Tests Specification for OSCOAP

Notes
Security Contexts and Resources
Set up the environment
1. Test 0a
2. Test 0b
Correct OSCOAP use
1. GET test
  1. Test 1a
  2. Test 1b
  3. Test 2a
  4. Test 2b
  5. Test 3a
  6. Test 3b
  7. Test 4a
  8. Test 4b
  9. Test 5a
  10. Test 5b
2. POST test
  1. Test 6a
  2. Test 6b
3. PUT test
  1. Test 7a
  2. Test 7b
  3. Test 8a
  4. Test 8b
4. DELETE test
  1. Test 9a
  2. Test 9b
Incorrect OSCOAP use

1. Notes

CoAP Version is 2 in all the tests.

The client and server may optionally display external_aad and COSE object (before and after compression) to simplify debugging.

When non-indicated, CoAP messages can be NON or CON (implementer's choice)

2. Security Contexts and Resources

Security Context A: Client

Common Context:
- Master Secret: 01-02-03-04-05-06-07-08-09-0A-0B-0C-0D-0E-0F-10-11-12-13-14-15-16-17-18-19-1A-1B-1C-1D-1E-1F-20-21-22-23
- Alg: AES-CCM-64-64-128
Sender Context:
- Sender Id: 63-6C-69-65-6E-74
- Sender Key: 21-64-42-DA-60-3C-51-59-2D-F4-C3-D0-CD-1D-0D-48
- Sender IV: 01-53-DD-FE-DE-44-19
- Sender Seq Number: 00
Recipient Context:
- Recipient Id: 73-65-72-76-65-72
- Recipient Key: D5-CB-37-10-37-15-34-A1-CA-22-4E-19-EB-96-E9-6D
- Recipient IV: 20-75-0B-95-F9-78-C8

Security Context B: Server

Common Context:
- Master Secret: 01-02-03-04-05-06-07-08-09-0A-0B-0C-0D-0E-0F-10-11-12-13-14-15-16-17-18-19-1A-1B-1C-1D-1E-1F-20-21-22-23
- Alg: AES-CCM-64-64-128
Sender Context:
- Sender Id: 73-65-72-76-65-72
- Sender Key: D5-CB-37-10-37-15-34-A1-CA-22-4E-19-EB-96-E9-6D
- Sender IV: 20-75-0B-95-F9-78-C8
- Sender Seq Number: 00
Recipient Context:
- Recipient Id: 63-6C-69-65-6E-74
- Recipient Key: 21-64-42-DA-60-3C-51-59-2D-F4-C3-D0-CD-1D-0D-48
- Recipient IV: 01-53-DD-FE-DE-44-19

Resources

The list of resources the server must implement is the following:

/hello/coap : authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)
/hello/1 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)
/hello/2 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain), and with ETag 0x2b
/hello/3 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain), and Max-Age 5
/hello/6 : protected resource, authorized method: POST, returns the value of the resource with content-format 0 (text/plain)
/hello/7 : protected resource, authorized method: PUT, returns the value of the resource with content-format 0 (text/plain), has ETag 0x7b
/observe : protected resource, authorized method: GET, returns a counter incremented every 2 seconds, supports observe.

3. Set up the environment

3.1. Identifier: TEST_0a

Objective : Verify that CoAP exchange works. Perform a simple GET transaction using COAP, Content-Format and Uri-Path option (Client side)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request including: Uri-Path : /hello/coap
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing expected; expected: 2.05 Content Response with: Content-Format = 0 (text/plain) Payload = "Hello World!"
5	Verify	Client displays the received packet

3.2. Identifier: TEST_0b

Objective : Verify that CoAP exchange works. Perform a simple GET transaction using COAP, Content-Format and Uri-Path option (Server side)

Configuration :

server resources:

/hello/coap : authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request including: Uri-Path = /hello/coap
2	Check	Server parses the request and continues the CoAP processing
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.05 Content Response with: Content-Format = 0 (text/plain) Payload = "Hello World!"
5	Verify	Server displays the sent packet

4. Correct OSCOAP use

4.1 GET Tests

4.1.1. Identifier: TEST_1a

Objective : Perform a simple GET transaction using OSCOAP, Content-Format and Uri-Path option (Client side)

Configuration :

client security context: Security Context A, with:

Sequence number received not in client's replay window

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/1
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.05 Content Response with: Object-Security option Content-Format = 0 (text/plain) Payload = "Hello World!"
5	Verify	Client displays the received packet

4.1.2. Identifier: TEST_1b

Objective : Perform a simple GET transaction using OSCOAP, Content-Format and Uri-Path option (Server side)

Configuration :

server security context: Security Context B, with:

Sequence number received not in server's replay window

server resources:

/hello/1 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path = /hello/1
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.05 Content Response with: Object-Security option Content-Format = 0 (text/plain) Payload = "Hello World!"
5	Verify	Server displays the sent packet

4.1.3. Identifier: TEST_2a

Objective : Perform a GET transaction using OSCOAP, Content-Format, Uri-Path, Uri-Query and ETag option (Client side)

Configuration :

client security context: Security Context A, with:

Sequence number sent not in server's replay window

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path = /hello/2 Uri-Query : first=1
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.05 Content Response with: Object-Security option Content-Format = 0 (text/plain) ETag with value 0x2b Payload = "Hello World!"
5	Verify	Client displays the received packet

4.1.4. Identifier: TEST_2b

Objective : Perform a GET transaction using OSCOAP, Content-Format, Uri-Path, Uri-Query and ETag option (Server side)

Configuration :

server security context: Security Context B, with:

Sequence number received not in server's replay window

server resources:

/hello/2 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain), and with ETag 0x2b

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-path = /hello/2 Uri-Query : first=1
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.05 Content Response with: Object-Security option Content-Format = 0 (text/plain) ETag with value 0x2b Payload = "Hello World!"
5	Verify	Server displays the sent packet

4.1.5. Identifier: TEST_3a

Objective : Perform a GET transaction using OSCOAP, Content-Format, Uri-Path, Accept and Max-Age option (Client side)

Configuration :

client security context: Security Context A, with:

Sequence number sent not in server's replay window

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-path = /hello/3 Accept = 0 (text/plain;charset=utf-8)
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.05 Content Response with: Object-Security option Content-Format = 0 (text/plain) Max-Age with value 0x05 Payload = "Hello World!"
5	Verify	Client displays the received packet

4.1.6. Identifier: TEST_3b

Objective :Perform a GET transaction using OSCOAP, Content-Format, Uri-Path, Accept and Max-Age option (Server side)

Configuration :

server security context: Security Context B, with:

Sequence number received not in server's replay window

server resources:

/hello/3 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain), and Max-Age 5

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-path = /hello/3 Accept = 0 (text/plain;charset=utf-8)
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.05 Content Response with: Object-Security option Content-Format = 0 (text/plain) Max-Age with value 0x05 Payload = "Hello World!"
5	Verify	Server displays the sent packet

4.1.7. Identifier: TEST_4a

Objective : Perform a GET transaction using OSCOAP, Content-Format, Uri-Path, and Observe. Response without observe. (Client side)

Configuration :

client security context: Security Context A, with:

Sequence number sent not in server's replay window

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-path = /hello/1 Observe = 0 (Registration)
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.05 Content Response with: Object-Security option Payload = ...
5	Verify	Client displays the received packet

4.1.8. Identifier: TEST_4b

Objective : Perform a GET transaction using OSCOAP, Content-Format, Uri-Path, and Observe. Response without observe. (Server side)

Configuration :

server security context: Security Context B, with:

Sequence number received not in server's replay window

server resources:

- /hello/1 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-path = /hello/1 Observe = 0 (Registration)
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.05 Content Response with: Object-Security option Payload = ...
5	Verify	Server displays the sent packet

4.1.9. Identifier: TEST_5a

Objective : Perform a GET transaction using OSCOAP, Content-Format, Uri-Path, and Observe (Client side)

Configuration :

client security context: Security Context A, with:

Sequence number sent not in server's replay window
Sequence number received not in client's replay window

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-path = /observe Observe = 0 (Registration)
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.05 Content Response with: Object-Security option Observe (Notification) Payload = ...
5	Verify	Client displays the received packet
6	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.05 Content Response with: Object-Security option Observe (Notification) Payload = ...
7	Verify	Client displays the received packet

Etc.

4.1.10. Identifier: TEST_5b

Objective : Perform a GET transaction using OSCOAP, Content-Format, Uri-Path, and Observe (Server side)

Configuration :

server security context: Security Context B, with:

Sequence number received not in server's replay window
Sequence sent received not in client's replay window

server resources:

/observe : protected resource, authorized method: GET, returns a counter incremented every 2 seconds, supports observe.

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-path = /observe Observe = 0 (Registration)
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.05 Content Response with: Object-Security option Observe (Notification) Payload = ...
5	Verify	Server displays the sent packet
6	Check	Server serialize the response correctly, which is: 2.05 Content Response with: Object-Security option Observe (Notification) Payload = ...
7	Verify	Server displays the sent packet

Etc.

4.2. POST Tests

4.2.1. Identifier: TEST_6a

Objective : Perform a POST transaction using OSCOAP, Content-Format, and Uri-Path option, creating a resource (Client side)

Configuration :

client security context: Security Context A, with:

Sequence number sent not in server's replay window

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP POST request protected with OSCOAP, including: Object-Security option Uri-Path = /hello/6 Content-Format = 0 payload = 0x4a
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.04 Changed Response with: Object-Security option
5	Verify	Client displays the received packet

4.2.2. Identifier: TEST_6b

Objective : Perform a POST transaction using OSCOAP, Content-Format, and Uri-Path option, updating a resource (Server side)

Configuration :

server security context: Security Context B, with:

Sequence number received not in server's replay window

server resources:

/hello/6 : protected resource, authorized method: POST, returns the value of the resource with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP POST request protected with OSCOAP, including: Object-Security option Uri-Path = /hello/6 Content-Format = 0 payload = 0x4a
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.04 Changed Response with: Object-Security option
5	Verify	Server displays the sent packet

4.3 PUT Tests

4.3.1. Identifier: TEST_7a

Objective : Perform a PUT transaction using OSCOAP, Uri-Path, Content-Format and If-Match option (Client side)

Configuration :

client security context: Security Context A, with:

Sequence number sent not in server's replay window

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP PUT request protected with OSCOAP, including: Object-Security option Uri-Path = /hello/7 Content-Format = 0 If-Match with value 0x7b payload = 0x7a
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.04 Changed Response with: Object-Security option
5	Verify	Client displays the received packet

4.3.2. Identifier: TEST_7b

Objective : Perform a PUT transaction using OSCOAP, Uri-Path, Content-Format and If-Match option (Server side)

Configuration :

server security context: Security Context B, with:

Sequence number received not in server's replay window

server resources:

/hello/7 : protected resource, authorized method: PUT, returns the value of the resource with content-format 0 (text/plain), has ETag 0x7b

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP PUT request protected with OSCOAP, including: Object-Security option Uri-Path = /hello/7 Content-Format = 0 If-Match with value 0x7b payload = 0x7a
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.04 Changed Response with: Object-Security option
5	Verify	Server displays the sent packet

4.3.3. Identifier: TEST_8a

Objective : Perform a PUT transaction using OSCOAP, Uri-Path, Content-Format and If-None-Match option (Client side)

Configuration :

client security context: Security Context A, with:

Sequence number sent not in server's replay window

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP PUT request protected with OSCOAP, including: Object-Security option Uri-Path = /hello/7 Content-Format = 0 If-None-Match payload = 0x7a
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 4.12 Precondition Failed Response with: Object-Security option
5	Verify	Client displays the received packet

4.3.4. Identifier: TEST_8b

Objective : Perform a PUT transaction using OSCOAP, Uri-Path, Content-Format and If-None-Match option (Server side)

Configuration :

server security context: Security Context B, with:

Sequence number received not in server's replay window

server resources:

/hello/7 : protected resource, authorized method: PUT, returns the value of the resource with content-format 0 (text/plain), has ETag 0x7b

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP PUT request protected with OSCOAP, including: Object-Security option Uri-Path = /hello/7 Content-Format = 0 If-None-Match payload = 0x8a
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 4.12 Precondition Failed Response with: Object-Security option
5	Verify	Server displays the sent packet

4.4. DELETE Tests

4.4.1. Identifier: TEST_9a

Objective : Perform a DELETE transaction using OSCOAP and Uri-Path option (Client side)

Configuration :

client security context: Security Context A, with:

Sequence number sent not in server's replay window

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP DEL request protected with OSCOAP, including: Object-Security option Uri-Path = /test
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.02 Deleted Response with: Object-Security option
5	Verify	Client displays the received packet

4.4.2. Identifier: TEST_9b

Objective : Perform a DELETE transaction using OSCOAP and Uri-Path option (Server side)

Configuration :

server security context: Security Context B, with:

Sequence number received not in server's replay window

server resources:

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP DEL request protected with OSCOAP, including: Object-Security option Uri-Path = /test
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.02 Deleted Response with: Object-Security option
5	Verify	Server displays the sent packet

5. Incorrect OSCOAP use

5.1. Security Context not matching

5.1.1. Identifier: TEST_10a

Objective : Perform an unauthorized CON GET transaction: non matching Client Sender Id - Server Recipient Id (Client side)

Configuration :

client security context: Security Context A, with:

Sender Context:
- Sender ID: modified sender ID (arbitrarily set by the Client)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option (modified Sender ID) Uri-Path : /hello/1
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response : OSCOAP verification succeeds; expected response: 4.01 Unauthorized error message: Object-Security option Payload: Security context not found (optional)
5	Verify	Client displays the received packet

5.1.2. Identifier: TEST_10b

Objective :Perform an unauthorized GET transaction: non matching Client Sender Id - Server Recipient Id (Server side)

Configuration :

server security context: Security Context B

server resources:

/hello/1 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option (modified Sender ID) Uri-Path : /hello/1
2	Check	The message verification [7.2] fails and the server sends an error back (stop CoAP processing)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 4.01 Unauthorized error message: Object-Security option Payload: Security context not found (optional)
5	Verify	Server displays the sent packet

5.1.3. Identifier: TEST_11a

Objective : Perform a CON GET transaction with non matching Client Sender - Server Recipient Keys (Client side)

Configuration :

client security context: Security Context A, with:

Sender Context:
- Sender Key: modified key (arbitrarily set by the Client)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/1
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response : OSCOAP verification succeeds; expected response: 4.00 Bad Request error message: Object-Security option Payload: Decryption failed (optional)
5	Verify	Client displays the received packet

5.1.4. Identifier: TEST_11b

Objective : Perform a CON GET transaction with non matching Client Sender - Server Recipient Keys (Server side)

Configuration :

server security context: Security Context B

server resources:

/hello/1 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/1
2	Check	The message verification [7.2] fails and the server sends an error back (stop CoAP processing)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 4.00 Bad Request error message: Object-Security option Payload: Decryption failed (optional)
5	Verify	Server displays the sent packet

5.1.5. Identifier: TEST_12a

Objective : Perform a CON GET transaction with non matching Client Recipient - Server Sender Keys (Client side)

Configuration :

client security context: Security Context A, with:

Recipient Context:
- Recipient Key: modified key (arbitrarily set by the Client)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/1
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response : OSCOAP verification failure [7.4]; response dropped empty ACK sent back to the server
5	Verify	Client displays the received packet

5.1.6. Identifier: TEST_12b

Objective : Perform a CON GET transaction with non matching Client Recipient - Server Sender Keys (Server side)

Configuration :

server security context: Security Context B

server resources:

/hello/1 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/1
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.05 Content Response with: Object-Security option Content-Format = 0 (text/plain) Payload = "Hello World!"
5	Verify	Server displays the sent packet

5.2. Replay of a previously sent message

5.2.1. Identifier: TEST_13a

Objective : Perform a CON GET transaction using OSCOAP, Content-Format and Uri-Path option, request replayed by the Client (Client side)

Configuration :

client security context: Security Context A

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/1
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 2.05 Content Response with: Object-Security option Content-Format = 0 (text/plain) Payload = "Hello World!"
5	Verify	Client displays the received packet
6	Stimulus	The client is requested to reset its own sequence number to the value before executing step 1
7	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/1
8	Check	Client serializes the request
9	Verify	Client displays the sent packet
10	Check	Client parses the response and continues the CoAP processing (OSCOAP verification succeeds); expected: 4.00 Bad Request error message: Object-Security option Payload = Replay protection failed (optional)
11	Verify	Client displays the received packet

5.2.2. Identifier: TEST_13b

Objective : Perform a CON GET transaction using OSCOAP, Content-Format and Uri-Path option, request replayed by the Client (Client side)

Configuration :

server security context: Security Context B

server resources:

/hello/1 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/1
2	Check	Server parses the request and continues the CoAP processing (OSCOAP verification succeeds)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 2.05 Content Response with: Object-Security option Content-Format = 0 (text/plain) Payload = "Hello World!"
5	Verify	Server displays the sent packet
6	Stimulus	The client is requested to reset its own sequence number to the value before executing step 1
7	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/1
2	Check	The message verification [6.2] fails and the server sends an error back (stop CoAP processing)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 4.00 Bad Request error message: Object-Security option Payload = Replay protection failed (optional)
5	Verify	Server displays the sent packet

