mirror of https://github.com/ctz/rustls
397 lines
22 KiB
JSON
397 lines
22 KiB
JSON
{
|
|
"DisabledTests": {
|
|
"SendV2ClientHello-*": "only support TLS1.2",
|
|
"*SSL3*": "",
|
|
"*SSLv3*": "",
|
|
"*TLS1-*": "",
|
|
"*-TLS1": "",
|
|
"*TLS11-*": "",
|
|
"*-TLS11": "",
|
|
"ConflictingVersionNegotiation": "",
|
|
"SendFallbackSCSV": "fallback scsv not implemented",
|
|
"PointFormat-Server-Missing": "we require ecc",
|
|
"ECDSAKeyUsage-*": "TODO: we don't do anything with key usages",
|
|
"CheckRecordVersion-*": "we don't look at record version",
|
|
"TLS13-WrongOuterRecord": "we're lax on this",
|
|
"*DTLS*": "not supported",
|
|
"*Draft23*": "old draft",
|
|
"TokenBinding-*": "not supported",
|
|
"DummyPQPadding-*": "not supported",
|
|
"MTU*": "dtls only",
|
|
"DisableEverything": "not useful",
|
|
"SendEmptyRecords": "non-standard openssl/boringssl behaviour",
|
|
"SendEmptyRecords-Async": "",
|
|
"CheckLeafCurve": "",
|
|
"SendWarningAlerts": "",
|
|
"SendWarningAlerts-*": "",
|
|
"Peek-*": "",
|
|
"*-Split": "",
|
|
"EchoTLS13CompatibilitySessionID": "",
|
|
"ClientOCSPCallback*": "ocsp not supported yet",
|
|
"ServerOCSPCallback*": "",
|
|
"CertCompression*": "not implemented",
|
|
"DuplicateCertCompressionExt*": "",
|
|
"ECH-*": "",
|
|
"ALPS-*": "",
|
|
"ExtraClientEncryptedExtension-TLS-TLS13": "uses ALPS",
|
|
"SendHelloRetryRequest-2-TLS13": "we accept any supported keyshare",
|
|
"OmitExtensions-ServerHello-TLS12": "bug in bogo if sct offered",
|
|
"EmptyExtensions-ServerHello-TLS12": "",
|
|
"Server-JDK11*": "workarounds for oracle engineering quality",
|
|
"Client-RejectJDK11DowngradeRandom": "",
|
|
"CBCRecordSplitting*": "insane ciphersuites",
|
|
"*CBCPadding*": "",
|
|
"RSAEphemeralKey": "",
|
|
"BadRSAClientKeyExchange-*": "",
|
|
"SendClientVersion-RSA": "",
|
|
"Basic-Server-RSA-*": "",
|
|
"RSAKeyUsage-*": "",
|
|
"*-3DES-*": "",
|
|
"*-RSA_WITH_3DES_EDE_CBC_SHA-*": "",
|
|
"*-AES128-SHA*": "",
|
|
"*-AES256-SHA*": "",
|
|
"*_WITH_AES_128_CBC_*": "",
|
|
"*_WITH_AES_256_CBC_*": "",
|
|
"*-ECDSA_SHA1-*": "no ecdsa-sha1",
|
|
"*-Sign-RSA_PKCS1_SHA1-*": "no sha1",
|
|
"*-VerifyDefault-RSA_PKCS1_SHA1-*": "no sha1",
|
|
"*_P224_*": "no p224",
|
|
"*-P-224-*": "",
|
|
"*_P521_*": "no p521",
|
|
"CurveTest-Client-P-521-TLS12": "",
|
|
"CurveTest-Server-P-521-TLS12": "",
|
|
"CurveTest-Client-Compressed-P-521-TLS12": "",
|
|
"CurveTest-Server-Compressed-P-521-TLS12": "",
|
|
"CurveTest-Client-P-521-TLS13": "",
|
|
"CurveTest-Server-P-521-TLS13": "",
|
|
"CurveTest-Client-Compressed-P-521-TLS13": "",
|
|
"CurveTest-Server-Compressed-P-521-TLS13": "",
|
|
"GREASE-*": "not implemented",
|
|
"LargeMessage-Reject": "",
|
|
"DelegatedCredentials-*": "not implemented",
|
|
"CECPQ2*": "no PQC experiments",
|
|
"*CECPQ2*": "",
|
|
"KeyUpdate-FromClient": "not implemented (no API yet)",
|
|
"KeyUpdate-FromServer": "",
|
|
"ExportTrafficSecrets-*": "",
|
|
"*-InvalidSignature-*-SHA1-*": "no sha1",
|
|
"NoCommonCurves": "nothing to fall back to",
|
|
"ClientHelloPadding": "hello padding extension not implemented",
|
|
"Resume-Client-CipherMismatch": "tries to vary to unimplemented CBC-mode cs",
|
|
"*Auth-SHA1-Fallback*": "",
|
|
"RSA-PSS-Large": "",
|
|
"TLS12-AES128-GCM-*": "no pfs",
|
|
"TLS12-AES256-GCM-*": "",
|
|
"*-RSA_WITH_AES_128_GCM_SHA256-*": "",
|
|
"*-RSA_WITH_AES_256_GCM_SHA384-*": "",
|
|
"*-RSA_WITH_AES_128_CBC_SHA-*": "",
|
|
"*-RSA_WITH_AES_256_CBC_SHA-*": "",
|
|
"OmitExtensions-ClientHello-TLS12": "",
|
|
"EmptyExtensions-ClientHello-TLS12": "",
|
|
"Resume-Server-OmitPSKsOnSecondClientHello": "not required by RFC",
|
|
"FallbackSCSV*": "fallback countermeasure not yet implemented",
|
|
"RequireAnyClientCertificate-TLS12": "we don't send an alert in this case",
|
|
"TooManyKeyUpdates": "no limit implemented",
|
|
"SendUserCanceledAlerts-TooMany-TLS13": "",
|
|
"ServerBogusVersion": "we ignore legacy_version if there's an extension",
|
|
"Renegotiate-Client-*": "no reneg",
|
|
"Shutdown-Shim-Renegotiate-*": "",
|
|
"Shutdown-Shim-HelloRequest-*": "",
|
|
"Shutdown-Shim-ApplicationData*": "tests boringssl/openssl-specific behaviour, we don't let application data overtake connection shutdown",
|
|
"Renegotiate-Server-*": "",
|
|
"Renegotiate-ForbidAfterHandshake": "",
|
|
"SendHalfHelloRequest-*": "",
|
|
"RetainOnlySHA256-*": "",
|
|
"ExtendedMasterSecret-Renego-*": "",
|
|
"ALPN*SelectEmpty-*": "",
|
|
"Draft-Downgrade-Server": "not implemented; TODO",
|
|
"EarlyData-*ALPN*-*": "no alpn change in resumed sessions",
|
|
"*EarlyKeyingMaterial-Client-*": "early exporter NYI",
|
|
"QUICTransportParams-*": "Bogo assumes this can be tested over TLS1.3 framing -- could make this work with some effort",
|
|
"QUICCompatibilityMode": "",
|
|
"Ed25519DefaultDisable-NoAccept": "not implemented (ed25519 accepted by default)",
|
|
"Ed25519DefaultDisable-NoAdvertise": "not implemented (ed25519 advertised by default)",
|
|
"Server-VerifyDefault-Ed25519-TLS13": "ed25519 accepted by default",
|
|
"Server-VerifyDefault-Ed25519-TLS12": "",
|
|
"Client-VerifyDefault-Ed25519-TLS13": "",
|
|
"Client-VerifyDefault-Ed25519-TLS12": "",
|
|
"*-QUIC-*" :"",
|
|
"QUIC-*": "",
|
|
"*-QUIC": ""
|
|
},
|
|
"ErrorMap": {
|
|
":HTTP_REQUEST:": ":GARBAGE:",
|
|
":HTTPS_PROXY_REQUEST:": ":GARBAGE:",
|
|
":WRONG_VERSION_NUMBER:": ":GARBAGE:",
|
|
":PEER_DID_NOT_RETURN_A_CERTIFICATE:": ":NO_CERTS:",
|
|
":UNEXPECTED_RECORD:": ":UNEXPECTED_MESSAGE:",
|
|
":NO_RENEGOTIATION:": ":UNEXPECTED_MESSAGE:",
|
|
":DIGEST_CHECK_FAILED:": ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
|
|
":APPLICATION_DATA_INSTEAD_OF_HANDSHAKE:": ":UNEXPECTED_MESSAGE:",
|
|
":ENCRYPTED_LENGTH_TOO_LONG:": ":GARBAGE:"
|
|
},
|
|
"TestErrorMap": {
|
|
"EmptyCertificateList": ":NO_CERTS:",
|
|
"SendInvalidRecordType": ":GARBAGE:",
|
|
"NoSharedCipher": ":HANDSHAKE_FAILURE:",
|
|
"NoSharedCipher-TLS13": ":HANDSHAKE_FAILURE:",
|
|
"InvalidECDHPoint-Client": ":PEER_MISBEHAVIOUR:",
|
|
"InvalidECDHPoint-Server": ":PEER_MISBEHAVIOUR:",
|
|
"TrailingMessageData-ClientHello-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-ServerHello-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-ServerCertificate-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-CertificateRequest-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-ClientCertificate-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-CertificateVerify-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-NewSessionTicket-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-ServerHelloDone-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-ServerKeyExchange-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-ClientKeyExchange-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-CertificateStatus-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-TLS13-ClientHello-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-TLS13-ServerHello-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-TLS13-EncryptedExtensions-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-TLS13-CertificateRequest-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-TLS13-ServerCertificate-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-TLS13-ServerCertificateVerify-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-TLS13-ServerFinished-TLS": ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
|
|
"TrailingMessageData-TLS13-ClientCertificate-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-TLS13-ClientCertificateVerify-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"TrailingMessageData-TLS13-EndOfEarlyData-TLS": ":BAD_HANDSHAKE_MSG:",
|
|
"Server-NonEmptyEndOfEarlyData-TLS13": ":BAD_HANDSHAKE_MSG:",
|
|
"MissingKeyShare-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"MissingKeyShare-Server-TLS13": ":INCOMPATIBLE:",
|
|
"EmptyEncryptedExtensions-TLS13": ":BAD_HANDSHAKE_MSG:",
|
|
"NoSupportedCurves": ":INCOMPATIBLE:",
|
|
"BadECDHECurve": ":PEER_MISBEHAVIOUR:",
|
|
"VersionTooLow": ":INCOMPATIBLE:",
|
|
"ServerHelloBogusCipher": ":PEER_MISBEHAVIOUR:",
|
|
"ServerHelloBogusCipher-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"ALPNClient-RejectUnknown-TLS-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"ALPNClient-RejectUnknown-TLS-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"ALPNClient-EmptyProtocolName-TLS-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"ALPNClient-EmptyProtocolName-TLS-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"ALPNServer-EmptyProtocolName-TLS-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"ALPNServer-EmptyProtocolName-TLS-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Verify-ServerAuth-SignatureType": ":PEER_MISBEHAVIOUR:",
|
|
"Verify-ClientAuth-SignatureType": ":BAD_SIGNATURE:",
|
|
"Verify-ServerAuth-SignatureType-TLS13": ":BAD_SIGNATURE:",
|
|
"Verify-ClientAuth-SignatureType-TLS13": ":BAD_SIGNATURE:",
|
|
"ClientAuth-Enforced": ":PEER_MISBEHAVIOUR:",
|
|
"ServerAuth-Enforced": ":PEER_MISBEHAVIOUR:",
|
|
"UnofferedExtension-Client": ":PEER_MISBEHAVIOUR:",
|
|
"UnknownExtension-Client": ":PEER_MISBEHAVIOUR:",
|
|
"KeyUpdate-InvalidRequestMode": ":BAD_HANDSHAKE_MSG:",
|
|
"ExtraCompressionMethods-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"NoNullCompression-TLS12": ":INCOMPATIBLE:",
|
|
"NoNullCompression-TLS13": ":INCOMPATIBLE:",
|
|
"InvalidCompressionMethod": ":PEER_MISBEHAVIOUR:",
|
|
"TLS13-InvalidCompressionMethod": ":PEER_MISBEHAVIOUR:",
|
|
"TLS13-AES128-GCM-server": ":INCOMPATIBLE:",
|
|
"TLS13-AES128-GCM-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS13-AES256-GCM-server": ":INCOMPATIBLE:",
|
|
"TLS13-AES256-GCM-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS-TLS13-ECDHE_ECDSA_WITH_AES_128_GCM_SHA256-server": ":INCOMPATIBLE:",
|
|
"TLS-TLS13-ECDHE_ECDSA_WITH_AES_128_GCM_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS-TLS13-ECDHE_ECDSA_WITH_AES_256_GCM_SHA384-server": ":INCOMPATIBLE:",
|
|
"TLS-TLS13-ECDHE_ECDSA_WITH_AES_256_GCM_SHA384-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS-TLS13-ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256-server": ":INCOMPATIBLE:",
|
|
"TLS-TLS13-ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS-TLS13-ECDHE_RSA_WITH_AES_128_GCM_SHA256-server": ":INCOMPATIBLE:",
|
|
"TLS-TLS13-ECDHE_RSA_WITH_AES_128_GCM_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS-TLS13-ECDHE_RSA_WITH_AES_256_GCM_SHA384-server": ":INCOMPATIBLE:",
|
|
"TLS-TLS13-ECDHE_RSA_WITH_AES_256_GCM_SHA384-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS-TLS13-ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256-server": ":INCOMPATIBLE:",
|
|
"TLS-TLS13-ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS-TLS12-CHACHA20_POLY1305_SHA256-server": ":INCOMPATIBLE:",
|
|
"TLS-TLS12-CHACHA20_POLY1305_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS-TLS12-AES_128_GCM_SHA256-server": ":INCOMPATIBLE:",
|
|
"TLS-TLS12-AES_128_GCM_SHA256-client": ":PEER_MISBEHAVIOUR:",
|
|
"TLS-TLS12-AES_256_GCM_SHA384-server": ":INCOMPATIBLE:",
|
|
"TLS-TLS12-AES_256_GCM_SHA384-client": ":PEER_MISBEHAVIOUR:",
|
|
"SkipHelloRetryRequest-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"NoSupportedVersions": ":INCOMPATIBLE:",
|
|
"Client-VerifyDefault-RSA_PKCS1_SHA1-TLS12": ":PEER_ALERT_INTERNAL_ERROR:",
|
|
"Server-VerifyDefault-RSA_PKCS1_SHA1-TLS12": ":HANDSHAKE_FAILURE:",
|
|
"Client-VerifyDefault-RSA_PKCS1_SHA1-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Server-VerifyDefault-RSA_PKCS1_SHA1-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Client-VerifyDefault-RSA_PKCS1_SHA256-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Server-VerifyDefault-RSA_PKCS1_SHA256-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Client-VerifyDefault-RSA_PKCS1_SHA384-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Server-VerifyDefault-RSA_PKCS1_SHA384-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Client-VerifyDefault-RSA_PKCS1_SHA512-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Server-VerifyDefault-RSA_PKCS1_SHA512-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"ClientAuth-InvalidSignature-RSA-PKCS1-SHA1-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"ServerAuth-InvalidSignature-RSA-PKCS1-SHA1-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"Server-Sign-RSA_PKCS1_SHA256-TLS13": ":INCOMPATIBLE:",
|
|
"Server-Sign-RSA_PKCS1_SHA384-TLS13": ":INCOMPATIBLE:",
|
|
"Server-Sign-RSA_PKCS1_SHA512-TLS13": ":INCOMPATIBLE:",
|
|
"Client-Sign-RSA_PKCS1_SHA256-TLS13": ":INCOMPATIBLE:",
|
|
"Client-Sign-RSA_PKCS1_SHA384-TLS13": ":INCOMPATIBLE:",
|
|
"Client-Sign-RSA_PKCS1_SHA512-TLS13": ":INCOMPATIBLE:",
|
|
"ALPNClient-EmptyProtocolName-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"ALPNServer-EmptyProtocolName-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"ALPNClient-RejectUnknown-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"ClientAuth-NoFallback-RSA": ":BAD_HANDSHAKE_MSG:",
|
|
"ClientAuth-NoFallback-ECDSA": ":BAD_HANDSHAKE_MSG:",
|
|
"ClientAuth-NoFallback-TLS13": ":BAD_HANDSHAKE_MSG:",
|
|
"ServerAuth-NoFallback-TLS13": ":INCOMPATIBLE:",
|
|
"ClientAuth-Enforced-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"ServerAuth-Enforced-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SecondClientHelloWrongCurve-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SecondClientHelloMissingKeyShare-TLS13": ":INCOMPATIBLE:",
|
|
