summaryrefslogtreecommitdiff
path: root/tests/suite/tls-fuzzer/gnutls-cert.json
diff options
context:
space:
mode:
Diffstat (limited to 'tests/suite/tls-fuzzer/gnutls-cert.json')
-rw-r--r--tests/suite/tls-fuzzer/gnutls-cert.json27
1 files changed, 22 insertions, 5 deletions
diff --git a/tests/suite/tls-fuzzer/gnutls-cert.json b/tests/suite/tls-fuzzer/gnutls-cert.json
index f0443d8a7d..7a5af26e53 100644
--- a/tests/suite/tls-fuzzer/gnutls-cert.json
+++ b/tests/suite/tls-fuzzer/gnutls-cert.json
@@ -2,7 +2,7 @@
{"server_command": ["@SERVER@", "--http",
"--x509keyfile", "tests/serverX509Key.pem",
"--x509certfile", "tests/serverX509Cert.pem",
- "--debug=4",
+ "--debug=6",
"--priority=@PRIORITY@",
"--port=@PORT@"],
"environment": {"PYTHONPATH" : "."},
@@ -10,16 +10,20 @@
"server_port": @PORT@,
"tests" : [
{"name" : "test-tls13-certificate-verify.py",
+ "comment" : "tlsfuzzer doesn't like our status request (see #633)",
+ "exp_pass" : false,
"comment" : "tlsfuzzer doesn't like our set of algorithms (e.g., ed25519)",
"arguments" : ["-k", "tests/clientX509Key.pem",
"-c", "tests/clientX509Cert.pem",
"-n", "10",
"-e", "check sigalgs in cert request",
"-p", "@PORT@"]},
- {"name" : "test-tls13-certificate-verify.py",
+ {"name" : "test-tls13-ecdsa-in-certificate-verify.py",
+ "comment" : "tlsfuzzer doesn't like our status request (see #633)",
+ "exp_pass" : false,
"comment" : "tlsfuzzer doesn't like our set of algorithms (e.g., ed25519)",
- "arguments" : ["-k", "tests/clientRSAPSSKey.pem",
- "-c", "tests/clientRSAPSSCert.pem",
+ "arguments" : ["-k", "tests/serverECKey.pem",
+ "-c", "tests/serverECCert.pem",
"-n", "10",
"-e", "check sigalgs in cert request",
"-p", "@PORT@"]},
@@ -33,6 +37,18 @@
"-c", "tests/clientX509Cert.pem",
"-p", "@PORT@"]
},
+ {"name" : "test-ecdsa-in-certificate-verify.py",
+ "comment" : "we don't support sha224; we send illegal_parameter instead of handshake_failure in md5+ecdsa",
+ "arguments" : ["-k", "tests/serverECKey.pem",
+ "-c", "tests/serverECCert.pem",
+ "-e", "make sha224+ecdsa signature in CertificateVerify",
+ "-e", "make sha224+ecdsa signature, advertise it as sha1+ecdsa in CertificateVerify",
+ "-e", "make sha224+ecdsa signature, advertise it as sha256+ecdsa in CertificateVerify",
+ "-e", "make sha224+ecdsa signature, advertise it as sha384+ecdsa in CertificateVerify",
+ "-e", "make sha224+ecdsa signature, advertise it as sha512+ecdsa in CertificateVerify",
+ "-e", "md5+ecdsa forced",
+ "-p", "@PORT@"]
+ },
{"name" : "test-certificate-verify-malformed.py",
"arguments" : ["-k", "tests/clientX509Key.pem",
"-c", "tests/clientX509Cert.pem",
@@ -44,10 +60,11 @@
"-p", "@PORT@"]
},
{"name" : "test-certificate-request.py",
- "comment" : "tlsfuzzer doesn't like our set of algorithms",
+ "comment" : "tlsfuzzer doesn't like our set of algorithms or supported cert types",
"arguments" : ["-k", "tests/clientX509Key.pem",
"-c", "tests/clientX509Cert.pem",
"-e", "check sigalgs in cert request",
+ "-e", "check cert types in cert request",
"-p", "@PORT@"]
},
{"name" : "test-rsa-pss-sigs-on-certificate-verify.py",
View Lorry Controller Status