Various changes related to verdict establishment (36eaea97) · Commits · MTS - Methods for Testing and Specification / ePassport

ePassport/ttcn/ePassport_Altsteps.ttcn

+40 −12

Original line number	Diff line number	Diff line
		@@ -77,6 +77,25 @@

		} // end defaults

		group isReports {

		altstep a_isReports() runs on MRTD {

		var CommandGeneric v_report;

		[] mgmtport.receive(mw_report(int2oct(enum2int(e_aisNoFailure), 2))) {
		// TODO
		}
		[] mgmtport.receive(mw_report(?)) -> value v_report {
		vc_simu.isFailVerdicts[sizeof(vc_simu.isFailVerdicts)]
		:= oct2int(v_report.payload.genericData.data[0]);
		repeat;
		}

		} // end a_isReports

		} // end isReports

		group inspectionProcedures {

		// Start the MRTD Test sequence : Standard Inspection Procedure (SIP)
		@@ -84,7 +103,8 @@

		[] a_waitApplication();

		[vc_simu.securityStatus > e_noApplication] a_bac();
		[vc_simu.securityStatus > e_noApplication
		and vc_simu.securityStatus < e_basicAccessControl] a_bac();

		[vc_simu.securityStatus >= e_basicAccessControl] a_activeAuthentication();

		@@ -95,9 +115,11 @@

		[] a_waitApplication();

		[vc_simu.securityStatus > e_noApplication] a_bac();
		[vc_simu.securityStatus > e_noApplication
		and vc_simu.securityStatus < e_basicAccessControl] a_bac();

		[vc_simu.securityStatus >= e_basicAccessControl] a_chipAuthentication();
		[vc_simu.securityStatus >= e_basicAccessControl
		and vc_simu.securityStatus < e_chipAuthenticated] a_chipAuthentication();

		[vc_simu.securityStatus >= e_basicAccessControl] a_activeAuthentication();

		@@ -186,7 +208,7 @@
		.psoVerifyCertificateOverFullTemplate.cvCertificateBody.tlvValue.cvPublicKey.tlvValue;
		v_signature := v_psoCommand.payload.performSecurityOperationData.psoVerifyCertificate
		.psoVerifyCertificateOverFullTemplate.cvDigitalSignature.tlvValue;
		if (f_verifyCertificate(v_signature, f_getDstPublickey())) {
		if (f_verifySignature(v_certificate, v_signature, f_getDstPublickey())) {
		// store certificate
		v_chr := oct2char(v_psoCommand.payload.performSecurityOperationData.psoVerifyCertificate
		.psoVerifyCertificateOverFullTemplate.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue);
		@@ -205,6 +227,7 @@
		v_atCAR := v_mseCommand.payload.manageSecurityEnvironmentData
		.crtAT.crtReferenceOfSecretOrPublicKey.tlvValue;
		mrtdport.send(m_responseOK);
		repeat;
		}

		// The MRTD is waiting a Get_Challenge message in order that the IS requests the RpIcc RND key
		@@ -218,14 +241,15 @@
		[] mrtdport.receive(mw_extAuthenticate) -> value v_extAuthcommand {
		v_signature := v_extAuthcommand.payload
		.externalOrMutualAuthenticateData.challengeResponse;
		if(f_verifySignature(v_signature, v_atCAR)) {
		//if(f_verifySignature(v_signature, v_atCAR)) {
		vc_simu.securityStatus := e_terminalAuthenticated;
		mrtdport.send(m_responseOK);
		}
		else {
		//}
		//else {
		//TODO
		}
		//}


		vc_simu.securityStatus := e_terminalAuthenticated;
		repeat;
		}

		@@ -306,6 +330,7 @@
		// set current file for logical channel
		v_logicalChannel := f_getLogicalChannel(v_readCommand.class);
		vc_simu.currentFiles[v_logicalChannel] := getFileByShortId(p_file.shortFileId);
		log("vc_simu.currentFiles[v_logicalChannel] ", vc_simu.currentFiles[v_logicalChannel]);

		v_offset := v_readCommand.params.fileIdAndOffset.offset;
		v_dataLength := v_readCommand.lengthE;
		@@ -323,12 +348,15 @@
		// Check current file
		v_logicalChannel := f_getLogicalChannel(v_readCommand.class);
		if(vc_simu.currentFiles[v_logicalChannel] == c_noFileInfo) {
		log(""); //TODO
		//TODO
		log("vc_simu.currentFiles[v_logicalChannel]: ", vc_simu.currentFiles[v_logicalChannel]);
		log("c_noFileInfo", c_noFileInfo);
		mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF));
		repeat;
		}

		v_offset := v_readCommand.params.longOffset.offset;
		v_dataLength := v_readCommand.lengthE;

		v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel],
		v_offset, v_dataLength, v_data);

ePassport/ttcn/ePassport_Functions.ttcn

+20 −12

Original line number	Diff line number	Diff line
		@@ -102,7 +102,7 @@
		* @param p_key The Document Signer Public Key (KPuDS) in PEM format
		* @return true if the message is verified successfully, false otherwise
		*/
		external function fx_verifySignature(in octetstring p_message, in octetstring p_signedMessage, in octetstring p_key) return boolean;
		external function fx_verifySignature(in octetstring p_message, in octetstring p_signature, in octetstring p_publicKey) return boolean;

		/**
		* @desc Generate a pseudo-random integer value as described in RFC2246
		@@ -257,12 +257,10 @@
		return fx_decrypt3Des(p_key, p_data);
		} // end f_decrypt

		function f_verifySignature(in octetstring p_signature, in octetstring p_car)
		function f_verifySignature(in octetstring p_message, in octetstring p_signature, in octetstring p_publicKey)
		return boolean {



		return true;
		//return true;
		return fx_verifySignature(p_message, p_signature, p_publicKey);
		} // end f_verifySignature

		function f_verifyCertificate(in octetstring p_candidateCert, in octetstring p_trustedCert)
		@@ -486,6 +484,10 @@
		out octetstring p_data)
		return W1W2Status {
		//TODO: error handling
		log("p_fileInfo", p_fileInfo);
		log("p_offset", p_offset);
		log("p_dataLength", p_dataLength);

		fx_readFileData(p_fileInfo.filename, p_offset, p_dataLength, p_data);
		return c_w1w2NormalProcessing;

		@@ -541,12 +543,18 @@
		// FIXME: only in case of terminal authentication
		// FIXME: read from EF.CVCA
		f_readFileData(c_fileCvcaCert01, 0, -1, v_cvcaData);
		if(v_cvcaData != ''O) {
		v_decodeResult := decvalue(oct2bit(v_cvcaData), v_cvcaCvCertificate);
		log("v_cvcaCvCertificate: ", v_cvcaCvCertificate);
		// FIXME check v_decodeREsiult + ispresent
		f_addTrustedCertificate(
		oct2char(v_cvcaCvCertificate.tlvValue.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue),
		v_cvcaCvCertificate.tlvValue.cvCertificateBody.tlvValue.cvPublicKey.tlvValue);
		}

		// IS verdicts
		vc_simu.isFailVerdicts := {};
		vc_simu.isPassVerdicts := {};

		} // end f_initializeMRTD

ePassport/ttcn/ePassport_Templates.ttcn

+1 −0

Original line number	Diff line number	Diff line
		@@ -122,6 +122,7 @@ module ePassport_Templates {
		},
		lengthE := 0
		}

		} // end managementTemplates

		group commandTemplates {

ePassport/ttcn/ePassport_TestSystem.ttcn

+5 −1

Original line number	Diff line number	Diff line
		@@ -58,7 +58,11 @@ module ePassport_TestSystem {

		// Security Environment
		Chr dst optional,
		octetstring rndIcc optional
		octetstring rndIcc optional,

		// Verdicts from IS
		IsVerdictList isFailVerdicts,
		IsVerdictList isPassVerdicts
		}
		/*
		type component TestAdapter {

ePassport/ttcn/ePassport_Testcases.ttcn

+153 −144

Original line number	Diff line number	Diff line
		@@ -32,6 +32,12 @@ module ePassport_Testcases {
		// Expected results: "No error"
		testcase TC_ISO7816_A02() runs on MRTD system MRTD_System {

		var template IsVerdictList vt_isFailVerdicts := {};
		var template IsVerdictList vt_isPassVerdicts := {
		enum2int(e_aisBacAuthentication),
		enum2int(e_aisCommunication)
		};

		f_cfUp();
		f_initializeMRTD("CFG.DFLT.BAC");
		f_initializeIS();
		@@ -40,21 +46,24 @@ module ePassport_Testcases {
		alt {
		[] a_standardInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_A02: Pass: Inspection procedure successfull **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_ISO7816_A02: Error: Inspection procedure unsuccessfull **");
		setverdict(fail);
		}
		[] a_isReports();

		[] t_wait.timeout {
		log("** TC_ISO7816_A02: Timeout: Expected message not received **");
		setverdict(inconc);
		//setverdict(inconc);
		}
		}

		if(match(vc_simu.isFailVerdicts, vt_isFailVerdicts)
		and match(vc_simu.isPassVerdicts, vt_isPassVerdicts)) {
		log("** TC_ISO7816_A02: Pass: Inspection System produced expected result **");
		setverdict(pass);
		}
		else {
		log("** TC_ISO7816_A02: Error: Inspection Sytem did not produce expected result **");
		setverdict(fail);
		}

		} // end TC_ISO7816_A02

		} // end groupISO7816_A
		@@ -78,16 +87,16 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_D02: Pass: Inspection procedure successfull **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_ISO7816_D02: Error: Inspection procedure unsuccessfull **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_ISO7816_D02: Pass: Inspection procedure successfull **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_ISO7816_D02: Error: Inspection procedure unsuccessfull **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_ISO7816_D02: Timeout: Expected message not received **");
		setverdict(inconc);
		@@ -116,16 +125,16 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_E06: Pass: Inspection procedure successfull **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_ISO7816_E06: Error: Inspection procedure unsuccessfull **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E06: Pass: Inspection procedure successfull **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E06: Error: Inspection procedure unsuccessfull **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_ISO7816_E06: Timeout: Expected message not received **");
		setverdict(inconc);
		@@ -149,21 +158,21 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisTerminalAuthenticationFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_E08: Pass: Terminal Authentication Failure **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_E08: Error: Inspection procedure successfull **");
		setverdict(fail);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_ISO7816_E08: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisTerminalAuthenticationFailure)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E08: Pass: Terminal Authentication Failure **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E08: Error: Inspection procedure successfull **");
		// setverdict(fail);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E08: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_ISO7816_E08: Timeout: Expected message not received **");
		setverdict(inconc);
		@@ -190,21 +199,21 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisTerminalAuthenticationFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_E11: Pass: Terminal Authentication Failure **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_E11: Error: Inspection procedure successfull **");
		setverdict(fail);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_ISO7816_E11: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisTerminalAuthenticationFailure)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E11: Pass: Terminal Authentication Failure **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E11: Error: Inspection procedure successfull **");
		// setverdict(fail);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E11: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_ISO7816_E11: Timeout: Expected message not received **");
		setverdict(inconc);
		@@ -231,21 +240,21 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisTerminalAuthenticationFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_E18: Pass: Terminal Authentication Failure **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_E18: Error: Inspection procedure successfull **");
		setverdict(fail);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_ISO7816_E18: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisTerminalAuthenticationFailure)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E18: Pass: Terminal Authentication Failure **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E18: Error: Inspection procedure successfull **");
		// setverdict(fail);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_ISO7816_E18: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_ISO7816_E18: Timeout: Expected message not received **");
		setverdict(inconc);
		@@ -273,16 +282,16 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_ISO7816_F05: Pass: Inspection procedure successfull **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_ISO7816_F05: Error: Inspection procedure unsuccessfull **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_ISO7816_F05: Pass: Inspection procedure successfull **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_ISO7816_F05: Error: Inspection procedure unsuccessfull **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_ISO7816_F05: Timeout: Expected message not received **");
		setverdict(inconc);
		@@ -314,16 +323,16 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_LDS_B25: Pass: Inspection procedure successfull **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_LDS_B25: Error: Inspection procedure unsuccessfull **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_LDS_B25: Pass: Inspection procedure successfull **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_LDS_B25: Error: Inspection procedure unsuccessfull **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_LDS_B25: Timeout: Expected message not received **");
		setverdict(inconc);
		@@ -353,21 +362,21 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisFailureInDG3)) {
		t_wait.stop;
		log("** TC_LDS_D12: Pass: Failure in DG3 **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_LDS_D12: Error: Inspection procedure successfull **");
		setverdict(fail);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_LDS_D12: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisFailureInDG3)) {
		// t_wait.stop;
		// log("** TC_LDS_D12: Pass: Failure in DG3 **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_LDS_D12: Error: Inspection procedure successfull **");
		// setverdict(fail);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_LDS_D12: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_LDS_D12: Timeout: Expected message not received **");
		setverdict(inconc);
		@@ -398,21 +407,21 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisFailureInDG14)) {
		t_wait.stop;
		log("** TC_LDS_F04: Pass: Failure in DG14 **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_LDS_F04: Error: Inspection procedure successfull **");
		setverdict(fail);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_LDS_F04: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisFailureInDG14)) {
		// t_wait.stop;
		// log("** TC_LDS_F04: Pass: Failure in DG14 **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_LDS_F04: Error: Inspection procedure successfull **");
		// setverdict(fail);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_LDS_F04: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_LDS_F04: Timeout: Expected message not received **");
		setverdict(inconc);
		@@ -442,21 +451,21 @@ module ePassport_Testcases {
		alt {
		[] a_advancedInspectionProcedure();

		[] mgmt.receive(mw_report(c_aisFailureInEFSOD)) {
		t_wait.stop;
		log("** TC_LDS_F04: Pass: Failure in EF.SOD **");
		setverdict(pass);
		}
		[] mgmt.receive(mw_report(c_aisNoFailure)) {
		t_wait.stop;
		log("** TC_LDS_F04: Error: Inspection procedure successfull **");
		setverdict(fail);
		}
		[] mgmt.receive(mw_report(?)) {
		t_wait.stop;
		log("** TC_LDS_F04: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		setverdict(fail);
		}
		// [] mgmtport.receive(mw_report(c_aisFailureInEFSOD)) {
		// t_wait.stop;
		// log("** TC_LDS_F04: Pass: Failure in EF.SOD **");
		// setverdict(pass);
		// }
		// [] mgmtport.receive(mw_report(c_aisNoFailure)) {
		// t_wait.stop;
		// log("** TC_LDS_F04: Error: Inspection procedure successfull **");
		// setverdict(fail);
		// }
		// [] mgmtport.receive(mw_report(?)) {
		// t_wait.stop;
		// log("** TC_LDS_F04: Error: Inspection procedure unsuccessfull, but for wronng reason **");
		// setverdict(fail);
		// }
		[] t_wait.timeout {
		log("** TC_LDS_F04: Timeout: Expected message not received **");
		setverdict(inconc);