| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
This extends commit 51d21634 to cover the optional TLS 1.2 cases,
which RFC 8446 4.2.3 suggests: "Implementations that advertise support
for RSASSA-PSS (which is mandatory in TLS 1.3) MUST be prepared to
accept a signature using that scheme even when TLS 1.2 is negotiated".
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
| |
Also exercise this in testcompat-tls13-openssl.sh.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |\
| |
| |
| |
| |
| |
| | |
add support for 0-RTT
Closes #127
See merge request gnutls/gnutls!775
|
| | |
| |
| |
| | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
| |
DSA uses 1024-bit parameters, and these together with curves of
less than 256 bits are not accepted by debian's openssl.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
Resolves: #591
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
|
|
|
|
| |
These tests will fail with SSL3.0-enabled gnutls-serv unless --ssl3
option was passed. We will run these tests anyway from
gnutls-nocert-ssl3.json, so disable them here.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
|
| |
Adapt tls-fuzzer-common.sh script to be able to run tests in case
srcdir != builddir.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
|
| |
Makefile.am refers tls-fuzzer-nocert-ssl3.sh script, which is missing
in the source tree. Add it back.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
| |
Move common code to tls-fuzzer-common.sh to ease further adjustments.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
|
| |
Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
usage of random port for server.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
|
| |
Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
usage of random port for server.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
| |
Relates #542
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
| |
Also enable test-tls13-ffdhe-sanity.py,
test-tls13-session-resumption.py, and
test-tls13-unrecognised-groups.py.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
|
| |
Those tests were previously disabled because splitting of handshake
messages in a very short (< 4 bytes) fragments is not implemented.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
| |
Also enable test-tls13-0rtt-garbage.py.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Under TLS1.3 the server knows the negotiated keys early, if no client
certificate is sent. In that case, the server is not only able to
transmit the session ticket immediately after its finished message,
but is also able to transmit data, similarly to false start.
Resolves #481
Resolves #457
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
Resolves #508
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When a Hello Retry Request is received, do not set our (transient)
version to TLS1.2 on the second client hello. That's because both
peers have already negotiated TLS1.3.
This addresses issue with peers which may send a changecipherspec
message at this stage, which is now allowed when our version is
set to be TLS1.2. Introduced test suite using openssl and resumption
using HRR which reproduces the issue.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
This allows parallel run of the test with other tlsfuzzer tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
|
|
|
| |
The new option enables TLS1.3 draft-28 support unconditionally.
Updated the test suite to run when TLS1.3 is enabled by default,
and added a CI run with TLS1.3 enabled.
Resolves #424
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Do not require certificate validation on tests where no certificate is sent
* Rekey test performs data transfer after re-key
This introduces a dependency on the expect package for testing, and
updates openssl to address an issue in post-handshake auth interop
testing.
Resolves #488
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
| |
This may still overflow on platforms where unsigned long is 32 bit (e.g. 32 bit
Un*x, any Windows) when the delta is more than 4 seconds.
Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
| |
Also enable test-tls13-hrr.py.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
| |
That eliminates the need for locking and allows parallel runs.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
Also enable the TLS 1.3 tests.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
These ciphersuites are deprecated since the introduction of AEAD
ciphersuites, and are only necessary for compatibility with older
servers. Since older servers already support hmac-sha1 there is
no reason to keep these ciphersuites enabled by default, as they
increase our attack surface.
Relates #456
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
| |
That enhances the existing CBC check and adds sha384, uses PSK
to reduce handshake time, and other updates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
This requires a few changes to the resume.c test: because
NewSessionTicket is a post-handshake message,
gnutls_session_get_data2() needs to be called after sending the first
application data. Also, when GNUTLS_E_AGAIN, gnutls_record_recv()
needs to retry.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
|
| |
danetool --check www.kumari.net:
Verification: Verification failed. The certificate differs.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
|
| |
|
|
| |
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
| |
Previously if openssl wouldn't support DSS, we would only disable
DSS under TLS1.0 or later, not under SSL 3.0. This fixes interoperability
with Fedora28 openssl.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This adds interoperability tests for:
* PSK with elliptic curve DHE
* RSA,RSA-PSS,secp256r1,ed25519 server certificate
* RSA,RSA-PSS,secp256r1,ed25519 client certificate
* X25519,SECP256R1 key share exchange
* key share with HRR
Relates #328
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
