summaryrefslogtreecommitdiff
path: root/tests/suite
Commit message (Collapse)AuthorAgeFilesLines
* updated tlsfuzzertmp-tls1.3-backportsNikos Mavrogiannopoulos2017-07-131-0/+0
| | | | | | | That fixes issue detecting connection termination from gnutls-serv in chacha20 test. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: enabled ALPN testsNikos Mavrogiannopoulos2017-07-063-1/+92
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* updated tlsfuzzerNikos Mavrogiannopoulos2017-07-051-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tests: enabled X25519 interop tests with openssl 1.1.0Nikos Mavrogiannopoulos2017-06-192-15/+31
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* .gitlab-ci.yml: added aarch64 build based on Debiantmp-aarch64-ciNikos Mavrogiannopoulos2017-06-041-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tests: modify tests to allow signatures with SHA1Nikos Mavrogiannopoulos2017-05-313-6/+6
| | | | | | | There were several tests that were utilizing SHA1 signatures but were not failing due to the bug in gnutls_pubkey_verify_hash2(). Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tls-fuzzer: ignore the incomplete RSA-PSS testsNikos Mavrogiannopoulos2017-05-291-1/+4
| | | | | | | These tests fail because tls-fuzzer currently does not properly implement RSA-PSS. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: the test-certificate-verify-malformed check now passesNikos Mavrogiannopoulos2017-05-291-3/+1
| | | | | | | | Previously it was expecting a different alert code than gnutls returned. Now gnutls returns the expected alert code (GNUTLS_A_DECRYPT_ERROR) on malformed signatures. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: tls-fuzzer: corrected unlocking at tls-fuzzer-cert.shNikos Mavrogiannopoulos2017-05-261-0/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: enabled ocsp stapling testNikos Mavrogiannopoulos2017-05-242-0/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: updated to latest versionNikos Mavrogiannopoulos2017-05-241-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added global locks on tls-fuzzer testsNikos Mavrogiannopoulos2017-03-282-0/+6
| | | | | | | They both require access to the same port and thus cannot be run in parallel. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* testsuite: added tlsfuzzer certificate requiring testsNikos Mavrogiannopoulos2017-03-283-1/+113
| | | | | | | This enhances the testsuite by running all the tlsfuzzer fuzzer tests which require certificates from server. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: create-chain.sh: do not explicitly set serialNikos Mavrogiannopoulos2017-03-231-4/+0
| | | | | | | We were previously exporting certificates with serial number being zero, which is not allowed by RFC5280. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: updated to account SHA1 move to broken setNikos Mavrogiannopoulos2017-03-163-4/+4
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added an OCSP response parsing coverage testNikos Mavrogiannopoulos2017-03-13328-2/+124
| | | | | | | | This inputs a large set of valid and invalid OCSP files in the OCSP parser with the intention to stress test its error checking, and prevent regressions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added a certificate parsing coverage testNikos Mavrogiannopoulos2017-03-13486-1/+124
| | | | | | | | This inputs a large set of valid and invalid certificates in the certificate parser with the intention to stress test its error checking, and prevent regressions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: suppressions.valgrind: supress fillin_rpathAlon Bar-Lev2017-03-132-0/+16
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* testsuite: added tlsfuzzerNikos Mavrogiannopoulos2017-03-076-1/+163
| | | | | | | This enhances the testsuite by running all the tlsfuzzer fuzzer tests which require no certificates from server. https://github.com/tomato42/tlsfuzzer
* tests: converted compile-time checks for FIPS140 mode to run-timetmp-use-thread-local-rngNikos Mavrogiannopoulos2017-03-073-0/+15
| | | | | | | | This allows running the complete test suite even when the library is compiled in FIPS140-2 mode, as long as the run-time is not at this mode. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tests: verify that a written certificate will inherit its ID from privkeytmp-assign-same-pkcs11-idNikos Mavrogiannopoulos2017-01-242-0/+167
| | | | | | | That is, whether p11tool will do the right thing and figure the proper ID to use for a certificate object, if the public key is available. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Revert "tests: suite: pkcs11: skip if no softhsm"Nikos Mavrogiannopoulos2017-01-201-1/+1
| | | | | | This reverts commit 276a6ee44d80d4d3b144a78794020c177be8f0ea. The reason is to avoid having changes in softhsm packaging, result to skipping large parts of the test suite without someone noticing.
* tests: remove bash usageAlon Bar-Lev2017-01-058-8/+8
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: suite: chain: support separate builddirAlon Bar-Lev2017-01-051-1/+3
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: skip tests that requires tools if tools are disabledAlon Bar-Lev2017-01-052-0/+10
| | | | | | building with --disable-tools should not cause test failure. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: skip tests that requires tools if tools are disabledAlon Bar-Lev2017-01-0410-6/+84
| | | | | | building with --disable-tools should not cause test failure. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: suite: pkcs11: skip if no softhsmAlon Bar-Lev2017-01-041-1/+1
| | | | | | similar to other tests Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: enable all the ciphersuite in openssl cli for DSS checksfix-compat-testsNikos Mavrogiannopoulos2016-12-311-3/+3
|
* tests: don't check against 3DES if disabled in opensslNikos Mavrogiannopoulos2016-12-311-3/+8
|
* tests: do not pass the -dhparams to openssl 1.1.0; it doesn't workNikos Mavrogiannopoulos2016-12-311-1/+8
|
* tests: simplified DH params formatNikos Mavrogiannopoulos2016-12-311-33/+9
| | | | Also switch to RFC7919 DH params.
* tests: corrected type in openssl compat testsNikos Mavrogiannopoulos2016-12-311-2/+2
|
* tests: added common variable for DH parametersNikos Mavrogiannopoulos2016-12-313-31/+33
|
* tests: fixed paths in compat testsNikos Mavrogiannopoulos2016-12-311-2/+2
|
* tests: better termination checking in compat testsNikos Mavrogiannopoulos2016-12-312-3/+22
| | | | | This ensures that the exit code of all spawned processes is checked.
* tests: added check for certtool loading CA certificates from PKCS#11Nikos Mavrogiannopoulos2016-12-193-8/+184
|
* tests: disable ASAN leak checks on suite testsNikos Mavrogiannopoulos2016-12-091-4/+5
| | | | | These detect memory leaks in the tools in src/ which are not critical nor there is serious reason to address.
* tests: modified to account for backwards-encoded DN (according to RFC4514)Nikos Mavrogiannopoulos2016-10-312-2/+2
|
* tests: do not enable testpkcs11.sh twiceDmitry Eremin-Solenikov2016-10-271-1/+1
| | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Fix compilation of tests if nettle is not installed in standard pathDmitry Eremin-Solenikov2016-10-251-0/+2
| | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* tests: removed nohats.ca from testdaneNikos Mavrogiannopoulos2016-10-221-1/+1
| | | | The host seems to be unreliable.
* tests: introduced verification constraints checks for PKCS#7 structuresNikos Mavrogiannopoulos2016-10-181-1/+15
| | | | That is, key purpose checks and more elaborate time checks.
* tests: crl-test: use a unique temp fileNikos Mavrogiannopoulos2016-10-141-4/+5
|
* tests: added sanity check for included primesNikos Mavrogiannopoulos2016-10-142-2/+60
|
* tests: updated pkcs7 text outputs to account for certtool updateNikos Mavrogiannopoulos2016-10-142-0/+6908
|
* tests: replaced large test2.cat with a smaller fileNikos Mavrogiannopoulos2016-10-143-136/+22
|
* tests: added checks for the decoding of various PKCS#7 structuresNikos Mavrogiannopoulos2016-10-119-2/+481
|
* avoid the usage of '-a' and '-o' bash optionsNikos Mavrogiannopoulos2016-09-111-2/+2
| | | | This keeps syntax-check happy.
* doc updateNikos Mavrogiannopoulos2016-09-111-1/+1
|
* tests: added checks to verify behavior in writing pkcs11 objectsNikos Mavrogiannopoulos2016-09-061-0/+20
| | | | | That is, verify that private keys are marked as private by default, and public objects are marked as non-private by default.
View Lorry Controller Status