Proximity Credential Verifier Test MatrixΒΆ
This section provides the set of test cases designed for technical implementers and development teams responsible for creating and deploying Credential Verifiers solutions for proximity flows. It is also intended for assessment bodies inspecting and validating the implementations of Credential Verifiers solutions for proximity flows.
Note
Further references about official ISO-18013-5 test plans, if available, will update this section in future releases.
Test Case ID |
Purpose |
Description |
Expected Result |
---|---|---|---|
PPR-001 |
Device Engagement |
Test the initiation of device engagement using QR code. |
Device engagement is successfully initiated and QR code is scanned. |
PPR-002 |
Session Establishment |
Verify session establishment with correct session keys. |
Session is established securely with correct session keys. |
PPR-003 |
Communication |
Test the transmission of mdoc request over BLE. |
mdoc request is transmitted securely over BLE. |
PPR-004 |
User Authentication |
Validate user authentication via WSCA. |
User is authenticated successfully using WSCA. |
PPR-005 |
Attribute Consent |
Check user consent for attribute release. |
User consents to release requested attributes. |
PPR-006 |
Data Retrieval |
Test retrieval of mdoc Digital Credentials. |
mdoc Digital Credentials are retrieved successfully. |
PPR-007 |
Session Termination |
Verify session termination after data exchange. |
Session is terminated and keys are destroyed. |
PPR-008 |
Error Handling |
Test handling of invalid session keys. |
Appropriate error message is displayed for invalid keys. |
PPR-009 |
BLE Connection |
Test BLE connection stability during data exchange. |
BLE connection remains stable throughout the exchange. |
PPR-010 |
Document Verification |
Verify the integrity of received documents. |
Documents are verified and integrity is confirmed. |
PPR-011 |
Security |
Test encryption of mdoc requests and responses. |
All mdoc requests and responses are encrypted correctly. |
PPR-012 |
User Interface |
Check the user interface for attribute consent. |
User interface displays attribute consent request clearly. |
PPR-013 |
Error Handling |
Test response to unsupported document types. |
System returns appropriate error for unsupported document types. |
PPR-014 |
Performance |
Measure time taken for session establishment. |
Session is established within acceptable time limits. |
PPR-015 |
Compatibility |
Verify compatibility with different mobile devices. |
System works seamlessly across various mobile devices. |
PPR-016 |
Data Integrity |
Test integrity of data during transmission. |
Data integrity is maintained during transmission. |
PPR-017 |
Session Management |
Test session management under high load. |
Sessions are managed effectively under high load conditions. |
PPR-018 |
BLE Connection |
Test reconnection after BLE disconnection. |
System reconnects successfully after BLE disconnection. |
PPR-019 |
User Experience |
Evaluate user experience during the proximity flow. |
Users report a positive experience with the proximity flow. |
PPR-020 |
Security |
Test resistance to replay attacks. |
System is resistant to replay attacks. |
PPR-021 |
Device Engagement |
Verify that Device Engagement structure is CBOR encoded. |
Device Engagement structure is correctly encoded in CBOR format. |
PPR-022 |
Device Engagement |
Test that ephemeral public key is of type allowed by selected cipher suite. |
Ephemeral public key meets the requirements of the selected cipher suite. |
PPR-023 |
BLE Configuration |
Verify that only Central Client mode is supported. |
Only Central Client mode is supported for BLE connections. |
PPR-024 |
Capabilities |
Test that |
|
PPR-025 |
Capabilities |
Verify that |
|
PPR-026 |
mdoc Request |
Test that mdoc Request messages are CBOR encoded. |
mdoc Request messages are correctly encoded in CBOR format. |
PPR-027 |
mdoc Request |
Verify that mdoc request is encrypted with session key. |
mdoc request is correctly encrypted with session key. |
PPR-028 |
mdoc Request |
Test that mdoc request is transmitted via BLE protocol. |
mdoc request is correctly transmitted via BLE protocol. |
PPR-029 |
mdoc Response |
Verify that mdoc Response messages are CBOR encoded. |
mdoc Response messages are correctly encoded in CBOR format. |
PPR-030 |
mdoc Response |
Test that mdoc response is encrypted with session key. |
mdoc response is correctly encrypted with session key. |
PPR-031 |
Key Management |
Test that private ephemeral key is kept secret. |
Private ephemeral key is properly secured and not exposed. |
PPR-032 |
Key Management |
Test that public ephemeral key is used in session establishment. |
Public ephemeral key is correctly used for session establishment. |
PPR-033 |
Session Key Derivation |
Test that session keys are derived using key agreement protocol. |
Session keys are correctly derived using the key agreement protocol. |
