summaryrefslogtreecommitdiff
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* tlsfuzzer: enabled EC tests for x25519tmp-def-ec-after-rfc7919Nikos Mavrogiannopoulos2017-08-021-0/+9
| | | | | | That includes tests for default curve. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tlsfuzzer: enabled test for ECDHE without the supported groups/EC extensionNikos Mavrogiannopoulos2017-08-022-3/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: removed duplicate teststmp-rfc7919-after-eddsaNikos Mavrogiannopoulos2017-08-021-3/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: fixed comment fieldsNikos Mavrogiannopoulos2017-08-021-3/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added unit test for group listings in priority structureNikos Mavrogiannopoulos2017-08-022-1/+116
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: updated cipher-listings.sh for the new groups listingNikos Mavrogiannopoulos2017-08-021-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: enabled RFC7919 FFDHE testsNikos Mavrogiannopoulos2017-08-023-0/+11
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: enhanced server key exchange tests with explicit DH param settingNikos Mavrogiannopoulos2017-08-022-4/+59
| | | | | | | That is, not only check the DH parameter setting using the known_dh_params() functions, but also with the explicit setting --set_server_dh_params(). Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: updated for post-RFC7919 behavior of libraryNikos Mavrogiannopoulos2017-08-024-28/+28
| | | | | | | | That is, it is no longer necessary to set DH parameters on a credentials structure, and thus previously expected to fail connections may succeed even without DH parameters. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added RFC7919 FFDHE unit testsNikos Mavrogiannopoulos2017-08-022-1/+355
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: modified gnutls_priority_set2() tests for gnutls_priority_set()Nikos Mavrogiannopoulos2017-07-252-2/+11
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: enabled test-ecdsa-sig-flexibility.pyNikos Mavrogiannopoulos2017-07-242-0/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: partially reverted SHA1 broken testsNikos Mavrogiannopoulos2017-07-212-15/+6
| | | | | | | | SHA1 is now considered broken only for certificates, hence OCSP or raw signing tests no longer need to use GNUTLS_VERIFY_ALLOW_BROKEN in the cases where certificate verification is not performed. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added unit tests for gnutls_sign_is_secure2()Nikos Mavrogiannopoulos2017-07-212-1/+95
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added reproducer with ed25519 private keyNikos Mavrogiannopoulos2017-07-213-1/+3
| | | | | | | Found with oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2689 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: enabled SNI and other tests from masterNikos Mavrogiannopoulos2017-07-213-3/+20
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: updated to reflect the fact that invalid dns names are rejectedNikos Mavrogiannopoulos2017-07-217-66/+31
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: enabled RSA-PSS checks on certificate verifyNikos Mavrogiannopoulos2017-07-181-0/+6
| | | | | | Relates: #208 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: enabled test-extended-master-secret-extension.pyNikos Mavrogiannopoulos2017-07-183-4/+3
| | | | | | | | That allows testing the extended master secret behavior. Resolves: #231 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: enhanced SSL3.0 openssl detection in testcompat-opensslNikos Mavrogiannopoulos2017-07-171-8/+25
| | | | | | | | That disables SSL 3.0 testing in openssl versions which cannot negotiated it (see https://bugzilla.redhat.com/show_bug.cgi?id=1471783 for rationale) and corrects a typo in the variable name and printed message. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: disable ARCFOUR interop tests if openssl doesn't support the cipherNikos Mavrogiannopoulos2017-07-171-12/+21
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: testcompat-openssl: 3DES is explicitly enabled for SSL 3.0Nikos Mavrogiannopoulos2017-07-171-6/+6
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: introduced tests on public key import-exporttmp-eddsa-after-rsa-pssNikos Mavrogiannopoulos2017-07-172-0/+308
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added sign/verification test using rfc8080 keysNikos Mavrogiannopoulos2017-07-172-1/+145
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: verify that a server with an ed25519 key will fail when client does ↵Nikos Mavrogiannopoulos2017-07-172-1/+23
| | | | | | not advertise it Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: privkey-keygen: added unit test for Ed25519 keysNikos Mavrogiannopoulos2017-07-171-9/+19
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added private key parameter verification in key-import-export checksNikos Mavrogiannopoulos2017-07-171-0/+21
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* handshake: return better error code on unwanted algorithmNikos Mavrogiannopoulos2017-07-171-1/+1
| | | | | | | | That is, when a signature algorithm is available which was not asked by the peer, then return GNUTLS_E_UNWANTED_ALGORITHM instead of the UNKNOWN_ALGORITHM. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added check on Ed25519 chain verificationNikos Mavrogiannopoulos2017-07-173-3/+35
| | | | | | | This chain was generated using certtool, and passed verification with OpenSSL's implementation (commit: db0f35dda18403accabe98e7780f3dfc516f49de) Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: pkcs7: added ed25519 basic signing and verification checksNikos Mavrogiannopoulos2017-07-177-3/+169
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: enhanced OID tests for Ed25519 OIDsNikos Mavrogiannopoulos2017-07-171-0/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: key-import-export: added Ed25519 key import/export checksNikos Mavrogiannopoulos2017-07-171-4/+117
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: replaced rsa-pss/eddsa certtool options with --key-typeNikos Mavrogiannopoulos2017-07-173-5/+5
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Renamed GNUTLS_PK_ECDHX to GNUTLS_PK_ECDH_X25519Nikos Mavrogiannopoulos2017-07-171-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: parse and interpret an EdDSA public keyNikos Mavrogiannopoulos2017-07-173-2/+35
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added TLS handshake test with EdDSA25519 certificatesNikos Mavrogiannopoulos2017-07-172-2/+10
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added tests on EdDSA signature validation using the sign/verify_data APIsNikos Mavrogiannopoulos2017-07-175-2/+38
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: Added unit test on EdDSA key parsingNikos Mavrogiannopoulos2017-07-174-3/+96
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added Ed25519 key and certificate generation testsNikos Mavrogiannopoulos2017-07-173-2/+158
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlsfuzzer: enabled chacha20 testsNikos Mavrogiannopoulos2017-07-131-0/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* updated tlsfuzzertmp-tls1.3-backportsNikos Mavrogiannopoulos2017-07-131-0/+0
| | | | | | | That fixes issue detecting connection termination from gnutls-serv in chacha20 test. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: csr-invalid.der: modify the SPKI OID to use SECP384R1Nikos Mavrogiannopoulos2017-07-131-0/+0
| | | | | | | That avoids false positives in error detection in 'crq' test due to SECP224R1 not being supported in our CI platforms. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: certtool-rsa-pss: use unique temp filesNikos Mavrogiannopoulos2017-07-131-2/+2
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: mini-record-2: made more robustNikos Mavrogiannopoulos2017-07-131-14/+15
| | | | | | | | It will no longer close the session prior to peer processing all messages. This prevents the peer stopping processing prior to all messages being received. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: mini-record: made more robustNikos Mavrogiannopoulos2017-07-131-62/+19
| | | | | | | It will no longer use a stream socket as this can does not work well with damaged records (they may end up merged). Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added unit tests for gnutls_priority_set*()Nikos Mavrogiannopoulos2017-07-103-1/+263
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added unit testing for server/client cipher negotiationNikos Mavrogiannopoulos2017-07-106-1/+691
| | | | | | This verifies that the expected algorithm (cipher) is negotiated. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tests: added unit testing for server ciphersuite/KX negotiationNikos Mavrogiannopoulos2017-07-107-2/+1749
| | | | | | | This verifies whether the ciphersuite negotiation will detect and reject incompatible data present in credentials. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* fuzz: undid changes related to boringssl server/client corpus format [ci skip]Nikos Mavrogiannopoulos2017-07-075-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* fuzz: gnutls-client-fuzzer: read directly from memory [ci skip]Nikos Mavrogiannopoulos2017-07-074-0/+0
| | | | | | Also updated to read the prefixed boringssl corpus files. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
View Lorry Controller Status