ATM_ID: 6E811320-2754-11EC-B5D1-CACB0AE4A572 ID: (Trash)/Pongo-Warhol/TLS_1.3/56097 TESTCASE_HEADLINE: To validate the device client cipher suites when the XCP plugin is enabled and device is authenticated using smartcard GROUP: FEATURE: SUB_FEATURE: INPUT: Overall Precondition: Device side: 1.Make sure factory data reset performed in the device 2.IPv4 and IPv6 is enabled and active 3.Upgrade the MFP with latest software version Server Setup Required: 1. HTTPS repository with TLS 1.3 protocol should be configured and enabled in Ubuntu server 2. Apache webserver installed and configured to create a web site to be used for HTTP/HTTPS (SSL) repository 3.Windows 2016 server installed and configured with following roles ADDS, ADCS, DHCP, IIS ,NPS and DNS 4. Windows 2016 server configured and installed with Exchange 2013 or later for Email 5.Fedora /Ubuntu Free radius installed and configured to support 802.1x 6.Nmap scanner installed in Linux server \ Switch: Cisco catalyst L2/L3 switch enabled for 802.1x authentication \ Note: For server configuration refer the supporting document PROCEDURE: In LUI 1.Perform a smart card authentication 2.Observe the wireshark traces in the smartcard authentication server using the filter 'ssl' OUTPUT: The following Cipher Suites should get displayed in Client Hello Packet TLS_AES_128_GCM_SHA256 <- New TLS_AES_256_GCM_SHA384 <- New TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 Smart card server will respond in the TLS Server Hello –by selecting one of the offered suites Smart card authentication will succeed PROCESS: PRIORITY: TEST_TYPE: LOE: RESOURCE_HW: RESOURCE_CONSUMEABLES: RESOURCE_MEDIA: SKILL_SET: advanced TEST_CASE_TYPE: TESTCASE_SOURCE: SPEC: The Device supports the following Cipher Suites. SPEC_VERSION: ATM_OWNER: ASSOCIATED_TESTCASES: TRAINING: TESTCASE_VERSION: TESTCASE_STATE: TESTCASE_PLATFORM: TESTCASE_PRODUCT: TESTCASE_APPROVALS: CDATE: 1633600412 MDATE: 1633600412, 1633600859 MUSER: w5XFF5T9, w5XFF5T9 AUTHOR: w5XFF5T9 ATM_MCOMMENTS: Imported from spreadsheet, Moved to Trash. HISTORY: ATM_LOCKED: ATM_REQLINK: ATM_REQCOUNT: 0 FILENAME: FILEDESC: FILES: QA_TEAM: APPROVE_QE: APPROVED_QE: APPROVE_SE: APPROVED_SE: APPROVE_SPAR: APPROVED_SPAR: MFF: PLANNEDTIMESTAFF: IMPLEMENTED: DATA_LOGIC: AUTOMATABLE_NOTAUTOMATABLE: