServiceSpecificPermissions p_ssp := * + template (present) Psid p_psid := ?, + template ServiceSpecificPermissions p_ssp := * ) := { psid := p_psid, ssp := p_ssp diff --git a/lib/LibItsSecurity_TestSystem.ttcn b/lib/LibItsSecurity_TestSystem.ttcn index 3f6b75c..e61464a 100755 --- a/lib/LibItsSecurity_TestSystem.ttcn +++ b/lib/LibItsSecurity_TestSystem.ttcn @@ -15,8 +15,8 @@ module LibItsSecurity_TestSystem { import from LibCommon_DataStrings all; // LibIts - import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; - import from IEEE1609dot2 language "ASN.1:1997" all; + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; // LibItsSecurity diff --git a/lib/LibItsSecurity_TypesAndValues.ttcn b/lib/LibItsSecurity_TypesAndValues.ttcn index fb2bcef..1fcaad2 100755 --- a/lib/LibItsSecurity_TypesAndValues.ttcn +++ b/lib/LibItsSecurity_TypesAndValues.ttcn @@ -19,8 +19,8 @@ module LibItsSecurity_TypesAndValues { import from LibItsCommon_Pixits all; // LibIts - import from IEEE1609dot2BaseTypes language "ASN.1:1997" all; - import from IEEE1609dot2 language "ASN.1:1997" all; + import from Ieee1609Dot2BaseTypes language "ASN.1:1997" all; + import from Ieee1609Dot2 language "ASN.1:1997" all; import from EtsiTs103097Module language "ASN.1:1997" all; /** diff --git a/lib/asn1 b/lib/asn1 index d969b70..2962a5b 160000 --- a/lib/asn1 +++ b/lib/asn1 @@ -1 +1 @@ -Subproject commit d969b705c0b124602867a39a3b48cdf24dfab426 +Subproject commit 2962a5ba571966771fbfd79a3ae0509487b366f0 diff --git a/module.mk b/module.mk index 6559b45..1dc2640 100755 --- a/module.mk +++ b/module.mk @@ -5,14 +5,12 @@ sources := ItsSecurity_Functions.ttcn \ ItsSecurity_TestCases.ttcn \ ItsSecurity_TestControl.ttcn \ ItsSecurity_TestSystem.ttcn -# ItsSecurity_Pics.ttcn \ modules := lib \ ../LibCommon \ ../LibIts \ ../AtsCAM/lib \ ../AtsDENM/lib \ - ../AtsIS/lib \ ../AtsGeoNetworking/lib \ ../AtsIpv6OverGeoNetworking/lib \ ../AtsBTP/lib \ @@ -36,6 +34,8 @@ modules := lib \ ../../ccsrc/Protocols/Security \ ../../ccsrc/Protocols/CAM \ ../../ccsrc/Protocols/DENM \ + +# ../AtsIS/lib \ # ../../ccsrc/Protocols/Http \ # ../../ccsrc/Protocols/IVIM \ # ../../ccsrc/Protocols/MapemSpatem \ -- GitLab From c9582547552d098370b4e418ebb89bd0bcbf2875 Mon Sep 17 00:00:00 2001 From: Denis Filatov Date: Wed, 29 Sep 2021 13:19:30 +0200 Subject: [PATCH 3/9] use new 1609.2 version --- lib/asn1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/asn1 b/lib/asn1 index 2962a5b..c4d1385 160000 --- a/lib/asn1 +++ b/lib/asn1 @@ -1 +1 @@ -Subproject commit 2962a5ba571966771fbfd79a3ae0509487b366f0 +Subproject commit c4d138571dcbca3e83970256b4780b566fcb4580 -- GitLab From fc0d22c12e35c9b4b6803035258d4dab73cb1f31 Mon Sep 17 00:00:00 2001 From: Denis Filatov Date: Wed, 29 Sep 2021 14:31:26 +0200 Subject: [PATCH 4/9] IPv6 lib case error --- module.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/module.mk b/module.mk index 1dc2640..40dde6b 100755 --- a/module.mk +++ b/module.mk @@ -12,7 +12,7 @@ modules := lib \ ../AtsCAM/lib \ ../AtsDENM/lib \ ../AtsGeoNetworking/lib \ - ../AtsIpv6OverGeoNetworking/lib \ + ../AtsIPv6OverGeoNetworking/lib \ ../AtsBTP/lib \ ../../ccsrc/Ports/LibIts_ports \ ../../ccsrc/Ports/LibIts_ports/CAM_ports \ -- GitLab From 6ec60e1dff4d3b10a3aa98b8348acd39f7dfb6df Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Thu, 28 Oct 2021 11:48:33 +0200 Subject: [PATCH 5/9] Merging TTF002 in TTF011 - Phase1: AtsCAM, AtsDENM, AtsGeoNetworking, AtsSecurity, AtsPki --- ItsSecurity_Functions.ttcn | 0 ItsSecurity_Templates.ttcn | 0 ItsSecurity_TestCases.ttcn | 32 ++++++------ ItsSecurity_TestControl.ttcn | 0 ItsSecurity_TestSystem.ttcn | 4 +- LICENSE | 0 lib/LibItsSecurity_EncdecDeclarations.ttcn | 3 +- lib/LibItsSecurity_Functions.ttcn | 10 ++-- lib/LibItsSecurity_Pics.ttcn | 0 lib/LibItsSecurity_Pixits.ttcn | 0 lib/LibItsSecurity_Templates.ttcn | 60 +++++++++++----------- lib/LibItsSecurity_TestSystem.ttcn | 0 lib/LibItsSecurity_TypesAndValues.ttcn | 0 lib/module.mk | 0 module.mk | 6 ++- 15 files changed, 58 insertions(+), 57 deletions(-) mode change 100755 => 100644 ItsSecurity_Functions.ttcn mode change 100755 => 100644 ItsSecurity_Templates.ttcn mode change 100755 => 100644 ItsSecurity_TestCases.ttcn mode change 100755 => 100644 ItsSecurity_TestControl.ttcn mode change 100755 => 100644 ItsSecurity_TestSystem.ttcn mode change 100755 => 100644 LICENSE mode change 100755 => 100644 lib/LibItsSecurity_EncdecDeclarations.ttcn mode change 100755 => 100644 lib/LibItsSecurity_Functions.ttcn mode change 100755 => 100644 lib/LibItsSecurity_Pics.ttcn mode change 100755 => 100644 lib/LibItsSecurity_Pixits.ttcn mode change 100755 => 100644 lib/LibItsSecurity_Templates.ttcn mode change 100755 => 100644 lib/LibItsSecurity_TestSystem.ttcn mode change 100755 => 100644 lib/LibItsSecurity_TypesAndValues.ttcn mode change 100755 => 100644 lib/module.mk mode change 100755 => 100644 module.mk diff --git a/ItsSecurity_Functions.ttcn b/ItsSecurity_Functions.ttcn old mode 100755 new mode 100644 diff --git a/ItsSecurity_Templates.ttcn b/ItsSecurity_Templates.ttcn old mode 100755 new mode 100644 diff --git a/ItsSecurity_TestCases.ttcn b/ItsSecurity_TestCases.ttcn old mode 100755 new mode 100644 index 38d06f4..86847c8 --- a/ItsSecurity_TestCases.ttcn +++ b/ItsSecurity_TestCases.ttcn @@ -1,5 +1,5 @@ /** - * @author ETSI / STF481 / STF507 / STF517 / STF538 / TTF002 / STF594 + * @author ETSI / STF481 / STF507 / STF517 / STF538 / TTF002 / TTF011 / STF594 * @version $Url$ * $Id$ * @desc Testcases file for Security Protocol @@ -40,8 +40,6 @@ module ItsSecurity_TestCases { // LibItsCam import from LibItsCam_Templates all; import from LibItsCam_Functions all; - import from LibItsCam_Templates all; - import from LibItsCam_Functions all; import from LibItsCam_TestSystem all; // LibItsDenm @@ -3000,8 +2998,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_Ieee1609Dot2Data( - mw_Ieee1609Dot2Data_unsecured + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured )), mw_headerInfo_cam ) @@ -3017,8 +3015,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_Ieee1609Dot2Data( - mw_Ieee1609Dot2Data_unsecured + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured )), mw_headerInfo_cam ) @@ -5199,8 +5197,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_Ieee1609Dot2Data( - mw_Ieee1609Dot2Data_unsecured + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured )), mw_headerInfo_denm ) @@ -6775,8 +6773,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_Ieee1609Dot2Data( - mw_Ieee1609Dot2Data_unsecured + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured )), mw_headerInfo_gn ) @@ -6881,8 +6879,8 @@ module ItsSecurity_TestCases { -, mw_toBeSignedData( mw_signedDataPayload( - mw_Ieee1609Dot2Data( - mw_Ieee1609Dot2Data_unsecured + mw_ieee1609Dot2Data( + mw_ieee1609Dot2Data_unsecured )), mw_headerInfo_gn ) @@ -9667,7 +9665,7 @@ module ItsSecurity_TestCases { // [] geoNetworkingPort.receive( // mw_geoNwInd( // mw_geoNwSecPdu( -// mw_Ieee1609Dot2Data_dummy, +// mw_ieee1609Dot2Data_dummy, // mw_geoNwBroadcastPacketWithArea( // mw_longPosVectorPosition( // v_longPosVectorNodeB @@ -9682,7 +9680,7 @@ module ItsSecurity_TestCases { // [] geoNetworkingPort.receive( // mw_geoNwInd( // mw_geoNwSecPdu( -// mw_Ieee1609Dot2Data_dummy +// mw_ieee1609Dot2Data_dummy // ))) { // // Do not restart tc_ac timer // log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); @@ -9718,7 +9716,7 @@ module ItsSecurity_TestCases { // [] geoNetworkingPort.receive( // mw_geoNwInd( // mw_geoNwSecPdu( -// mw_Ieee1609Dot2Data_dummy, +// mw_ieee1609Dot2Data_dummy, // mw_geoNwBroadcastPacketWithArea( // mw_longPosVectorPosition( // v_longPosVectorIut @@ -9733,7 +9731,7 @@ module ItsSecurity_TestCases { // [] geoNetworkingPort.receive( // mw_geoNwInd( // mw_geoNwSecPdu( -// mw_Ieee1609Dot2Data_dummy +// mw_ieee1609Dot2Data_dummy // ))) { // // Do not restart tc_ac timer // log("*** " & testcasename() & ": INFO: Unexpected GN message ignored ***"); diff --git a/ItsSecurity_TestControl.ttcn b/ItsSecurity_TestControl.ttcn old mode 100755 new mode 100644 diff --git a/ItsSecurity_TestSystem.ttcn b/ItsSecurity_TestSystem.ttcn old mode 100755 new mode 100644 index 62762a3..5ac3be8 --- a/ItsSecurity_TestSystem.ttcn +++ b/ItsSecurity_TestSystem.ttcn @@ -35,6 +35,6 @@ module ItsSecurity_TestSystem { port LibItsDenm_TestSystem.UpperTesterPort denmUtPort; port LibItsCam_TestSystem.UpperTesterPort camUtPort; - } // end ItsGeoNetworkingSystem + } // End of ItsSecSystem -} // End of module ItsSecurity_TestSystem \ No newline at end of file +} // End of module ItsSecurity_TestSystem diff --git a/LICENSE b/LICENSE old mode 100755 new mode 100644 diff --git a/lib/LibItsSecurity_EncdecDeclarations.ttcn b/lib/LibItsSecurity_EncdecDeclarations.ttcn old mode 100755 new mode 100644 index bc18a78..8c562aa --- a/lib/LibItsSecurity_EncdecDeclarations.ttcn +++ b/lib/LibItsSecurity_EncdecDeclarations.ttcn @@ -5,6 +5,7 @@ module LibItsSecurity_EncdecDeclarations { import from Ieee1609Dot2 language "ASN.1:1997" all; //import from EtsiTs103097Module language "ASN.1:1997" all; + // LibItsSecurity import from LibItsSecurity_TypesAndValues all; /** @@ -34,7 +35,7 @@ module LibItsSecurity_EncdecDeclarations { external function fx_enc_Ieee1609Dot2Data(in Ieee1609Dot2.Ieee1609Dot2Data p) return bitstring with {extension "prototype(convert) encode(PER)"} - external function fx_dec_Ieee1609Dot2Data(inout bitstring p_data, out Ieee1609Dot2.Ieee1609Dot2Data p_Ieee1609Dot2Data) return integer + external function fx_dec_Ieee1609Dot2Data(inout bitstring p_data, out Ieee1609Dot2.Ieee1609Dot2Data p_ieee1609Dot2Data) return integer with {extension "prototype(sliding) decode(PER)"} external function fx_enc_Ieee1609Dot2ToBeSignedData(in Ieee1609Dot2.ToBeSignedData p) return bitstring diff --git a/lib/LibItsSecurity_Functions.ttcn b/lib/LibItsSecurity_Functions.ttcn old mode 100755 new mode 100644 index c0a90c6..239c0b8 --- a/lib/LibItsSecurity_Functions.ttcn +++ b/lib/LibItsSecurity_Functions.ttcn @@ -1036,7 +1036,7 @@ module LibItsSecurity_Functions { } ); } else if (p_trailerStatus == 3) { // Signature with reserved algorthm - p_securedMessage := m_Ieee1609Dot2Data_wrong_protocol( + p_securedMessage := m_ieee1609Dot2Data_wrong_protocol( p_protocolVersion, valueof(v_toBeSignedData.header_fields), p_payloadField, @@ -1184,7 +1184,7 @@ module LibItsSecurity_Functions { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; - var HeaderInfo v_mandatoryHeaders := valueof(m_Ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); var HeaderInfo