View Issue Details

IDProjectCategoryView StatusLast Update
0005771CTT UA Test Case4 - Test Case Definitionpublic2022-08-02 20:06
ReporterJan Murzyn Assigned ToSebastian Allmendinger  
PrioritynormalSeverityminorReproducibilityalways
Status assignedResolutionreopened 
Summary0005771: Security Certificate Validation case 052 should allow an error response, or a different endpoint should be used.
Description

In this test CTT is expecting successful connection to the Basic128Rsa15 endpoint by sending a certificate with 4096-bit long key.
I think that connection can (or should) be actually rejected based on the profile definition (Part 7 Profiles, Table 11 - Security), which says that MaxAsymmetricKeyLength for this policy is 2048.

Our server currently responds with BadSecurityConfig 0x81080000 (that's coming from the SDK), which, in my understanding, is not a code that should be used in the service response. If this test is going to allow the error response, what error code would be expected?

TagsSecurity
Files Affected

Activities

Paul Hunkar

2020-07-10 17:35

administrator   ~0012591

Bad_SecurityChecksFailed is the error code that should be returned

Sebastian Allmendinger

2021-02-25 20:52

developer   ~0013829

Updated the test case to allow server to reject the connection with BadSecurityChecksFailed if SecurityPolicy#Basic128Rsa15 or SecurityPolicy#Basic256 is used.
Updated the test script accordingly.

Paul Hunkar

2021-03-25 15:30

administrator   ~0014073

As part of the review it was determined that the fix is a partial fix only. The actual fix should ensure that certificates that are above the max size are rejected. The checked in fix is being left as a work around until the final fixes are applied

Paul Hunkar

2021-03-25 15:36

administrator   ~0014074

This issue shall result in a larger set of changes , in that each security policy has a range and all test case should be updated for this set of tests

this will mean some test cases such as 49-52 will need to be marked as obsolete.

Issue History

Date Modified Username Field Change
2020-07-01 07:44 Jan Murzyn New Issue
2020-07-01 07:44 Jan Murzyn Tag Attached: Security
2020-07-10 17:34 Paul Hunkar Assigned To => Alexander Allmendinger
2020-07-10 17:34 Paul Hunkar Status new => assigned
2020-07-10 17:35 Paul Hunkar Note Added: 0012591
2021-02-25 16:26 Sebastian Allmendinger Assigned To Alexander Allmendinger => Sebastian Allmendinger
2021-02-25 20:52 Sebastian Allmendinger Note Added: 0013829
2021-02-25 20:53 Sebastian Allmendinger Status assigned => resolved
2021-02-25 20:53 Sebastian Allmendinger Resolution open => fixed
2021-02-25 20:53 Sebastian Allmendinger Fixed in Version => 1.03.341.398
2021-03-25 15:30 Paul Hunkar Status resolved => feedback
2021-03-25 15:30 Paul Hunkar Resolution fixed => reopened
2021-03-25 15:30 Paul Hunkar Note Added: 0014073
2021-03-25 15:30 Paul Hunkar Status feedback => assigned
2021-03-25 15:36 Paul Hunkar Note Added: 0014074
2022-08-02 20:06 Paul Hunkar Project Compliance Test Tool (CTT) Unified Architecture => CTT UA Test Case