caNl Test Plan

Service Description

Common Authentication Library (caNl for short) provides simple API to support mutualy authentication connection (client-server) and message protection during communication. It also offers interfaces to deal with grid specifics. caNl is currently available in three language bindings (C, C++, Java).

Features/Scenarios to be tested

Client-Server Secure Communication, with mutual authentication (id: func:cli-srv)

Test if the client and server are able to make a secure connection.

Normal workflow – correct input

Make a secure client-server connection

Pass/Fail Criteria

Pass: A connection has been established, some short messages

Fail: A connection hasn't been established

Error workflow – erroneous input

Connect the client to the port not running any server at

Pass/Fail Criteria

Pass: Client initialized, but not connected to any server

Fail: Client connected to some other server (default port)

Error workflow – erroneous input

Start the client/server with a nonexisting certificate and/or a key

Pass/Fail Criteria

Pass: Client/server not initialized

Fail: Client/server started with default certificate or without any

Openssl Client/Server Connection (id: func:openssl-cli-srv)

Test if the server/client using CANL can establish a secure connection with generic SSL/TLS server/client

Normal workflow – correct input

Make a secure "CANL client/server"-"openssl client/server" connection

Pass/Fail Criteria

Pass: A connection has been established, some short messages has been established, some short messages has

Fail: A connection hasn't been established or messages hasn't been received

Error workflow – erroneous input

N/A

Pass/Fail Criteria

N/A

Proxy Certificate Make (id: func:proxy-make)

Test if Canl can make new proxy certifice out of user certificate.

Normal workflow – correct input

Make new proxy certificate out of given user certificate

Pass/Fail Criteria

Pass: A new proxy certificate has been created

Fail: A new proxy certificate hasn't been created

Error workflow – erroneous input

N/A

Pass/Fail Criteria

N/A

Proxy Certificate Delegation (id: func:proxy-delegate)

Test if canl can make new cert. request, delegate it to the second party sign it and send it back. (no communication at all - just export request to some structure then extract it)

Normal workflow – correct input

Bob makes cert request (and new key pair with appropriate default key size), sends it to Alice. Alice sets essential attributes (lifetime, cert. type ...), signs it and sends it back to Bob

Pass/Fail Criteria

Pass: Bob has got new proxy, signed with Alice's private key

Fail: Bob hasn't got new proxy.

Error workflow – erroneous input

N/A

Pass/Fail Criteria

N/A

SHA-2 Compatibility Test (id: func:cli-srv-sha2)

Test if the client and server are able to make a secure connection if client uses certificate with SHA512.

Normal workflow – correct input

Make a secure client-server connection

Pass/Fail Criteria

Pass: A connection has been established, some short messages has been exchanged

Fail: A connection hasn't been established.

Error workflow – erroneous input

N/A

Pass/Fail Criteria

N/A

Features not to be tested

-- MarcelPoul - 17-Apr-2012

Edit | Attach | Watch | Print version | History: r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r2 - 2012-04-23 - unknown
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    EMI All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback