tests: run tls-fuzzer PSK testsuite

Resolves #508

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

3 files changed, 88 insertions, 1 deletions

diff --git a/tests/suite/Makefile.am b/tests/suite/Makefile.am
index fdc878bf73..9778538000 100644
--- a/tests/suite/Makefile.am
+++ b/tests/suite/Makefile.am
@@ -92,7 +92,7 @@ scripts_to_test = chain.sh \
 	testrng.sh testcompat-polarssl.sh testcompat-openssl.sh \
 	testrandom.sh tls-fuzzer/tls-fuzzer-nocert.sh \
 	tls-fuzzer/tls-fuzzer-cert.sh tls-fuzzer/tls-fuzzer-alpn.sh \
-	tls-fuzzer/tls-fuzzer-nocert-tls13.sh
+	tls-fuzzer/tls-fuzzer-nocert-tls13.sh tls-fuzzer/tls-fuzzer-psk.sh
 
 TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) \
 	LC_ALL="C"			\
diff --git a/tests/suite/tls-fuzzer/gnutls-psk.json b/tests/suite/tls-fuzzer/gnutls-psk.json
new file mode 100644
index 0000000000..e23eb8fa23
--- /dev/null
+++ b/tests/suite/tls-fuzzer/gnutls-psk.json
@@ -0,0 +1,18 @@
+[
+    {"server_command": ["@SERVER@", "--http",
+                 "--debug=3",
+                 "--pskpasswd", "@PSKFILE@",
+                 "--priority=@PRIORITY@",
+                 "--port=@PORT@"],
+     "server_hostname": "localhost",
+     "server_port": @PORT@,
+     "tests" : [
+         {"name" : "test-tls13-psk_ke.py",
+          "arguments" : ["-p", "@PORT@", "--psk", "@PSKKEY@",
+                  "--psk-iden", "@PSKID@"]},
+         {"name" : "test-tls13-psk_dhe_ke.py",
+          "arguments" : ["-p", "@PORT@", "--psk", "@PSKKEY@",
+                  "--psk-iden", "@PSKID@"]}
+     ]
+    }
+]
diff --git a/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh b/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh
new file mode 100755
index 0000000000..096e5ed1f2
--- /dev/null
+++ b/tests/suite/tls-fuzzer/tls-fuzzer-psk.sh
@@ -0,0 +1,69 @@
+#!/bin/bash
+
+# Copyright (C) 2016-2018 Red Hat, Inc.
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+srcdir="${srcdir:-.}"
+SERV="../../../../src/gnutls-serv${EXEEXT}"
+CLI="../../../../src/gnutls-cli${EXEEXT}"
+
+OUTFILE=tls-fuzzer.debug.log
+TMPFILE=tls-fuzzer.$$.tmp
+PSKFILE=tls-fuzzer.psk.$$.tmp
+
+. "${srcdir}/../scripts/common.sh"
+
+eval "${GETPORT}"
+
+pushd tls-fuzzer
+
+if ! test -d tlsfuzzer;then
+	exit 77
+fi
+
+rm -f "$OUTFILE"
+
+pushd tlsfuzzer
+test -L ecdsa || ln -s ../python-ecdsa/src/ecdsa ecdsa
+test -L tlslite || ln -s ../tlslite-ng/tlslite tlslite 2>/dev/null
+
+wait_for_free_port $PORT
+
+retval=0
+
+PRIORITY="NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-TLS1.1:-KX-ALL:+DHE-PSK:+ECDHE-PSK:+PSK"
+
+PSKKEY=8a7759b3f26983c453e448060bde8981
+PSKID=test
+
+sed -e "s|@SERVER@|$SERV|g" -e "s/@PSKKEY@/$PSKKEY/g" -e "s/@PSKID@/$PSKID/g" -e "s/@PSKFILE@/$PSKFILE/g" -e "s/@PORT@/$PORT/g" -e "s/@PRIORITY@/$PRIORITY/g" ../gnutls-psk.json >${TMPFILE}
+
+cat >${PSKFILE} <<_EOF_
+${PSKID}:${PSKKEY}
+_EOF_
+
+PYTHONPATH=. python tests/scripts_retention.py ${TMPFILE} ${SERV}
+retval=$?
+
+rm -f ${TMPFILE}
+rm -f ${PSKFILE}
+
+popd
+popd
+
+exit $retval