diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-07-14 22:27:50 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-07-15 08:06:44 +0200 |
commit | b3ca79d87ad1f324996a63a4b277649fbe53d2ee (patch) | |
tree | 105fe031a2de8843295b91a79ec7d1043893bec3 /tests/suite | |
parent | 67d2bb911c3882f7fb7fbfaec9cadd77a08e30b7 (diff) | |
download | gnutls-b3ca79d87ad1f324996a63a4b277649fbe53d2ee.tar.gz |
Fixed alerts returned on TLS1.3 corner cases
This enables the tls-fuzzer tests 'test-tls13-certificate-verify.py'.
Resolves: #682
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'tests/suite')
-rw-r--r-- | tests/suite/tls-fuzzer/gnutls-cert.json | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/tests/suite/tls-fuzzer/gnutls-cert.json b/tests/suite/tls-fuzzer/gnutls-cert.json index c2b28c5569..f0443d8a7d 100644 --- a/tests/suite/tls-fuzzer/gnutls-cert.json +++ b/tests/suite/tls-fuzzer/gnutls-cert.json @@ -9,6 +9,20 @@ "server_hostname": "localhost", "server_port": @PORT@, "tests" : [ + {"name" : "test-tls13-certificate-verify.py", + "comment" : "tlsfuzzer doesn't like our set of algorithms (e.g., ed25519)", + "arguments" : ["-k", "tests/clientX509Key.pem", + "-c", "tests/clientX509Cert.pem", + "-n", "10", + "-e", "check sigalgs in cert request", + "-p", "@PORT@"]}, + {"name" : "test-tls13-certificate-verify.py", + "comment" : "tlsfuzzer doesn't like our set of algorithms (e.g., ed25519)", + "arguments" : ["-k", "tests/clientRSAPSSKey.pem", + "-c", "tests/clientRSAPSSCert.pem", + "-n", "10", + "-e", "check sigalgs in cert request", + "-p", "@PORT@"]}, {"name": "test-rsa-sigs-on-certificate-verify.py", "arguments" : ["-k", "tests/clientX509Key.pem", "-c", "tests/clientX509Cert.pem", @@ -45,6 +59,15 @@ "-n", "100", "-p", "@PORT@"] }, + {"name" : "test-rsa-pss-sigs-on-certificate-verify.py", + "comment": "tlsfuzzer doesn't know ed25519 scheme which we advertise", + "arguments" : ["-k", "tests/clientRSAPSSKey.pem", + "-c", "tests/clientRSAPSSCert.pem", + "-e", "check CertificateRequest sigalgs", + "--illegpar", + "-n", "100", + "-p", "@PORT@"] + }, {"name": "test-certificate-malformed.py", "comment" : "tlsfuzzer doesn't like the alerts we send", "arguments" : ["-k", "tests/clientX509Key.pem", |