Module tests scenarios

module_test_rfc9529_chapter_2.c
Test vector was taken from RFC9529 chapter 2.
It contains authentication with signatures, X.509 identified by ‘x5t’.

Following scenarios were prepared:

  • message <1, 2, 3, 4> compose and process.

  • message <2, 3> compose with already cborised authentication credentials.

  • full handshake between initiator and responder based on test vector. Additionally it contains:

    • derivation of OSCORE sessions.

    • key update for generation new shared secret and new OSCORE sessions.

  • full handshake with real crypto where we verify if OSCORE session are equals.

  • full handshake with real crypto with external authorization data (EAD):

    • single EAD token.

    • multiple EAD tokens.

module_test_rfc9529_chapter_3.c
Test vector was taken from RFC9529 chapter 3.
It contains authentication with static DH, CCS identified by ‘kid’.

Following scenarios were prepared:

  • message <1, 2, 3, 4> compose and process.

  • message <2, 3> compose with already cborised authentication credentials.

  • full handshake between initiator and responder based on test vector. Additionally it contains:

    • derivation of OSCORE sessions.

    • key update for generation new shared secret and new OSCORE sessions.

module_test_rfc9528_suites_negotiation.c
Examples for scenarios was taken from RFC9528, chapter 6.3.2.
We can verify EDHOC error codes and cached cipher suites in case of cipher suites mismatch.

Following scenarios were prepared:

  • cipher suite negotiation where initiator sent only one suite. (Figure 8)

  • cipher suite negotiation where initiator sent a list of suites. (Figure 9)

module_test_error_message.c
EDHOC error message was taken from RFC9528, chapter 6.
We can verify error message compose and process.

Following scenarios were prepared:

  • error message compose and process for:

    • success.

    • unspecified error.

    • wrong selected cipher suite.

    • unknown credential referenced.

module_test_x5chain_sign_keys_suite_0.c
Full handshake with real crypto where we verify if OSCORE session are equals.
It contains authentication with signatures, X.509 identified by ‘x5chain’, cipher suite 0.
We verify one and two certificates in chain.
module_test_x5chain_sign_keys_suite_2.c
Full handshake with real crypto where we verify if OSCORE session are equals.
It contains authentication with signatures, X.509 identified by ‘x5chain’, cipher suite 2.
We verify one certificates in chain with/without multiple EAD tokens.
module_test_x5chain_static_dh_keys_suite_2.c
Full handshake with real crypto where we verify if OSCORE session are equals.
It contains authentication with static DH, X.509 identified by ‘x5chain’, cipher suite 2.
We verify one certificates in chain with single EAD token.
module_test_x5t_sign_keys_suite_2.c
Full handshake with real crypto where we verify if OSCORE session are equals.
It contains authentication with signatures, X.509 identified by ‘x5t’, cipher suite 2.
We verify certificate hashes with single EAD token.