v_signerInfo; // Load certificates if required @@ -1473,7 +1473,7 @@ module LibItsSecurity_Functions { ) runs on ItsSecurityBaseComponent return boolean { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; - var HeaderInfo v_mandatoryHeaders := valueof(m_Ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); var HeaderInfo v_signerInfo; // Load certificates if required @@ -1630,7 +1630,7 @@ module LibItsSecurity_Functions { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; - var HeaderInfo v_mandatoryHeaders := valueof(m_Ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); var HeaderInfo v_signerInfo; // Load certificates if required @@ -1705,7 +1705,7 @@ module LibItsSecurity_Functions { // Local variables var EtsiTs103097Certificate v_aaCertificate, v_atCertificate; - var HeaderInfo v_mandatoryHeaders := valueof(m_Ieee1609Dot2_headerInfo(0)); + var HeaderInfo v_mandatoryHeaders := valueof(m_ieee1609Dot2_headerInfo(0)); var HeaderInfo v_signerInfo; // Load certificates if required diff --git a/lib/LibItsSecurity_Pics.ttcn b/lib/LibItsSecurity_Pics.ttcn old mode 100755 new mode 100644 diff --git a/lib/LibItsSecurity_Pixits.ttcn b/lib/LibItsSecurity_Pixits.ttcn old mode 100755 new mode 100644 diff --git a/lib/LibItsSecurity_Templates.ttcn b/lib/LibItsSecurity_Templates.ttcn old mode 100755 new mode 100644 index 88a1c4d..3f03497 --- a/lib/LibItsSecurity_Templates.ttcn +++ b/lib/LibItsSecurity_Templates.ttcn @@ -793,71 +793,71 @@ module LibItsSecurity_Templates { * @desc Send/Receive templates for Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - group Ieee1609Dot2Data { + group ieee1609Dot2Data { /** * @desc Send template for Ieee1609Dot2Data * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (value) Ieee1609Dot2Data m_Ieee1609Dot2Data( + template (value) Ieee1609Dot2Data m_ieee1609Dot2Data( in template (value) Ieee1609Dot2Content p_content ) := { protocolVersion := c_protocol_version, content := p_content - } // End of template m_Ieee1609Dot2Data + } // End of template m_ieee1609Dot2Data /** * @desc Receive template for Ieee1609Dot2Data * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (present) Ieee1609Dot2Data mw_Ieee1609Dot2Data( + template (present) Ieee1609Dot2Data mw_ieee1609Dot2Data( template (present) Ieee1609Dot2Content p_content := ? ) := { protocolVersion := c_protocol_version, content := p_content - } // End of template mw_Ieee1609Dot2Data + } // End of template mw_ieee1609Dot2Data /** * @desc Send template for 'unsecured' Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (value) Ieee1609Dot2Content m_Ieee1609Dot2Data_unsecured( + template (value) Ieee1609Dot2Content m_ieee1609Dot2Data_unsecured( in template (value) Opaque p_unsecuredData ) := { unsecuredData := p_unsecuredData - } // End of template m_Ieee1609Dot2Data_unsecured + } // End of template m_ieee1609Dot2Data_unsecured /** * @desc Receive template for 'unsecured' Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (present) Ieee1609Dot2Content mw_Ieee1609Dot2Data_unsecured( + template (present) Ieee1609Dot2Content mw_ieee1609Dot2Data_unsecured( template (present) Opaque p_unsecuredData := ? ) := { unsecuredData := p_unsecuredData - } // End of template mw_Ieee1609Dot2Data_unsecured + } // End of template mw_ieee1609Dot2Data_unsecured /** * @desc Send template for 'signed' Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (value) Ieee1609Dot2Content m_Ieee1609Dot2Data_signed( + template (value) Ieee1609Dot2Content m_ieee1609Dot2Data_signed( in template (value) SignedData p_signedData ) := { signedData := p_signedData - } // End of template m_Ieee1609Dot2Data_signed + } // End of template m_ieee1609Dot2Data_signed /** * @desc Send template for 'signed' Payload * @see Draft ETSI TS 103 097 V1.3.1 Clause 5.2 Payload */ - template (present) Ieee1609Dot2Content mw_Ieee1609Dot2Data_signed( + template (present) Ieee1609Dot2Content mw_ieee1609Dot2Data_signed( template (present) SignedData p_signedData := ? ) := { signedData := p_signedData - } // End of template mw_Ieee1609Dot2Data_signed + } // End of template mw_ieee1609Dot2Data_signed - } // End of group Ieee1609Dot2Data + } // End of group ieee1609Dot2Data /** * @desc Send/Receive templates for HeaderInfo @@ -868,7 +868,7 @@ module LibItsSecurity_Templates { /** * @desc Basic send HeaderInfo template with ETSI ITS restrction */ - template (omit) HeaderInfo m_Ieee1609Dot2_headerInfo( + template (omit) HeaderInfo m_ieee1609Dot2_headerInfo( in template (value) Psid p_psid ) := { psid := p_psid, @@ -880,12 +880,12 @@ module LibItsSecurity_Templates { encryptionKey := omit, inlineP2pcdRequest := omit, requestedCertificate := omit - } // End of template m_Ieee1609Dot2_headerInfo + } // End of template m_ieee1609Dot2_headerInfo /** * @desc Basic receive HeaderInfo template with ETSI ITS restrction */ - template (present) HeaderInfo mw_Ieee1609Dot2_headerInfo( + template (present) HeaderInfo mw_ieee1609Dot2_headerInfo( template (present) Psid p_psid := ? ) := { psid := p_psid, @@ -897,15 +897,15 @@ module LibItsSecurity_Templates { encryptionKey := omit, inlineP2pcdRequest := omit, requestedCertificate := omit - } // End of template mw_Ieee1609Dot2_headerInfo + } // End of template mw_ieee1609Dot2_headerInfo /** * @desc Basic receive HeaderInfo template with ETSI ITS restrction */ - template (present) HeaderInfo mw_Ieee1609Dot2_headerInfo_request_certificate( + template (present) HeaderInfo mw_ieee1609Dot2_headerInfo_request_certificate( template (present) Psid p_psid := ?, template (present) Certificate p_requestedCertificate := ? - ) modifies mw_Ieee1609Dot2_headerInfo := { + ) modifies mw_ieee1609Dot2_headerInfo := { psid := p_psid, generationTime := *, expiryTime := *, @@ -915,7 +915,7 @@ module LibItsSecurity_Templates { encryptionKey := omit, inlineP2pcdRequest := omit, requestedCertificate := p_requestedCertificate - } // End of template mw_Ieee1609Dot2_headerInfo + } // End of template mw_ieee1609Dot2_headerInfo /** * @desc CAM specific send HeaderInfo template with ETSI ITS restrction @@ -927,7 +927,7 @@ module LibItsSecurity_Templates { in template (value) Time64 p_generationTime, in template (omit) Time64 p_expiryTime := omit, in template (omit) SequenceOfHashedId3 p_inlineP2pcdRequest := omit - ) modifies m_Ieee1609Dot2_headerInfo := { + ) modifies m_ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := p_expiryTime, generationLocation := omit, @@ -944,7 +944,7 @@ module LibItsSecurity_Templates { template (present) Time64 p_generationTime := ?, template SequenceOfHashedId3 p_inlineP2pcdRequest := omit, template Certificate p_requestedCertificate := omit - ) modifies mw_Ieee1609Dot2_headerInfo := { + ) modifies mw_ieee1609Dot2_headerInfo := { psid := c_its_aid_CAM, generationTime := p_generationTime, expiryTime := omit, @@ -962,7 +962,7 @@ module LibItsSecurity_Templates { in template (value) Time64 p_generationTime, in template (value) ThreeDLocation p_generationLocation, in template (omit) Time64 p_expiryTime := omit - ) modifies m_Ieee1609Dot2_headerInfo := { + ) modifies