ATM_ID: 81D9C108-4900-11EF-ABAA-BB2DE0099B93

MFF:

PLANNEDTIMESTAFF:

ID: (Trash)/WFAST_Authentication_Authorisation/Testcases/FS_44.060_Smart_Cards/150863

TESTCASE_HEADLINE: Test with CAC Card -- Smart Card Authentication SNMP -- GDC Test cases

GROUP:

FEATURE:

SUB_FEATURE:

INPUT: <p></p>
<ol><li value="1">Make sure that the Linux PC with all MIB directories are available.<br />
</li><li value="2">Make sure that the Authentication method is in default as "Local".<br />
</li><li value="3">Make sure that the Smart card feature is enabled by entering key 41117919 in FIK page.</li></ol>

PROCEDURE: <p>SmartCard Enablement: snmpset -v2c -cprivate DEVICE_IP 1.3.6.1.4.1.253.8.74.7.2.1.1.6 i 2225 1.3.6.1.4.1.253.8.74.7.2.1.8.6 s 1111 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s OI=1.3.6.1.4.1.253.8.74.6.2.1.9.6.101.136.1:OV="smartcard":<br />
snmpget -v2c -cpublic DEVICE_IP 1.3.6.1.4.1.253.8.74.6.2.1.9.6.101.136.1 and observe that the value returned is smartcard.<br />
In CWIS go to Properties -- Login/Permissions/Accounting -- Login Methods and check that the Authentication is changed to "Smart Card Authentication".<br />
Alternate Login enablement: snmpset -v2c -cprivate DEVICE IP 1.3.6.1.4.1.253.8.74.7.2.1.1.6 i 2225 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s 1111 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s OI=1.3.6.1.4.1.253.8.74.6.2.1.9.6.101.136.4:OV="network":<br />
snmpget -v2c -cpublic DEVICE_IP 1.3.6.1.4.1.253.8.74.6.2.1.9.6.101.136.4 and observe that the value returned is network.<br />
In CWIS go to Properties -- Login/Permissions/Accounting -- Login Methods and check that the Authentication is changed to "Validate on Network".<br />
Set Smart Card Timer (to 60 seconds in this example): snmpset -v2c -cprivate 1.3.6.1.4.1.253.8.74.7.2.1.1.6 i 2225 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s 1111 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s OI=1.3.6.1.4.1.253.8.74.6.2.1.7.6.101.103.1:OV=60:<br />
snmpget -v2c -cpublic DEVICE_IP 1.3.6.1.4.1.253.8.74.6.2.1.7.6.101.103.1 and observe that the value returned is 60.<br />
In CWIS go to Properties -- Security -- Timeout &amp;amp;amp; Resume -- Click Review Smart Card Timers settings and check that the Authentication token Inactivity Timer has value as 60.<br />
Set the Certificate Key Length: values are: 0=no minimum (default) 1=1024 2=2048 snmpset -v2c -cprivate 1.3.6.1.4.1.253.8.74.7.2.1.1.6 i 2225 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s 1111 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s OI=1.3.6.1.4.1.253.8.74.6.2.1.7.6.101.515.6:OV=2:<br />
Email Encryption Enablement: snmpset -v2c -cprivate DEVICE IP 1.3.6.1.4.1.253.8.74.7.2.1.1.6 i 2225 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s 1111<br />
1.3.6.1.4.1.253.8.74.7.2.1.2.6 s OI=1.3.6.1.4.1.253.8.74.6.2.1.7.6.101.515.3:OV=1: (where OV values are: 0=disabled (default) 1=alwaysOn 2=editable.<br />
Email Signing Enablement: snmpset -v2c -cprivate DEVICE IP 1.3.6.1.4.1.253.8.74.7.2.1.1.6 i 2225 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s 1111<br />
1.3.6.1.4.1.253.8.74.7.2.1.2.6 s OI=1.3.6.1.4.1.253.8.74.6.2.1.7.6.101.515.4:OV=1: (where OV values are: 0=disabled (default) 1=alwaysOn 2=editable.<br />
Encryption Default: snmpset -v2c -cprivate 1.3.6.1.4.1.253.8.74.7.2.1.1.5 i 2225 1.3.6.1.4.1.253.8.74.7.2.1.2.5 s 1111 1.3.6.1.4.1.253.8.74.7.2.1.2.5 s OI=1.3.6.1.4.1.253.8.74.6.2.1.7.5.108.143.5:OV=1: (values 1=on and 2=off)<br />
Signing Default:snmpset -v2c -cprivate DEVICE IP 1.3.6.1.4.1.253.8.74.7.2.1.1.5 i 2225 1.3.6.1.4.1.253.8.74.7.2.1.2.5 s 1111 1.3.6.1.4.1.253.8.74.7.2.1.2.5 s OI=1.3.6.1.4.1.253.8.74.6.2.1.7.5.108.143.6:OV=1: (values 1=on and 2=off)<br />
Encryption Algorithm: snmpset -v2c -cprivate 1.3.6.1.4.1.253.8.74.7.2.1.1.6 i 2225<br />
1.3.6.1.4.1.253.8.74.7.2.1.2.6 s 1111 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s OI=1.3.6.1.4.1.253.8.74.6.2.1.7.6.101.515.1:OV=1: (values of OI: 1=AES128 2= AES192 3=AES256 4=AES3DES)<br />
Signing Hash: snmpset -v2c -cprivate DEVICE IP 1.3.6.1.4.1.253.8.74.7.2.1.1.6 i 2225<br />
1.3.6.1.4.1.253.8.74.7.2.1.2.6 s 1111 1.3.6.1.4.1.253.8.74.7.2.1.2.6 s OI=1.3.6.1.4.1.253.8.74.6.2.1.7.6.101.515.2:OV=1: (values of OI: 1=SHA1 2=SHA256 3=SHA384 4=SHA512)</p>