PPR-034 |
Session Establishment |
Test that |
|
PPR-035 |
Session Establishment |
Test that |
|
PPR-036 |
Session Establishment |
Test that |
|
PPR-037 |
Session Establishment |
Test that |
|
PPR-038 |
Message Transmission |
Test that |
|
PPR-039 |
Session Key Computation |
Test that Relying Party correctly handles Wallet Instance session key computation. |
Wallet Instance correctly computes session key. |
PPR-040 |
Message Decryption |
Test that Relying Party correctly handles Wallet Instance decrypting |
Wallet Instance successfully decrypts |
PPR-041 |
Signature Verification |
Test that Relying Party correctly handles Wallet Instance verifying RP Instance signature. |
Wallet Instance correctly verifies Relying Party Instance signature. |
PPR-042 |
Attribute Request Processing |
Test that Relying Party correctly handles Wallet Instance decrypting attribute request. |
Wallet Instance successfully decrypts attribute request. |
PPR-043 |
User Consent |
Test that Relying Party correctly handles Wallet Instance prompting user for consent. |
Wallet Instance correctly prompts user for consent to release attributes. |
PPR-044 |
Certificate Display |
Test that Relying Party correctly handles Wallet Instance displaying RP Registration Certificate. |
Wallet Instance displays Relying Party Registration Certificate for transparency. |
PPR-045 |
Credential Retrieval |
Test that Relying Party correctly handles Wallet Instance retrieving requested mdoc Digital Credentials. |
Wallet Instance successfully retrieves requested mdoc Digital Credentials. |
PPR-046 |
SessionData Preparation |
Test that Relying Party correctly handles Wallet Instance preparing |
Wallet Instance correctly prepares |
PPR-047 |
Authentication Data Signing |
Test that Relying Party correctly handles Wallet Instance signing required authentication data. |
Wallet Instance correctly signs required authentication data. |
PPR-048 |
Message Encryption |
Test that |
|
PPR-049 |
CBOR Encoding |
Test that mdoc response is encoded in CBOR format. |
mdoc response is correctly encoded in CBOR format. |
PPR-050 |
Data Verification |
Test that RP Instance decrypts |
Relying Party Instance successfully decrypts |
PPR-051 |
Signature Verification |
Test that RP Instance verifies Wallet Instance signature. |
Relying Party Instance correctly verifies Wallet Instance signature. |
PPR-052 |
Document Validation |
Test that RP Instance checks mdoc validity and Issuer signature. |
Relying Party Instance correctly validates mdoc and Issuer signature. |
PPR-053 |
BLE Disconnection |
Test that GATT Client unsubscribes from characteristics. |
GATT Client properly unsubscribes from characteristics. |
PPR-054 |
BLE Disconnection |
Test that GATT Client disconnects from GATT server. |
GATT Client properly disconnects from GATT server. |
PPR-055 |
Request Structure Compliance |
Test that mdoc Request is compliant with required structure. |
mdoc Request complies with required structure and includes necessary components. |
PPR-056 |
Response Structure Compliance |
Test that mdoc Response is compliant with required structure. |
mdoc Response complies with required structure and includes necessary components. |
PPR-057 |
Document Structure Compliance |
Test that documents are compliant with required structure. |
Documents comply with required structure and include necessary components. |
PPR-058 |
Document Type Validation |
Test that mDL document type is correctly set. |
mDL document type is correctly set to |
PPR-059 |
DeviceSigned Structure |
Test that deviceSigned structure is compliant. |
deviceSigned structure complies with required format and includes necessary components. |
PPR-060 |
Device Authentication |
Test that |
|
PPR-061 |
Wallet Attestation Inclusion |
Test that Relying Party correctly handles Wallet Instance including Wallet Attestation when requested. |
Wallet Instance includes Wallet Attestation when requested by Relying Party. |
PPR-062 |
AAL Claim Inclusion |
Test that Relying Party correctly handles Wallet Instance including |
Wallet Instance includes |
PPR-063 |
User Consent Bypass |
Test that Relying Party correctly handles Wallet Instance not requesting user consent for Wallet Attestation. |
Wallet Instance does not request user consent for technical Wallet Attestation attributes. |
PPR-064 |
Session Termination Conditions |
Test that session is terminated under specified conditions. |
Session is properly terminated when specified conditions occur. |
PPR-065 |
Session Termination Initiation |
Test that session termination is initiated correctly. |
Session termination is properly initiated when no further requests are sent. |
PPR-066 |
Key Destruction |
Test that session keys are destroyed on termination. |
Session keys and ephemeral key material are properly destroyed. |
PPR-067 |
Channel Closure |
Test that communication channel is closed on termination. |
Communication channel used for data retrieval is properly closed. |