m_ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := p_expiryTime, generationLocation := p_generationLocation @@ -977,7 +977,7 @@ module LibItsSecurity_Templates { template (present) Time64 p_generationTime := ?, template (present) ThreeDLocation p_generationLocation := ?, template Time64 p_expiryTime := omit - ) modifies mw_Ieee1609Dot2_headerInfo := { + ) modifies mw_ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := p_expiryTime, generationLocation := p_generationLocation @@ -990,7 +990,7 @@ module LibItsSecurity_Templates { template (omit) HeaderInfo m_headerInfo_gn( in template (value) Psid p_psid := c_its_aid_GN, in template (value) Time64 p_generationTime - ) modifies m_Ieee1609Dot2_headerInfo := { + ) modifies m_ieee1609Dot2_headerInfo := { generationTime := p_generationTime } // End of template m_headerInfo_gn @@ -1001,7 +1001,7 @@ module LibItsSecurity_Templates { template (present) HeaderInfo mw_headerInfo_gn( template (present) Psid p_psid := c_its_aid_GN, template (present) Time64 p_generationTime := ? - ) modifies mw_Ieee1609Dot2_headerInfo := { + ) modifies mw_ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := *, generationLocation := *, @@ -1013,14 +1013,14 @@ module LibItsSecurity_Templates { template (omit) HeaderInfo m_headerInfo_inner_pki_request( in template (value) Psid p_psid := c_its_aid_SCR, in template (value) Time64 p_generationTime - ) modifies m_Ieee1609Dot2_headerInfo := { + ) modifies m_ieee1609Dot2_headerInfo := { generationTime := p_generationTime }; template (omit) HeaderInfo m_headerInfo_inner_pki_response( in template (value) Psid p_psid := c_its_aid_SCR, in template (value) Time64 p_generationTime - ) modifies m_Ieee1609Dot2_headerInfo := { + ) modifies m_ieee1609Dot2_headerInfo := { generationTime := p_generationTime }; @@ -1032,7 +1032,7 @@ module LibItsSecurity_Templates { template HeaderInfo mw_headerInfo_inner_pki_response( template (present) Psid p_psid := c_its_aid_SCR, template Time64 p_generationTime := * - ) modifies mw_Ieee1609Dot2_headerInfo := { + ) modifies mw_ieee1609Dot2_headerInfo := { generationTime := p_generationTime, expiryTime := omit, generationLocation := omit diff --git a/lib/LibItsSecurity_TestSystem.ttcn b/lib/LibItsSecurity_TestSystem.ttcn old mode 100755 new mode 100644 diff --git a/lib/LibItsSecurity_TypesAndValues.ttcn b/lib/LibItsSecurity_TypesAndValues.ttcn old mode 100755 new mode 100644 diff --git a/lib/module.mk b/lib/module.mk old mode 100755 new mode 100644 diff --git a/module.mk b/module.mk old mode 100755 new mode 100644 index 40dde6b..f936fce --- a/module.mk +++ b/module.mk @@ -9,7 +9,8 @@ sources := ItsSecurity_Functions.ttcn \ modules := lib \ ../LibCommon \ ../LibIts \ - ../AtsCAM/lib \ + ../AtsCAM/lib_cam_bases \ + ../AtsCAM/lib_cam_system \ ../AtsDENM/lib \ ../AtsGeoNetworking/lib \ ../AtsIPv6OverGeoNetworking/lib \ @@ -32,7 +33,8 @@ modules := lib \ ../../ccsrc/Protocols/GeoNetworking \ ../../ccsrc/Protocols/BTP \ ../../ccsrc/Protocols/Security \ - ../../ccsrc/Protocols/CAM \ + ../../ccsrc/Protocols/CAM_Codecs \ + ../../ccsrc/Protocols/CAM_Layers \ ../../ccsrc/Protocols/DENM \ # ../AtsIS/lib \ -- GitLab From 66e0e9ecf63ced1c8311a15728786a2d0706fdae Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Tue, 14 Dec 2021 13:37:25 +0100 Subject: [PATCH 6/9] Separate typing and test system --- ItsSecurity_Templates.ttcn | 8 ++++---- lib/module.mk | 3 +-- {lib => lib_system}/LibItsSecurity_Functions.ttcn | 0 {lib => lib_system}/LibItsSecurity_TestSystem.ttcn | 0 