ATM_ID: 2DDE6C3A-5081-11ED-AD3B-09B028C85694
ID: Pongo-Warhol/FIPS_Cipher_suite_Test_cases/56858
TESTCASE_HEADLINE: Validate that,FIPS140-3 algorithms/Cipher suites are used by the device in FIPS mode using POP3 protocol with below configurations . In WebUI - SSL/TLS setting - Protocol version :- TLS 1.1 or Later FIPS mode:- Enabled Server TLS version:- 1.1 or 1.2
GROUP:
FEATURE:
SUB_FEATURE:
INPUT:
- Ensure that FIPS is Enabled in the device.
- Ensure that valid POP3 configured server is available.
- Ensure that Wireshark tool is installed in the server and its been running during this entire test.
- Ensure that TLS 1.1 or later option is selected under properties -- Security -- Remote Authentication Server -- SSL/TLS -- protocol versions.
- Ensure that POP3 SSL/TLS communication is enabled under properties -- Security -- Remote Authentication Server -- SSL/TLS -- protocol versions.
- Ensure that TLS 1.1 or 1.2 version is configured in the server.
PROCEDURE:
- Login as Admin in WebUI.
- Navigate to Properties -- Security -- Remote Authentication server -- Device Digital Certificate Management and install SMTP server root certificate.
- Then,navigate to Properties -- Connectivity -- Protocols -- POP3.
- Configure SMTP and POP3 with valid configurations.
- Also,enable POP3 SSl communication.
- In LUI,Perform an Email Job and after completion of Email,check if the email is received in the outlook . There after view the wireshark traces for FIPS certified Algorithms used by the device in Client hello packets using POP3 port 995.
OUTPUT:
- The below mentioned FIPS certified algorithms should be used by the device on performing Email - POP3 in FIPS mode
Below ciphers should be listed in Client hello packets
Cipher Suites (18 suites) should be offered by device when TLS 1.3 option is enabled in the device.
Cipher Suites (18 suites)
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
PROCESS:
PRIORITY:
TEST_TYPE:
LOE:
RESOURCE_HW:
RESOURCE_CONSUMEABLES:
RESOURCE_MEDIA:
SKILL_SET:
TEST_CASE_TYPE:
TESTCASE_SOURCE:
SPEC:
SPEC_VERSION:
SPEC_TAG:
ATM_OWNER:
ASSOCIATED_TESTCASES:
TRAINING:
TESTCASE_VERSION:
TESTCASE_STATE:
TESTCASE_PLATFORM:
TESTCASE_PRODUCT:
TESTCASE_APPROVALS:
CDATE: 1666275126
MDATE: 1666275126
MUSER: USWU60000
AUTHOR: USWU60000
ATM_MCOMMENTS: Imported from spreadsheet
HISTORY:
ATM_LOCKED:
ATM_REQLINK:
ATM_REQCOUNT: 0
FILENAME:
FILEDESC:
FILES:
QA_TEAM:
APPROVE_QE:
APPROVED_QE:
APPROVE_SE:
APPROVED_SE:
APPROVE_SPAR:
APPROVED_SPAR:
MFF:
PLANNEDTIMESTAFF:
IMPLEMENTED:
DATA_LOGIC:
AUTOMATABLE_NOTAUTOMATABLE:
TC_WEIGHTAGE: