summaryrefslogtreecommitdiff
path: root/tests/tls12-server-kx-neg.c
diff options
context:
space:
mode:
Diffstat (limited to 'tests/tls12-server-kx-neg.c')
-rw-r--r--tests/tls12-server-kx-neg.c146
1 files changed, 146 insertions, 0 deletions
diff --git a/tests/tls12-server-kx-neg.c b/tests/tls12-server-kx-neg.c
index 0595e9fc51..37e412c0d5 100644
--- a/tests/tls12-server-kx-neg.c
+++ b/tests/tls12-server-kx-neg.c
@@ -461,6 +461,152 @@ test_case_st tests[] = {
.have_srp_cred = 1,
.server_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2",
.client_prio = "NORMAL:-KX-ALL:+SRP:-VERS-ALL:+VERS-TLS1.2"
+ },
+
+ {
+ .name = "TLS 1.2 VKO-GOST-01 without cred",
+ .client_ret = GNUTLS_E_AGAIN,
+ .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-01 with cred but no cert",
+ .client_ret = GNUTLS_E_AGAIN,
+ .server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+ .have_cert_cred = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-01 with cred but no GOST cert",
+ .client_ret = GNUTLS_E_AGAIN,
+ .server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+ .have_cert_cred = 1,
+ .have_rsa_sign_cert = 1,
+ .have_rsa_decrypt_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-01 with cred and GOST01 cert",
+ .server_ret = 0,
+ .client_ret = 0,
+ .have_cert_cred = 1,
+ .have_gost01_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-01 with cred and GOST12-256 cert",
+ .client_ret = GNUTLS_E_AGAIN,
+ .server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+ .have_cert_cred = 1,
+ .have_gost12_256_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-01 with cred and GOST12-512 cert",
+ .client_ret = GNUTLS_E_AGAIN,
+ .server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+ .have_cert_cred = 1,
+ .have_gost12_512_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-01 with cred and multiple certs",
+ .server_ret = 0,
+ .client_ret = 0,
+ .have_cert_cred = 1,
+ .have_ecc_sign_cert = 1,
+ .have_rsa_sign_cert = 1,
+ .have_rsa_decrypt_cert = 1,
+ .have_gost01_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-01:-VERS-ALL:+VERS-TLS1.2"
+ },
+
+ {
+ .name = "TLS 1.2 VKO-GOST-12 without cred",
+ .client_ret = GNUTLS_E_AGAIN,
+ .server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-12 with cred but no cert",
+ .client_ret = GNUTLS_E_AGAIN,
+ .server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+ .have_cert_cred = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-12 with cred but no GOST cert",
+ .client_ret = GNUTLS_E_AGAIN,
+ .server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+ .have_cert_cred = 1,
+ .have_rsa_sign_cert = 1,
+ .have_rsa_decrypt_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-12 with cred and GOST01 cert",
+ .server_ret = 0,
+ .client_ret = 0,
+ .have_cert_cred = 1,
+ .have_gost01_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-12 with cred and GOST12-256 cert",
+ .server_ret = 0,
+ .client_ret = 0,
+ .have_cert_cred = 1,
+ .have_gost12_256_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-12 with cred and GOST12-512 cert",
+ .server_ret = 0,
+ .client_ret = 0,
+ .have_cert_cred = 1,
+ .have_gost12_512_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2"
+ },
+ {
+ .name = "TLS 1.2 VKO-GOST-12 with cred and multiple certs",
+ .server_ret = 0,
+ .client_ret = 0,
+ .have_cert_cred = 1,
+ .have_ecc_sign_cert = 1,
+ .have_rsa_sign_cert = 1,
+ .have_rsa_decrypt_cert = 1,
+ .have_gost01_cert = 1,
+ .have_gost12_256_cert = 1,
+ .have_gost12_512_cert = 1,
+ .not_on_fips = 1,
+ .server_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2",
+ .client_prio = "NORMAL:-KX-ALL:+VKO-GOST-12:-VERS-ALL:+VERS-TLS1.2"
}
};
View Lorry Controller Status