OUTPUT: <p>Any Smart Card setting that can be configured via the Web UI other than the upload of certificates shall be available in the MIB. The snmp commands should be changing the appropriate device information. Check the Web UI on the device for confirmed changes Or use the "walk device" command.</p>

PROCESS:

PRIORITY:

TEST_TYPE:

LOE:

RESOURCE_HW:

RESOURCE_CONSUMEABLES:

RESOURCE_MEDIA:

SKILL_SET:

TEST_CASE_TYPE:

TESTCASE_SOURCE:

SPEC: Smart_Cards

SPEC_NUM:

SPEC_VERSION:

SPEC_TAG: [44.060.056] (FT-14212) [D1.3-*] The following Smart Card user authentication settings shall be available in the SNMP MIB XCMI Service Detail Table and XCMI Service Management Table MIB (59svcmon) using the following OID indexes:
[44.060.056.01] (FT-14212) 06.101.136.1 Read &amp;amp; Write Local UI Login Method; needs to be set to “smartcard”.
[44.060.056.03] (FT-14212) 06.101.136.4 Read &amp;amp; Write Local UI Alternate Login Method
[44.060.056.04] (FT-14212) 06.101.103.1 Read &amp;amp; Write Smart Card Inactivity Timer

ATM_OWNER:

APPROVE_QE:

APPROVED_QE:

APPROVE_SE:

APPROVED_SE:

APPROVE_SPAR:

APPROVED_SPAR:

ASSOCIATED_TESTCASES:

TRAINING:

TESTCASE_VERSION:

TESTCASE_STATE:

TESTCASE_PLATFORM:

TESTCASE_PRODUCT:

TESTCASE_FAMILY:

TESTCASE_APPROVALS:

CDATE: 1721745199

MDATE: 1721745199, 1721745481

MUSER: r7HS90RZ, r7HS90RZ

AUTHOR: r7HS90RZ

ATM_MCOMMENTS: Imported from spreadsheet, Moved to Trash.

HISTORY:

ATM_LOCKED:

ATM_REQLINK: D73AC73F-6EAC-1014-B317-A7FFE523BC1D

ATM_REQCOUNT: 1

QA_TEAM:

TC_WEIGHTAGE:

FILENAME:

FILEDESC:

FILES:

RELEASE:

COMPETENCY:

AUTOMATION_GROUP:

TESTCASE_STEPS_ARE_RELATED_TO:

REASON_FOR_AUTOMATABLE:

PRECONDITION_TO_BE_DONE:

ACTION_TO_BE_DONE:

COMMON_FUNCTIONALITY:

COMMONALITY_DETAILS:

CONSTRAINTS_DAR:

DEVELOPMENT_COMPLETE_TIME:

PO_SIGNOFF_DATE:

COMPLEXITY_PRECONDITIONS:

COMPLEXITY_OUTPUT_VALIDATION:

AUTOMATABLE:

AUTOMATION_CANDIDATE:

TESTCASE_MODIFICATION_REQUIRED:

APTEST_UPDATE_STATUS:

DEVICE_CATEGORY:

TC_WORK_LOCATION_CAT:

AUTOMATION_TC_VALIDATION: