tests/suite/tls-fuzzer/gnutls-cert.json


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

[
    {"server_command": ["@SERVER@", "--http",
                 "--x509keyfile", "tests/serverX509Key.pem",
                 "--x509certfile", "tests/serverX509Cert.pem",
                 "--debug=4",
                 "--priority=@PRIORITY@",
                 "--port=@PORT@"],
     "environment": {"PYTHONPATH" : "."},
     "server_hostname": "localhost",
     "server_port": @PORT@,
     "tests" : [
         {"name": "test-rsa-sigs-on-certificate-verify.py",
          "arguments" : ["-k", "tests/clientX509Key.pem",
                         "-c", "tests/clientX509Cert.pem",
                         "-p", "@PORT@"]
         },
         {"name" : "test-certificate-verify.py",
          "arguments" : ["-k", "tests/clientX509Key.pem",
                         "-c", "tests/clientX509Cert.pem",
                         "-p", "@PORT@"]
          },
         {"name" : "test-certificate-verify-malformed.py",
          "arguments" : ["-k", "tests/clientX509Key.pem",
                         "-c", "tests/clientX509Cert.pem",
                         "-p", "@PORT@"]
          },
         {"name" : "test-certificate-verify-malformed-sig.py",
          "arguments" : ["-k", "tests/clientX509Key.pem",
                         "-c", "tests/clientX509Cert.pem",
                         "-p", "@PORT@"]
          },
         {"name" : "test-certificate-request.py",
          "comment" : "tlsfuzzer doesn't like our set of algorithms",
          "arguments" : ["-k", "tests/clientX509Key.pem",
                         "-c", "tests/clientX509Cert.pem",
                         "-e", "check sigalgs in cert request",
                         "-p", "@PORT@"]
          },
         {"name" : "test-rsa-pss-sigs-on-certificate-verify.py",
	  "comment" : "FIXME: We shouldn't allow rsa_pss_pss* schemes as there is only RSA key #645",
          "arguments" : ["-k", "tests/clientX509Key.pem",
                         "-c", "tests/clientX509Cert.pem",
                         "-e", "check CertificateRequest sigalgs",
			 "-e", "rsa_pss_pss_sha256 in CertificateVerify with rsa key",
			 "-e", "rsa_pss_pss_sha384 in CertificateVerify with rsa key",
			 "-e", "rsa_pss_pss_sha512 in CertificateVerify with rsa key",
                         "-n", "100",
                         "-p", "@PORT@"]
          },
         {"name": "test-certificate-malformed.py",
          "comment" : "tlsfuzzer doesn't like the alerts we send",
          "arguments" : ["-k", "tests/clientX509Key.pem",
                         "-c", "tests/clientX509Cert.pem",
                         "-e", "fuzz empty certificate - overall 7, certs 4, cert 1",
                         "-e", "fuzz empty certificate - overall 8, certs 5, cert 2",
                         "-p", "@PORT@"]
	 }
     ]
    }
]