diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-03 09:09:27 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-02 08:45:41 +0200 |
| commit | 687fdd62143d3e19c53934cf8927a475bea3832a (patch) | |
| tree | 94e85088f8fa4ebdfefb6c98b96450aee1059924 /tests/tls12-server-kx-neg.c | |
| parent | aa842f8d6430cf93b35cc0f3b85c6642b0979ff3 (diff) | |
| download | gnutls-687fdd62143d3e19c53934cf8927a475bea3832a.tar.gz | |
tests: enhanced server key exchange tests with explicit DH param setting
That is, not only check the DH parameter setting using the known_dh_params()
functions, but also with the explicit setting --set_server_dh_params().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'tests/tls12-server-kx-neg.c')
| -rw-r--r-- | tests/tls12-server-kx-neg.c | 34 |
1 files changed, 31 insertions, 3 deletions
diff --git a/tests/tls12-server-kx-neg.c b/tests/tls12-server-kx-neg.c index 3de87becff..009f2d8d74 100644 --- a/tests/tls12-server-kx-neg.c +++ b/tests/tls12-server-kx-neg.c @@ -54,7 +54,7 @@ test_case_st tests[] = { .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2" }, { - .name = "TLS 1.2 ANON-DH with cred and DH params", + .name = "TLS 1.2 ANON-DH with cred and DH params (level)", .server_ret = 0, .client_ret = 0, .have_anon_cred = 1, @@ -63,6 +63,15 @@ test_case_st tests[] = { .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2" }, { + .name = "TLS 1.2 ANON-DH with cred and DH params (explicit)", + .server_ret = 0, + .client_ret = 0, + .have_anon_cred = 1, + .have_anon_exp_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ANON-DH:-VERS-ALL:+VERS-TLS1.2" + }, + { .name = "TLS 1.2 DHE-RSA without cred", .client_ret = GNUTLS_E_AGAIN, .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, @@ -107,7 +116,7 @@ test_case_st tests[] = { .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, { - .name = "TLS 1.2 DHE-RSA with cred and cert and DH params", + .name = "TLS 1.2 DHE-RSA with cred and cert and DH params (level)", .client_ret = 0, .server_ret = 0, .have_cert_cred = 1, @@ -117,6 +126,16 @@ test_case_st tests[] = { .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" }, { + .name = "TLS 1.2 DHE-RSA with cred and cert and DH params (explicit)", + .client_ret = 0, + .server_ret = 0, + .have_cert_cred = 1, + .have_rsa_sign_cert = 1, + .have_cert_exp_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-RSA:-VERS-ALL:+VERS-TLS1.2" + }, + { .name = "TLS 1.2 DHE-RSA with cred and multiple certs and DH params", .client_ret = 0, .server_ret = 0, @@ -144,7 +163,7 @@ test_case_st tests[] = { .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2" }, { - .name = "TLS 1.2 DHE-PSK with cred DH params", + .name = "TLS 1.2 DHE-PSK with cred and DH params (level)", .client_ret = 0, .server_ret = 0, .have_psk_cred = 1, @@ -153,6 +172,15 @@ test_case_st tests[] = { .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2" }, { + .name = "TLS 1.2 DHE-PSK with cred and DH params (explicit)", + .client_ret = 0, + .server_ret = 0, + .have_psk_cred = 1, + .have_psk_exp_dh_params = 1, + .server_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+DHE-PSK:-VERS-ALL:+VERS-TLS1.2" + }, + { .name = "TLS 1.2 ECDHE-RSA without cred", .client_ret = GNUTLS_E_AGAIN, .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS, |