crypto-tls-bogo-shim/config.json
Peter Wu 631e73e16f Make bogo advertise and test only for draft 22
Current bogo tests for draft18, patch that to use draft22. Patch from
https://boringssl-review.googlesource.com/c/boringssl/+/23704/2

Upstream commit e1068b76bd1d7f6ea06c90faa523ad8d562ec11b ("Test RSA
premaster unpad better.") added another version-specific test, disable
that since no protection is implemented.
2017-12-16 10:14:05 -04:00

82 lines
4.4 KiB
JSON

{
"DisabledTests": {
"*HelloRetryRequest*": "HelloRetryRequest not implemented yet",
"*HRR*": "HelloRetryRequest not implemented yet",
"*SecondClientHello*": "HelloRetryRequest not implemented yet",
"SupportTicketsWithSessionID": "Session IDs not supported",
"*-NoTickets-*": "Session IDs not supported",
"*-AES128-SHA256-*": "AES128-CBC-SHA256 not supported",
"*-AES256-SHA256-*": "AES256-CBC-SHA256 not supported",
"*-AES256-SHA384-*": "AES256-CBC-SHA384 not supported",
"BadRSAClientKeyExchange-4": "case RSABadValueWrongVersion1 - See comment in processClientKeyExchange",
"BadRSAClientKeyExchange-5": "case RSABadValueWrongVersion2 - See comment in processClientKeyExchange",
"GREASE-Server-TLS13": "TODO",
"DuplicateExtensionServer-*": "TODO",
"DuplicateKeyShares": "TODO",
"SkipEarlyData-TooMuchData": "TODO",
"KeyUpdate-*": "TODO",
"Renegotiate-Server-Forbidden": "9b812d006d made OpenSSL tests lock up",
"SendEmptyRecords*": "client: no protection implemented against flood of empty records",
"SendWarningAlerts*": "client: no protection implemented against flood of warning alerts",
"SendBogusAlertType": "client: TODO send IllegalParam instead of UnexpectedMessage",
"SkipNewSessionTicket": "client: TODO enable session cache",
"InvalidCompressionMethod": "client: TODO send IllegalParam instead of UnexpectedMessage",
"NoClientCertificate-TLS13": "client: TODO implement client certs",
"TLS13-Client-CertAuth-*": "client: TODO implement client certs",
"SupportedVersionSelection-TLS12": "client: TODO send Unexpected Extension if server sends SV",
"DuplicateExtensionClient-*": "TODO",
"UnsolicitedServerNameAck-*": "client: TODO send Unexpected Extension if SNI was not advertised",
"RenegotiationInfo-Forbidden-TLS13": "client: TODO reject ext",
"EMS-Forbidden-TLS13": "client: TODO reject ext",
"SendUnsolicitedOCSPOnCertificate-TLS13": "client: N/A, we always send status_request",
"SendUnsolicitedSCTOnCertificate-TLS13": "client: N/A, we always send SCT",
"SendUnknownExtensionOnCertificate-TLS13": "client: TODO reject unknown exts",
"Resume-Client-CipherMismatch-TLS13": "client: TODO implement resumption",
"ExtendedMasterSecret-NoToNo-Client": "client: TODO implement resumption",
"Renegotiate-Client-Forbidden-1": "client: TODO correct alert was sent, but why is the local error EOF?",
"TLS13-Client-ClientAuth-*": "client: TODO implement client certs",
"ClientAuth-*-TLS13*": "client: TODO implement client certs",
"ClientAuth-SHA1-Fallback-*": "client: what to do on empty SigAlg ext?",
"RSA-PSS-Default-*": "TODO enable PSS by default for TLS 1.2",
"ECDSACurveMismatch-Verify-TLS13": "client: we do advertise the SigAlg by default",
"Ed25519DefaultDisable-NoAccept": "client: expected IllegalParam instead of Unsupported Cert",
"UnofferedExtension-Client*": "client: TODO reject unadvertised extension",
"Unknown*Extension-Client*": "client: TODO reject unadvertised extension",
"PointFormat-EncryptedExtensions-TLS13": "client: TODO reject forbidden extension",
"PointFormat-Client-MissingUncompressed": "client: TODO should reject",
"TLS13-TestBadTicketAge-Client": "client: TODO implement resumption",
"TLS13-DuplicateTicketEarlyDataInfo": "client: TODO implement resumption",
"TLS13-WrongOuterRecord": "client: checking record content type is not a MUST",
"Basic-Client-*":"client: TODO implement resumption",
"TLS13-1RTT-Client-*": "client: TODO implement resumption",
"WrongMessageType-*": "client: TODO expected different alert",
"TrailingMessageData-*": "client: TODO expected different alert",
"EncryptedExtensionsWithKeyShare": "client: TODO reject invalid extension",
"EmptyEncryptedExtensions": "client: TODO require non-empty EE",
"TLS13-*PSKIdentity": "client: TODO",
"TLS13-ClientSkipCertificateVerify": "client: TODO implement client certs",
"CheckRecordVersion-*": "client: enforce record version",
"GarbageCertificate-Client-*": "client: TODO implement client certs",
"OmitExtensions-ServerHello-*": "client: N/A, we always send status_request and SCT",
"EmptyExtensions-ServerHello-*": "client: N/A, we always send status_request and SCT",
"ECDSAKeyUsage-*": "client: TODO reject cert with invalid KU",
"SupportedVersionSelection-TLS13": "won't fix for now, D22 will use this extension in ServerHello",
"*V2ClientHello*": "Unsupported version",
"*SSL3*": "Unsupported version",
"*SSLv3*": "Unsupported version"
}
}