L0 Iris CTK test cases' collection

1

Dear MOSIP Support Team,

We are developing an SBI-compliant iris scanner device and encountering issues with CTK (Compliance Tool Kit) testing for our L0 unregistered device.

Device Configuration

  • Spec Version: 0.9.5
  • Certification Level: L0
  • Device Status: “Not Registered”
  • Environment: “Staging”
  • Device Type: Iris (Double)

Test Results
┌────────────────────────────────────────────────┬─────────┐
│ Test Case │ Result │
├────────────────────────────────────────────────┼─────────┤
│ SBI1000 - Discover device │ :white_check_mark: Pass │
├────────────────────────────────────────────────┼─────────┤
│ SBI1001 - Device info │ :white_check_mark: Pass │
├────────────────────────────────────────────────┼─────────┤
│ SBI1009 - Registration capture - Double Iris │ :cross_mark: Fail │
├────────────────────────────────────────────────┼─────────┤
│ SBI1011 - Both Exception │ :white_check_mark: Pass │
├────────────────────────────────────────────────┼─────────┤
│ SBI1029 - Check Device Status - Not Registered │ :white_check_mark: Pass │
└────────────────────────────────────────────────┴─────────┘
Error Details

For SBI1009 (Registration capture), we receive:

  • SchemaValidator: Pass
  • ResponseMismatchValidator: Pass
  • SignatureValidator: Failure - with Message: null

What We’ve Tried

  1. digitalId as unsigned JWT ({“alg”:“none”,“typ”:“JWT”} with format header.payload.)
    • Result: SignatureValidator failure with null message
  2. digitalId as plain base64 (per MOSIP spec for unregistered devices)
    • Result: “Connection Failure - Unable to connect to device / SBI” after capture completes
  3. Various JWT header formats (with/without typ, with/without trailing dot)
    • Result: Same SignatureValidator failure

Questions

  1. For L0 unregistered devices, what exact format should digitalId be in the capture response data payload?
    • Plain base64-encoded JSON: base64urlencode(payload)?
    • Or unsigned JWT: base64urlencode(header).base64urlencode(payload).?
  2. Is there a specific CTK test collection designed for L0 unregistered device testing?
  3. What does the SignatureValidator expect for devices with deviceStatus: “Not Registered”?
  4. Could you provide a sample capture response for an L0 unregistered device that passes CTK validation?
2

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.