diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-17 10:20:41 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-17 17:08:02 +0200 |
| commit | b529460c8be8f261fbbc6e91475342fb74331150 (patch) | |
| tree | ec9bd6c92bf0a3d0b5b717d973231178b7f0845b /tests/tls12-server-kx-neg.c | |
| parent | 137c45e8f96a98d6850db84db3d87c4b7bd15f11 (diff) | |
| download | gnutls-b529460c8be8f261fbbc6e91475342fb74331150.tar.gz | |
tests: verify that a server with an ed25519 key will fail when client does not advertise it
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'tests/tls12-server-kx-neg.c')
| -rw-r--r-- | tests/tls12-server-kx-neg.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/tests/tls12-server-kx-neg.c b/tests/tls12-server-kx-neg.c index 49371be811..2da932d7c6 100644 --- a/tests/tls12-server-kx-neg.c +++ b/tests/tls12-server-kx-neg.c @@ -276,7 +276,24 @@ test_case_st tests[] = { .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2" }, - + { + .name = "TLS 1.2 ECDHE-ECDSA with cred and ed25519 cert", + .server_ret = 0, + .client_ret = 0, + .have_cert_cred = 1, + .have_ed25519_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2" + }, + { + .name = "TLS 1.2 ECDHE-ECDSA with cred and cert but incompatible (ed25519) curves", + .server_ret = GNUTLS_E_UNWANTED_ALGORITHM, + .client_ret = GNUTLS_E_AGAIN, + .have_cert_cred = 1, + .have_ed25519_sign_cert = 1, + .server_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2", + .client_prio = "NORMAL:-KX-ALL:+ECDHE-ECDSA:-VERS-ALL:+VERS-TLS1.2:-CURVE-ED25519:-SIGN-EDDSA-ED25519" + }, { .name = "TLS 1.2 ECDHE-PSK without cred", .client_ret = GNUTLS_E_AGAIN, |