Document information Creation date 23.08.

2011 Name Subject

TEST SCENARIOS
Development of authentication and authorisation solutions based on strong certificates for EU citizens Procurement No. 113700 - Development of authentication and authorisation solutions based on strong certificates for EU citizens Part I RIA Ott Sarv; Asse Sauga; Indrek Jrve 1.6 v1.4: Documentation milestone.

Reference Addressee: Compiled by Version

History of changes

v1.5: Minor fixes v1.6: Tests for ID-card authentication

SISUKORD
TABLE OF CONTENTS .......................................................................................................................................... 1 1. TEST SCENARIOS ..................................................................................................................................... 2 1.1. 1.2. 1.3. 1.4. 1.5. 1.6. 1.7. 1.8. 1.9. 1.10. 1.11. Test modules .................................................................................................................................... 2 Authentication to the administration interface ................................................................................ 2 Managing system administrators .................................................................................................... 3 Managing clients ............................................................................................................................. 4 Reports ............................................................................................................................................ 6 Management of prices ..................................................................................................................... 7 Managing services........................................................................................................................... 9 Management of TSL information ................................................................................................... 11 Digital signing operations ............................................................................................................. 12 Certificate status verification operations ...................................................................................... 16 EBR-CR operations ....................................................................................................................... 18

TEST SCENARIOS

1.

TEST SCENARIOS

The tests are performed either by running automated test scripts or by human testing. Human tests are performed on the following platforms with the following web browsers: Web browsers Internet Explorer 8 Firefox 3.6 Operation systems Windows Vista Windows 7

1.1.

Test modules Functional testing tests for softwares implementation of functional requirements Smoke testing tests for the core functionality of the software Investigative testing tests based on specific found errors Regression testing tests for specific modules that have recently been modified by the development Automated testing tests with automated scripts

The following methods are used to perform tests:

Use cases are used as a basis for testing. Automated tests are performed with appropriate tools, such as Squish, Selenium, jUnit and/or PyUnit. In addition several custom scipts are used. 1.2. Authentication to the administration interface Test result

Tests for the administration interfaces core functionality.

#

Scenario

Action

Result

Comments

P passed F failed

B blocked N not tested

Authentication to the administration interface Authenticating a user

A session is created and the administration interface is opened.

P/F/B/N

TEST SCENARIOS

A valid username and a valid password is entered and the Log in link is clicked.

Authenticating with an invalid password

A valid username and an invalid password is entered and the Log in link is clicked.

An error is displayed.

P/F/B/N

Authenticating an unknown user

An invalid username is entered and the Log in link is clicked.

An error is displayed.

P/F/B/N

Authenticating a user with IDcard

A valid PIN1 is entered when opening the webpage. A user matching the certificate data exists. A valid PIN1 is entered when opening the webpage. The administration interface is not configured to accept the certificate. A valid PIN1 is entered when opening the webpage. A user matching the certificate data does not exist.

A session is created and the administration interface is opened.

P/F/B/N

Authenticating with unknown certificate

An error is displayed.

P/F/B/N

Authenticating with unknown user

An error is displayed.

P/F/B/N

1.3.

Managing system administrators

Tests for managing administration interface users. P passed F failed B blocked N not tested

Managing system administrators

List of users

The user clicks on the link Administrators. A list of users is displayed.

The administration interface displays the list of users registered.

P/F/B/N

TEST SCENARIOS

Searching users

The user selects the desired status of users and enters text to be searched. The Search button is then clicked.

The administration interface displays the list of users matching the entered criteria.

P/F/B/N

Adding users Data entry form

The user clicks on the link Add new administrator

The form for adding a new administrator is displayed.

P/F/B/N

Adding users

10

The user inputs the new administrator information and clicks on the button Save

The system saves the administrator information and displays the autogenerated password to the user.

P/F/B/N

11

Editing users Data entry form

The user clicks on the Edit link in the list of users The user inputs the modified administrator information and clicks on the button Save

The form for editing an existing administrator is displayed.

P/F/B/N

12

Editing users

The system saves the administrator information.

P/F/B/N

13

Deleting users Data entry form

The user clicks on the Delete link in the list of users

The confirmation dialog for deleting an existing administrator is displayed.

P/F/B/N

14

Deleting users

The user confirms the request to delete the administrator.

The system sets the administrator status to Deleted

P/F/B/N

1.4.

Managing clients

Tests for managing clients through the management interface. P passed F failed B blocked N not tested TEST SCENARIOS

Managing clients

15

List of clients

The user clicks on the link Clients. A list of users is displayed.

The administration interface displays the list of clients registered.

P/F/B/N

Searching clients

16

The user selects the desired status of clients and enters text to be searched. The Search button is then clicked.

The administration interface displays the list of clients matching the entered criteria.

P/F/B/N

17

Adding clients Data entry form

The user clicks on the link Add new client The user inputs the new client information and clicks on the button Save

The form for adding a new client is displayed. The system saves the client information and displays the autogenerated password to the user.

P/F/B/N

18

Adding clients

P/F/B/N

19

Editing clients Data entry form

The user clicks on the Edit link in the list of clients The user inputs the modified client information and clicks on the button Save

The form for editing an existing client is displayed.

P/F/B/N

20

Editing clients

The system saves the client information.

P/F/B/N

21

Deleting clients Data entry form

The user clicks on the Delete link in the list of clients

The confirmation dialog for deleting an existing client is displayed.

P/F/B/N

22

Deleting clients

23

The user clicks on the View link in the list of clients

A page displaying detailed information about the client is shown.

P/F/B/N

TEST SCENARIOS

The user confirms the request to delete the client.

The system sets the client status to Deleted

P/F/B/N

Detailed information about a client

24

Managing client Managing client Managing client access access permissions access permissions permissions Data entry form

The user clicks on the link Edit services available for the client

A list of services is displayed, sectioned into two lists: services available to the client, services not yet available to the client.

P/F/B/N

25

The user assigns services to the user or removes them

The selected services transition to the appropriate list of services.

P/F/B/N

26

The user clicks on the Save button

The service access list is saved.

P/F/B/N

27

Displaying the log of user queries

The user clicks on the link view in more detailed in the client query log section of the client The list of queries performed by the client detailed information page is displayed.

P/F/B/N

1.5.

Reports

Tests for reports through the administration interface. P passed F failed B blocked N not tested
Reports Defining the criteria for the report

28

The user clicks on the link Reports

A page is displayed where the user can specify the criteria for the desired report

P/F/B/N

TEST SCENARIOS

29

Report results

The user specifies the criteria (specific clients) and clicks on the button Show The user specifies the criteria (specific services) and clicks on the button Show

A report of activity within the scope of selected users is displayed.

P/F/B/N

30

Report results

A report of activity within the scope of selected services is displayed.

P/F/B/N

31

32

33

The user specifies the criteria (a time period) and clicks on the button A report of activity within the scope of Show selected time period is displayed. The user specifies the criteria (grouped by either days, months or years) and clicks on the button A report of activity grouped by the Show selected time period is displayed. The user specifies the criteria (criteria that does not match any data logged) and clicks on the An error message is displayed explaining button Show that no data matches the criteria.

Report results

P/F/B/N

Report results Report results

P/F/B/N

P/F/B/N

1.6.

Management of prices

Tests for managing prices through the administration interface. P passed F failed B blocked N not tested

Management of prices Assinging a Assinging a new Service price new price to the price to the service list service 34 The user clicks on the link Services and opens the tab Service prices

A list of services is displayed with the prices for each defined period.

P/F/B/N

35

The user clicks on the link The form for adding a new pricing period Add new price is displayed.

P/F/B/N

36

The user inputs the required data and clicks on Save.

The new pricing period is saved.

P/F/B/N

TEST SCENARIOS

Editing a Period collision check service price

37

The user inputs the required data and clicks on Save. An existing price An error is displayed: There is a collision period intersects with the between the entered price period and an new period. exisiting price period.

P/F/B/N

38

The user opens the price period edit form by clicking on the edit link.

The form for editing an existing pricing period is displayed.

P/F/B/N

39

Editing a clientAssinging a new Client-based Date format Editing a service based service Period collision check client-based price service price check Period collision check price price to the service list

The user inputs the required data and clicks on Save.

The changes to the pricing period are saved.

P/F/B/N

40

The user inputs the required data and clicks on Save. An existing clientbased price period An error is displayed: There is a collision intersects with the edited between the entered price period and an period. exisiting price period.

P/F/B/N

41

42

An invalid date is entered. The user opens the list of client-based prices by navigating to the detailed information view of a specific client.

An error is displayed: The date entered is not valid or in in the correct format.

P/F/B/N

A list of services is displayed with the client-based prices for each defined period.

P/F/B/N

43

The user clicks on the link Add new price. The user inputs the required data and clicks on Save

The new pricing period is saved.

P/F/B/N

44

P/F/B/N

45

The user opens the clientbased price period edit form by clicking on the edit link.

The form for editing an existing clientbased pricing period is displayed.

P/F/B/N

TEST SCENARIOS

The user clicks on the link Add new price. The user inputs the required data and clicks on Save. An existing client-based price An error is displayed: There is a collision period intersects with the between the entered price period and an new period. exisiting price period.

46

Date format Editing a clientPeriod collision check check based service price

The user inputs the required data and clicks on Save.

The changes to the pricing period are saved.

P/F/B/N

47

The user inputs the required data and clicks on Save. An existing clientbased price period An error is displayed: There is a collision intersects with the edited between the entered price period and an period. exisiting price period.

P/F/B/N

48

An invalid date is entered.

An error is displayed: The date entered is not valid or in in the correct format.

P/F/B/N

1.7.

Managing services

Tests for managing services through the administration interface. P passed F failed B blocked N not tested

Managing services List of services 49 The user clicks on the link Services. A list of services is displayed. The user selects the desired status of services and enters text to be searched. The Search button is then clicked.

The administration interface displays the list of services registered.

P/F/B/N

50

Searching services

The administration interface displays the list of services matching the entered criteria.

P/F/B/N

51

Adding a Adding a Editing a new EBR new EBR service product product

The user clicks on the link Add a new service" The user inputs the required data and clicks on Save

The form for adding a new EBR product is displayed.

P/F/B/N

52

The product is saved.

P/F/B/N

P/F/B/N

54

The user inputs the required data and clicks on Save

The product is saved. In case of a predefined service only the status and the name can be altered.

P/F/B/N

TEST SCENARIOS

53

The user clicks on the link The form for editing an existing service is edit " displayed.

Editing a service

List of EBR nodes

55

56

Adding a Adding a Editing an Editing an Searchign new EBR new EBR EBR node EBR node EBR nodes node node

The user opens the tab EBR countries and nodes The user selects the desired status of nodes and enters text to be searched. The Search button is then clicked. The user clicks on the link Add a new node" The user inputs the required data and clicks on Save

The administration interface displays the list of nodes registered.

P/F/B/N

The administration interface displays the list of nodes matching the entered criteria. The form for adding a new EBR node is displayed.

P/F/B/N

57

P/F/B/N

58

The node is saved.

P/F/B/N

59

The user clicks on the link edit " The user inputs the required data and clicks on Save

The form for editing an existing EBR node is displayed.

P/F/B/N

60

The node is saved.

P/F/B/N

61

Deleting an EBR node

The user clicks on the link edit" and confirms the request to delete the node.

The node is marked as deleted.

P/F/B/N

62

Editing an Adding a new Adding a new List of EBR EBR service EBR service EBR service services

Kasutaja vajutab sakil "EBR teenused".

The administration interface displays the list of EBR services registered.

P/F/B/N

63

The user clicks on the link Add a new EBR service"

The form for adding a new EBR service is displayed.

P/F/B/N

64

The user inputs the required data and clicks on Save

The EBR service is saved.

P/F/B/N

65

P/F/B/N

66

The user inputs the required data and clicks on Save

The EBR service is saved.

P/F/B/N

10

TEST SCENARIOS

The user clicks on the link edit "

The form for editing an existing EBR service is displayed.

Editing an EBR service

1.8.

Management of TSL information

Tests for managing supported CAs through the administration interface. P passed F failed B blocked N not tested

Management of TSL information 67 List of TSLs The user clicks on the link TSL management The user clicks on the link Add a new TSL, inputs the required data and clicks on Save The user clicks on the link edit, inputs the required data and clicks on Save The user clicks on the link refresh The user clicks on the link refresh. The URL specified in the TSL information is invalid or inaccessible. The user clicks on the link TSP services The administration interface displays the list of TSLs registered.

P/F/B/N

68

Adding a new TSL

A new TSL reference is saved.

P/F/B/N

69

Refreshing a List of TSL in case Refreshin Editing a TSP of an invalid g a TSL TSL services URL

The TSL reference is saved. The TSL is downloaded and the TSP services related to the TSL are updated.

P/F/B/N

70

P/F/B/N

71

The system displays an error. The administration interface displays the list of TSP services registered.

P/F/B/N

72

P/F/B/N

73

Editing a TSP service

The user clicks on the link edit.

The form for editing a TSP service is displayed.

P/F/B/N

74

Editing a TSP service

P/F/B/N

75

The user inputs the required data and clicks on Save An obligatory data field is not filled.

The TSP service is saved.

P/F/B/N

76

The system displays an error.

P/F/B/N

11

TEST SCENARIOS

The user clicks on the link edit.

The form for editing a TSP service is displayed.

Editing a Editing a TSP TSP service service

1.9.

Digital signing operations

Tests for creating and managing digitally signed containers and documents through the Web Services Framework. Tests for the signing operations are implemented as automated tests in the Testsuite3.py script, referenced by numbers 30a through 35d. The following list describes the typical use cases tested. P passed F failed
#

B blocked N not tested Result Test result Comments

Scenario

Action

Creating a BDOC container

The user initializes the service The service initBDOC initBDOC, providing a correct is run. A session set of username and identificator is returned password. to the user.

P/F/B/N

77

The user enters invalid credentials.

The service initBDOC is not run and an error is returned to the user.

P/F/B/N

Creating a session fails.

The service initBDOC is not run and an error is returned to the user.

P/F/B/N

Creating a session based on an existing container

The user initializes the service The service initBDOC initBDOC, providing a correct is run. A session set of username and password identificator is returned in addition to the BDOC to the user. container.

P/F/B/N

78

Adding the container to the session fails.

The service initBDOC is not run and an error is returned to the user.

P/F/B/N

12

TEST SCENARIOS

79

Adding files to the container

The user initializes the service addBDOCDataFile, providing the session identificator and the data file to be added.

The service addBDOCDataFile is run. A file is added to the container.

P/F/B/N

The user enters an invalid session identificator.

The service addBDOCDataFile is not run and an error is returned to the user.

P/F/B/N

The operation fails.

The service addBDOCDataFile is not run and an error is returned to the user.

P/F/B/N

The user initializes the service delBDOCDataFile, providing the session identificator and the data file id to be removed. Removing files from the container

The service delBDOCDataFile is run. A file is removed from the container.

P/F/B/N

80

The user enters an invalid session identificator.

The service delBDOCDataFile is not run and an error is returned to the user.

P/F/B/N

The user enters an invalid data file id.

The service delBDOCDataFile is not run and an error is returned to the user. The service delBDOCDataFile is not run and an error is returned to the user.

P/F/B/N

The operation fails.

P/F/B/N

13

TEST SCENARIOS

81

Preparing a signature in the container

The service prepBDOCSignature is The user initializes the service run. The signature prepBDOCSignature, structures are prepared providing the session in the container and the identificator and the hash code to be signed certificate of the signer. and the signature identificator are returned to the user.

P/F/B/N

The user enters an invalid session identificator.

The service prepBDOCSignature is not run and an error is returned to the user.

P/F/B/N

The user enters an invalid certificate.

The service prepBDOCSignature is not run and an error is returned to the user.

P/F/B/N

The operation fails.

The service prepBDOCSignature is not run and an error is returned to the user.

P/F/B/N

Finallizing a signature in the container

The user initializes the service finBDOCSignature, providing the session identificator, the signed hash code and the ID of the signature.

The service finBDOCSignature is run. The signature finalized.

P/F/B/N

82

The user enters an invalid session identificator.

The service finBDOCSignature is not run and an error is returned to the user.

P/F/B/N

14

TEST SCENARIOS

The operation fails.

The service finBDOCSignature is not run and an error is returned to the user.

P/F/B/N

Creating a session based on an existing PDF

The user initializes the service The service initPDF is initPDF, providing a correct run. A session set of username and password identificator is returned in addition to the PDF file. to the user. The service initPDF is not run and an error is returned to the user.

P/F/B/N

83

Adding the file to the session fails.

P/F/B/N

84

Preparing a signature in the PDF

The service prepPDFSignature is run. The signature The user initializes the service structures are prepared prepPDFSignature, providing in the container and the the session identificator and hash code to be signed the certificate of the signer. and the signature identificator are returned to the user. The service The user enters an invalid prepPDFSignature is session identificator. not run and an error is returned to the user. The user enters an invalid certificate. The service prepPDFSignature is not run and an error is returned to the user. The service prepPDFSignature is not run and an error is returned to the user. The service finPDFSignature is run. The signature finalized. The service finPDFSignature is not run and an error is returned to the user. The service finPDFSignature is not run and an error is returned to the user.

P/F/B/N

P/F/B/N

P/F/B/N

The operation fails.

P/F/B/N

The user initializes the service finPDFSignature, providing the session identificator and the signed hash code. Finalizing the 85 signature in the PDF The user enters an invalid session identificator.

P/F/B/N

P/F/B/N

The operation fails.

P/F/B/N

15

TEST SCENARIOS

1.10. Certificate status verification operations Tests for the certificate status verification operations are implemented as automated tests in the Testsuite3.py script, referenced by numbers 14 through 21. The following list describes the typical use cases tested. P passed F failed B blocked N not tested

Scenario

Action

Result

Test result

Comments

The user initializes the service getOCSP, The service getOCSP providing a correct set is run. The OCSP of username and response is returned to password in addition to the user. the certificate to be checked.

P/F/B/N

86

OCSP gateway

The user enters invalid credentials.

The service getOCSP is not run and an error is returned to the user.

P/F/B/N

The operation fails. The OCSP responder does not respond.

The service getOCSP is not run and an error is returned to the user. The service getOCSP is not run and an error is returned to the user.

P/F/B/N

P/F/B/N

The user enters an invalid certificate.

The service getOCSP is not run and an error is returned to the user.

P/F/B/N

16

TEST SCENARIOS

The user initializes the The service getOCSP service getOCSP, is run. The OCSP providing a correct set response is generated of username and in the CRL2OCSP password in addition to responder and returned the certificate to be to the user. checked.

P/F/B/N

87

OCSP-CRL gateway

The user enters invalid credentials.

The service getOCSP is not run and an error is returned to the user.

P/F/B/N

The user enters an invalid certificate.

The service getOCSP is not run and an error is returned to the user.

P/F/B/N

The operation fails.

The service getOCSP is not run and an error is returned to the user.

P/F/B/N

17

TEST SCENARIOS

The OCSP responder does not respond.

The service getOCSP is not run and an error is returned to the user.

P/F/B/N

The user initializes the service The service getCertificateStatus, getCertificateStatus is providing a correct set run. The certificate of username and status from the OCSP password in addition to response is returned to the certificate to be the user. checked.

P/F/B/N

Certificate status check

88

The user enters invalid credentials.

The service getCertificateStatus is not run and an error is returned to the user.

P/F/B/N

The user enters an invalid certificate.

The service getCertificateStatus is not run and an error is returned to the user.

P/F/B/N

The operation fails.

The service getCertificateStatus is not run and an error is returned to the user.

P/F/B/N

1.11. EBR-CR operations Tests for the EBR-CR operations are implemented as automated tests in the Testsuite3.py script, referenced by numbers 2 through 13. As version 3 of the EBR central services is not supported by the framework, the legacy tests will not be described in this document.

18

TEST SCENARIOS