| # Copyright (c) 2021 Project CHIP Authors |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # Auto-generated scripts for harness use only, please review before automation. The endpoints and cluster names are currently set to default |
| |
| name: 14.3.1. [TC-SC-3.1] Session Establishment |
| |
| PICS: |
| - MCORE.ROLE.COMMISSIONEE |
| |
| config: |
| nodeId: 0x12344321 |
| cluster: "Basic Information" |
| endpoint: 0 |
| |
| tests: |
| - label: |
| "Initiator constructs and sends a TLV-encoded Sigma1 message |
| containing a random initiation value, destination identifier, session |
| identifier, the public key for its ephemeral key pair, and optional |
| MRP parameters." |
| verification: | |
| Verify that the message is properly formatted: 1. I Flag is set to 1 2. S flag and DIZ fields of message flags are set to 0 3. Encryption Type of security flags is set to 0 4. The message payload follows the sigma-1-struct TLV encoding format 5. The Session Key Type field is set to 0 6. The Protocol ID field is set to 0 and Protocol Opcode field is set to 48 (0x30) Verify that the responder receives the message. |
| disabled: true |
| |
| - label: |
| "Responder validates the destination identifier contained in the |
| message." |
| verification: | |
| If the destination identifier matches a candidate destination id (as generated by the process in spec section 4.13.2.4), the responder proceeds to generate a Sigma 2 message. |
| disabled: true |
| |
| - label: |
| "Responder constructs and sends a TLV-encoded Sigma2 message |
| containing a random responder value, responder session id, trusted |
| root id, public key for its responder ephemeral key pair, and |
| encrypted integrity data." |
| verification: | |
| Verify that the message is properly formatted: 1. I flag is set to 0 2. S flag and DIZ fields of message flags are set to 0 3. Encryption Type of security flags is set to 0 4. The message payload follows the sigma-2-struct TLV encoding format 5. The Session Key Type field is set to 0 6. The Protocol ID field is set to 0 and Protocol Opcode field is set to 49 (0x31) Verify that the initiator receives the message. |
| disabled: true |
| |
| - label: |
| "Initiator generates a shared secret, generates a S2K key, and |
| decrypts and verifies the message data, node operational certificate |
| (NOC), and signature data." |
| verification: | |
| If the verification succeeds, the initiator moves to the next step to send a Sigma3 message. |
| disabled: true |
| |
| - label: |
| "Initiator constructs and sends a TLV-encoded Sigma3 message |
| containing encrypted integrity data." |
| verification: | |
| Verify that the message is properly formatted: 1. I Flag is set to 1 2. S flag and DIZ fields of message flags are set to 0 3. Encryption Type of security flags is set to 0 4. The message payload follows the sigma-3-struct TLV encoding format 5. The Session Key Type field is set to 0 6. The Protocol ID field is set to 0 and Protocol Opcode field is set to 50 (0x32) Verify that the responder receives the message. |
| disabled: true |
| |
| - label: |
| "Responder decrypts and verifies the message data, NOC, and signature |
| data." |
| verification: | |
| If the verification succeed, the session is established and the responder sends a SigmaFinished StatusReport message with GeneralCode SUCCESS, ProtocolId PROTOCOL_ID_SECURE_CHANNEL, and ProtocolCode SessionEstablishmentSuccess. |
| disabled: true |