5.3. Accessing a non-OSCOAP-protected resource with OSCOAP

5.3.1. Identifier: TEST_14a

Objective : Perform a CON GET transaction using OSCOAP to a non protected resource, Content-Format and Uri-Path option (Client side)

Configuration :

client security context: Security Context A

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Object-Security option Uri-Path : /hello/coap
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Client parses the response : OSCOAP verification failure [7.4]; response dropped empty ACK sent back to the server
5	Verify	Client displays the received packet

5.3.2. Identifier: TEST_14b

Objective : Perform a CON GET transaction using OSCOAP to a non protected resource, Content-Format and Uri-Path option (Server side)

Configuration :

The server does not implement OSCOAP.

server security context: None

server resources:

/hello/coap : authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request, including: Object-Security option Uri-Path : /hello/coap
2	Check	Server parses the request and finds an unrecognized option of class "critical" (the object-security option)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 4.02 Bad Option error response, with: Payload = diagnostic payload (optional)
5	Verify	Server displays the sent packet

5.4. Accessing an OSCOAP-protected resource without OSCOAP

5.4.1. Identifier: TEST_15a

Objective : Perform a CON GET transaction to a protected resource, Content-Format and Uri-Path option (Client side)

Configuration :

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Uri-Path : /hello/1
2	Check	Client serializes the request
3	Verify	Client displays the sent packet
4	Check	Server serialize the response correctly, which is: 4.01 Unauthorized error response, with: Payload = diagnostic payload (optional)
5	Verify	Client displays the received packet

5.3.2. Identifier: TEST_15b

Objective : Perform a CON GET transaction to a protected resource, Content-Format and Uri-Path option (Server side)

Configuration :

The server does not implement OSCOAP.

server security context: Security Context B

server resources:

/hello/1 : protected resource, authorized method: GET, returns the string "Hello World!" with content-format 0 (text/plain)

Test Sequence

Step	Type	Description
1	Stimulus	The client is requested to send a CoAP GET request protected with OSCOAP, including: Uri-Path : /hello/1
2	Check	Server parses the request and finds an unrecognized option of class "critical" (the object-security option)
3	Verify	Server displays the received packet
4	Check	Server serialize the response correctly, which is: 4.01 Unauthorized error response, with: Payload = diagnostic payload (optional)
5	Verify	Server displays the sent packet

Tests Specification for OSCOAP

Table of Contents

1. Notes

2. Security Contexts and Resources

Security Context A: Client

Security Context B: Server

Resources

3. Set up the environment

3.1. Identifier: TEST_0a

3.2. Identifier: TEST_0b

4. Correct OSCOAP use

4.1 GET Tests

4.1.1. Identifier: TEST_1a

4.1.2. Identifier: TEST_1b

4.1.3. Identifier: TEST_2a

4.1.4. Identifier: TEST_2b

4.1.5. Identifier: TEST_3a

4.1.6. Identifier: TEST_3b

4.1.7. Identifier: TEST_4a

4.1.8. Identifier: TEST_4b

4.1.9. Identifier: TEST_5a

4.1.10. Identifier: TEST_5b

4.2. POST Tests

4.2.1. Identifier: TEST_6a

4.2.2. Identifier: TEST_6b

4.3 PUT Tests

4.3.1. Identifier: TEST_7a

4.3.2. Identifier: TEST_7b

4.3.3. Identifier: TEST_8a

4.3.4. Identifier: TEST_8b

4.4. DELETE Tests

4.4.1. Identifier: TEST_9a

4.4.2. Identifier: TEST_9b

5. Incorrect OSCOAP use

5.1. Security Context not matching

5.1.1. Identifier: TEST_10a

5.1.2. Identifier: TEST_10b

5.1.3. Identifier: TEST_11a

5.1.4. Identifier: TEST_11b

5.1.5. Identifier: TEST_12a

5.1.6. Identifier: TEST_12b

5.2. Replay of a previously sent message

5.2.1. Identifier: TEST_13a

5.2.2. Identifier: TEST_13b

5.3. Accessing a non-OSCOAP-protected resource with OSCOAP

5.3.1. Identifier: TEST_14a

5.3.2. Identifier: TEST_14b

5.4. Accessing an OSCOAP-protected resource without OSCOAP

5.4.1. Identifier: TEST_15a

5.3.2. Identifier: TEST_15b