lib_system/module.mk | 4 ++++ lib_system/module.mk~ | 12 ++++++++++++ module.mk | 5 ++++- 7 files changed, 25 insertions(+), 7 deletions(-) rename {lib => lib_system}/LibItsSecurity_Functions.ttcn (100%) rename {lib => lib_system}/LibItsSecurity_TestSystem.ttcn (100%) create mode 100644 lib_system/module.mk create mode 100644 lib_system/module.mk~ diff --git a/ItsSecurity_Templates.ttcn b/ItsSecurity_Templates.ttcn index c29f2d8..d3a4a13 100644 --- a/ItsSecurity_Templates.ttcn +++ b/ItsSecurity_Templates.ttcn @@ -16,9 +16,9 @@ module ItsSecurity_Templates { // import from ITS_Container language "ASN.1:1997" all; // // LibItsBtp - import from LibItsBtp_TypesAndValues all; - import from LibItsBtp_Templates all; - import from LibItsBtp_Pixits all; + /* import from LibItsBtp_TypesAndValues all; */ + /* import from LibItsBtp_Templates all; */ + /* import from LibItsBtp_Pixits all; */ // LibItsGeoNet import from LibItsGeoNetworking_TypesAndValues all; @@ -63,4 +63,4 @@ module ItsSecurity_Templates { // // } // End of template mw_secCamPayload -} // End of module ItsSecurity_Templates \ No newline at end of file +} // End of module ItsSecurity_Templates diff --git a/lib/module.mk b/lib/module.mk index 5244864..ba37aff 100644 --- a/lib/module.mk +++ b/lib/module.mk @@ -1,12 +1,11 @@ sources := \ LibItsSecurity_EncdecDeclarations.ttcn \ - LibItsSecurity_Functions.ttcn \ LibItsSecurity_Pics.ttcn \ LibItsSecurity_Pixits.ttcn \ LibItsSecurity_Templates.ttcn \ - LibItsSecurity_TestSystem.ttcn \ LibItsSecurity_TypesAndValues.ttcn \ asn1/EtsiTs103097ExtensionModule.asn \ asn1/EtsiTs103097Module.asn \ asn1/ieee1609dot2/Ieee1609Dot2.asn \ asn1/ieee1609dot2/Ieee1609Dot2BaseTypes.asn \ + diff --git a/lib/LibItsSecurity_Functions.ttcn b/lib_system/LibItsSecurity_Functions.ttcn similarity index 100% rename from lib/LibItsSecurity_Functions.ttcn rename to lib_system/LibItsSecurity_Functions.ttcn diff --git a/lib/LibItsSecurity_TestSystem.ttcn b/lib_system/LibItsSecurity_TestSystem.ttcn similarity index 100% rename from lib/LibItsSecurity_TestSystem.ttcn rename to lib_system/LibItsSecurity_TestSystem.ttcn diff --git a/lib_system/module.mk b/lib_system/module.mk new file mode 100644 index 0000000..e512880 --- /dev/null +++ b/lib_system/module.mk @@ -0,0 +1,4 @@ +sources := \ + LibItsSecurity_Functions.ttcn \ + LibItsSecurity_TestSystem.ttcn \ + diff --git a/lib_system/module.mk~ b/lib_system/module.mk~ new file mode 100644 index 0000000..5244864 --- /dev/null +++ b/lib_system/module.mk~ @@ -0,0 +1,12 @@ +sources := \ + LibItsSecurity_EncdecDeclarations.ttcn \ + LibItsSecurity_Functions.ttcn \ + LibItsSecurity_Pics.ttcn \ + LibItsSecurity_Pixits.ttcn \ + LibItsSecurity_Templates.ttcn \ + LibItsSecurity_TestSystem.ttcn \ + LibItsSecurity_TypesAndValues.ttcn \ + asn1/EtsiTs103097ExtensionModule.asn \ + asn1/EtsiTs103097Module.asn \ + asn1/ieee1609dot2/Ieee1609Dot2.asn \ + asn1/ieee1609dot2/Ieee1609Dot2BaseTypes.asn \ diff --git a/module.mk b/module.mk index f936fce..92ccc35 100644 --- a/module.mk +++ b/module.mk @@ -7,20 +7,23 @@ sources := ItsSecurity_Functions.ttcn \ ItsSecurity_TestSystem.ttcn modules := lib \ + lib_system \ ../LibCommon \ ../LibIts \ ../AtsCAM/lib_cam_bases \ ../AtsCAM/lib_cam_system \ ../AtsDENM/lib \ + ../AtsDENM/lib_system \ ../AtsGeoNetworking/lib \ + ../AtsGeoNetworking/lib_system \ ../AtsIPv6OverGeoNetworking/lib \ + ../AtsIPv6OverGeoNetworking/lib_system \ ../AtsBTP/lib \ ../../ccsrc/Ports/LibIts_ports \ ../../ccsrc/Ports/LibIts_ports/CAM_ports \ ../../ccsrc/Ports/LibIts_ports/DENM_ports \ ../../ccsrc/Ports/LibIts_ports/GN_ports \ ../../ccsrc/Ports/LibIts_ports/IPv6oGN_ports \ - ../../ccsrc/Ports/LibIts_ports/BTP_ports \ ../../ccsrc/EncDec \ ../../ccsrc/Framework \ ../../ccsrc/Externals \ -- GitLab From 01db511bb895d1a56d8475c735775ba9acaf1232 Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Tue, 14 Dec 2021 13:37:45 +0100 Subject: [PATCH 7/9] Separate typing and test system --- lib_system/module.mk~ | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 lib_system/module.mk~ diff --git a/lib_system/module.mk~ b/lib_system/module.mk~ deleted file mode 100644 index 5244864..0000000 --- a/lib_system/module.mk~ +++ /dev/null @@ -1,12 +0,0 @@ -sources := \ - LibItsSecurity_EncdecDeclarations.ttcn \ - LibItsSecurity_Functions.ttcn \ - LibItsSecurity_Pics.ttcn \ - LibItsSecurity_Pixits.ttcn \ - LibItsSecurity_Templates.ttcn \ - LibItsSecurity_TestSystem.ttcn \ - LibItsSecurity_TypesAndValues.ttcn \ - asn1/EtsiTs103097ExtensionModule.asn \ - asn1/EtsiTs103097Module.asn \ - asn1/ieee1609dot2/Ieee1609Dot2.asn \ - asn1/ieee1609dot2/Ieee1609Dot2BaseTypes.asn \ -- GitLab From 9f1990e0aee9720b6e2194f7d8242549f5eaab9b Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Tue, 4 Jan 2022 09:42:57 +0100 Subject: [PATCH 8/9] Fallback to one folder per ITS protocol for both Codecs & Layers --- module.mk | 41 +++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/module.mk b/module.mk index 92ccc35..335c3f7 100644 --- a/module.mk +++ b/module.mk @@ -19,26 +19,27 @@ modules := lib \ ../AtsIPv6OverGeoNetworking/lib \ ../AtsIPv6OverGeoNetworking/lib_system \ ../AtsBTP/lib \ - ../../ccsrc/Ports/LibIts_ports \ - ../../ccsrc/Ports/LibIts_ports/CAM_ports \ - ../../ccsrc/Ports/LibIts_ports/DENM_ports \ - ../../ccsrc/Ports/LibIts_ports/GN_ports \ - ../../ccsrc/Ports/LibIts_ports/IPv6oGN_ports \ - ../../ccsrc/EncDec \ - ../../ccsrc/Framework \ - ../../ccsrc/Externals \ - ../../ccsrc/geospacial \ - ../../ccsrc/loggers \ - ../../ccsrc/Asn1c \ - ../../ccsrc/Protocols/UpperTester \ - ../../ccsrc/Protocols/Pcap \ - ../../ccsrc/Protocols/ETH \ - ../../ccsrc/Protocols/GeoNetworking \ - ../../ccsrc/Protocols/BTP \ - ../../ccsrc/Protocols/Security \ - ../../ccsrc/Protocols/CAM_Codecs \ - ../../ccsrc/Protocols/CAM_Layers \ - ../../ccsrc/Protocols/DENM \ + ../AtsBTP/lib_system \ + /ccsrc/Ports/LibIts_ports \ + /ccsrc/Ports/LibIts_ports/CAM_ports \ + /ccsrc/Ports/LibIts_ports/DENM_ports \ + /ccsrc/Ports/LibIts_ports/GN_ports \ + /ccsrc/Ports/LibIts_ports/IPv6oGN_ports \ + /ccsrc/Ports/LibIts_ports/BTP_ports \ + /ccsrc/EncDec \ + /ccsrc/Framework \ + /ccsrc/Externals \ + /ccsrc/geospacial \ + /ccsrc/loggers \ + /ccsrc/Asn1c \ + /ccsrc/Protocols/CAM \ + /ccsrc/Protocols/DENM \ + /ccsrc/Protocols/GeoNetworking \ + /ccsrc/Protocols/BTP \ + /ccsrc/Protocols/Pcap \ + /ccsrc/Protocols/ETH \ + /ccsrc/Protocols/UpperTester \ + /ccsrc/Protocols/Security \ # ../AtsIS/lib \ # ../../ccsrc/Protocols/Http \ -- GitLab From 935f56da09eedf19713c463e0c2b72b4426046e6 Mon Sep 17 00:00:00 2001 From: YannGarcia Date: Thu, 6 Jan 2022 12:54:46 +0100 Subject: [PATCH 9/9] Bug fixed in module.mk --- module.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/module.mk b/module.mk index 335c3f7..3f150b2 100644 --- a/module.mk +++ b/module.mk @@ -10,8 +10,8 @@ modules := lib \ lib_system \ ../LibCommon \ ../LibIts \ - ../AtsCAM/lib_cam_bases \ - ../AtsCAM/lib_cam_system \ + ../AtsCAM/lib \ + ../AtsCAM/lib_system \ ../AtsDENM/lib \ ../AtsDENM/lib_system \ ../AtsGeoNetworking/lib \ -- GitLab