"Resume-Server-BinderWrongLength-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-NoPSKBinder-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-ExtraPSKBinder-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-ExtraIdentityNoBinder-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-InvalidPSKBinder-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-PSKBinderFirstExtension-SecondBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-OmitPSKsOnSecondClientHello": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-BinderWrongLength": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-NoPSKBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-ExtraPSKBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-ExtraIdentityNoBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-InvalidPSKBinder": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Server-PSKBinderFirstExtension": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Client-PRFMismatch-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Client-Mismatch-TLS12-TLS13-TLS": ":PEER_MISBEHAVIOUR:",
|
|
"Resume-Client-Mismatch-TLS13-TLS12-TLS": ":PEER_MISBEHAVIOUR:",
|
|
"NoSupportedCurves-TLS13": ":INCOMPATIBLE:",
|
|
"BadECDHECurve-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"InvalidECDHPoint-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"InvalidECDHPoint-Server-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"InvalidPSKIdentity-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"AlwaysSelectPSKIdentity-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"TrailingKeyShareData-TLS13": ":BAD_HANDSHAKE_MSG:",
|
|
"HelloRetryRequestCurveMismatch-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"HelloRetryRequestVersionMismatch-TLS13": ":INCOMPATIBLE:",
|
|
"HelloRetryRequest-DuplicateCookie-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"HelloRetryRequest-DuplicateCurve-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"UnknownUnencryptedExtension-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"UnexpectedUnencryptedExtension-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"UnofferedExtension-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"RenegotiationInfo-Forbidden-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"UnknownExtension-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"RequestContextInHandshake-TLS13": ":BAD_HANDSHAKE_MSG:",
|
|
"UnnecessaryHelloRetryRequest-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"UnknownCurve-HelloRetryRequest-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"DisabledCurve-HelloRetryRequest-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"HelloRetryRequest-Empty-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"HelloRetryRequest-EmptyCookie-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"HelloRetryRequest-Unknown-TLS13": ":INCOMPATIBLE:",
|
|
"TrailingDataWithFinished-Client-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"TrailingDataWithFinished-Resume-Client-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"TrailingDataWithFinished-Server-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"TrailingDataWithFinished-Resume-Server-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"TrailingDataWithFinished-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"TrailingDataWithFinished-Server-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"TrailingDataWithFinished-Resume-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"TrailingDataWithFinished-Resume-Server-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"PartialSecondClientHelloAfterFirst": ":PEER_MISBEHAVIOUR:",
|
|
"PartialClientFinishedWithSecondClientHello": ":PEER_MISBEHAVIOUR:",
|
|
"PartialClientFinishedWithClientHello-TLS12-Resume": ":PEER_MISBEHAVIOUR:",
|
|
"PartialServerHelloWithHelloRetryRequest": ":PEER_MISBEHAVIOUR:",
|
|
"PartialNewSessionTicketWithServerHelloDone": ":PEER_MISBEHAVIOUR:",
|
|
"PartialEndOfEarlyDataWithClientHello": ":PEER_MISBEHAVIOUR:",
|
|
"FragmentAcrossChangeCipherSpec-Client": ":PEER_MISBEHAVIOUR:",
|
|
"FragmentAcrossChangeCipherSpec-Server-Packed": ":PEER_MISBEHAVIOUR:",
|
|
"FragmentAcrossChangeCipherSpec-Client-Resume-Packed": ":PEER_MISBEHAVIOUR:",
|
|
"FragmentAcrossChangeCipherSpec-Client-Resume": ":PEER_MISBEHAVIOUR:",
|
|
"FragmentAcrossChangeCipherSpec-Server-Resume": ":PEER_MISBEHAVIOUR:",
|
|
"FragmentAcrossChangeCipherSpec-Server": ":PEER_MISBEHAVIOUR:",
|
|
"FragmentAcrossChangeCipherSpec-Client-Packed": ":PEER_MISBEHAVIOUR:",
|
|
"FragmentAcrossChangeCipherSpec-Server-Resume-Packed": ":PEER_MISBEHAVIOUR:",
|
|
"PartialFinishedWithServerHelloDone": ":PEER_MISBEHAVIOUR:",
|
|
"UnsupportedCurve-ServerHello-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"PartialClientKeyExchangeWithClientHello": ":PEER_MISBEHAVIOUR:",
|
|
"MinimumVersion-Client-TLS13-TLS12-TLS": ":INCOMPATIBLE:",
|
|
"MinimumVersion-Client2-TLS13-TLS12-TLS": ":INCOMPATIBLE:",
|
|
"MinimumVersion-Server-TLS13-TLS12-TLS": ":INCOMPATIBLE:",
|
|
"MinimumVersion-Server2-TLS13-TLS12-TLS": ":INCOMPATIBLE:",
|
|
"DuplicateKeyShares-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"PartialEncryptedExtensionsWithServerHello": ":PEER_MISBEHAVIOUR:",
|
|
"PartialClientFinishedWithClientHello": ":PEER_MISBEHAVIOUR:",
|
|
"PointFormat-EncryptedExtensions-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Ticket-Forbidden-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"PointFormat-Server-MissingUncompressed": ":INCOMPATIBLE:",
|
|
"MissingSignatureAlgorithmsInCertificateRequest-TLS13": ":INCOMPATIBLE:",
|
|
"NegotiatePSKResumption-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"PointFormat-Client-MissingUncompressed": ":PEER_MISBEHAVIOUR:",
|
|
"SendUnsolicitedOCSPOnCertificate-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SendUnsolicitedSCTOnCertificate-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"UnsolicitedServerNameAck-TLS-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"UnsolicitedServerNameAck-TLS-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"TicketSessionIDLength-33-TLS-TLS12": ":BAD_HANDSHAKE_MSG:",
|
|
"Ed25519DefaultDisable-NoAccept": ":PEER_MISBEHAVIOUR:",
|
|
"SendUnknownExtensionOnCertificate-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SendDuplicateExtensionsOnCerts-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SignedCertificateTimestampListEmpty-Client-TLS-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"SignedCertificateTimestampListEmpty-Client-TLS-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SignedCertificateTimestampListEmptySCT-Client-TLS-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"SignedCertificateTimestampListEmptySCT-Client-TLS-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"EMS-Forbidden-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Unclean-Shutdown": ":CLOSE_WITHOUT_CLOSE_NOTIFY:",
|
|
"SendExtensionOnClientCertificate-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SendBogusAlertType": ":BAD_ALERT:",
|
|
"TLS13-HRR-InvalidCompressionMethod": ":BAD_HANDSHAKE_MSG:",
|
|
"CertificateCipherMismatch-RSA": ":PEER_MISBEHAVIOUR:",
|
|
"CertificateCipherMismatch-ECDSA": ":PEER_MISBEHAVIOUR:",
|
|
"CertificateCipherMismatch-Ed25519": ":PEER_MISBEHAVIOUR:",
|
|
"ServerCipherFilter-RSA": ":INCOMPATIBLE:",
|
|
"ServerCipherFilter-ECDSA": ":INCOMPATIBLE:",
|
|
"ServerCipherFilter-Ed25519": ":INCOMPATIBLE:",
|
|
"SendServerHelloAsHelloRetryRequest": ":BAD_HANDSHAKE_MSG:",
|
|
"TLS13-OnlyPadding": ":PEER_MISBEHAVIOUR:",
|
|
"TLS13-EmptyRecords": ":PEER_MISBEHAVIOUR:",
|
|
"TLS13-DuplicateTicketEarlyDataSupport": ":PEER_MISBEHAVIOUR:",
|
|
"SupportedVersionSelection-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"HelloRetryRequest-CipherChange-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"CurveTest-Client-Compressed-P-256-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"CurveTest-Server-Compressed-P-256-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"CurveTest-Client-Compressed-P-256-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"CurveTest-Server-Compressed-P-256-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"CurveTest-Client-Compressed-P-384-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"CurveTest-Server-Compressed-P-384-TLS12": ":PEER_MISBEHAVIOUR:",
|
|
"CurveTest-Client-Compressed-P-384-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"CurveTest-Server-Compressed-P-384-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"ExtendedMasterSecret-NoToYes-Client": ":PEER_MISBEHAVIOUR:",
|
|
"ExtendedMasterSecret-YesToNo-Server": ":PEER_MISBEHAVIOUR:",
|
|
"ExtendedMasterSecret-YesToNo-Client": ":PEER_MISBEHAVIOUR:",
|
|
"ServerAcceptsEarlyDataOnHRR-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"Downgrade-TLS12-Client": ":PEER_MISBEHAVIOUR:",
|
|
"Downgrade-TLS10-Client": ":HANDSHAKE_FAILURE:",
|
|
"Downgrade-TLS10-Server": ":INCOMPATIBLE:",
|
|
"UnsupportedCurve": ":PEER_MISBEHAVIOUR:",
|
|
"ECDSACurveMismatch-Verify-TLS13": ":BAD_SIGNATURE:",
|
|
"SecondServerHelloNoVersion-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SecondServerHelloWrongVersion-TLS13": ":INCOMPATIBLE:",
|
|
"TooManyChangeCipherSpec-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"TooManyChangeCipherSpec-Server-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"EarlyData-CipherMismatch-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"EarlyDataWithoutResume-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"EarlyDataVersionDowngrade-Client-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"EarlyData-SkipEndOfEarlyData-TLS13": ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
|
|
"SkipEarlyData-Interleaved-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SkipEarlyData-TooMuchData-TLS13": ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
|
|
"SkipEarlyData-HRR-FatalAlert-TLS13": ":HANDSHAKE_FAILURE:",
|
|
"SkipEarlyData-HRR-Interleaved-TLS13": ":PEER_MISBEHAVIOUR:",
|
|
"SkipEarlyData-HRR-TooMuchData-TLS13": ":UNEXPECTED_MESSAGE:",
|
|
"SkipEarlyData-SecondClientHelloEarlyData-TLS13": ":PEER_MISBEHAVIOUR:"
|
|
},
|
|
"TestLocalErrorMap": {
|
|
"SendServerHelloAsHelloRetryRequest": "remote error: error decoding message",
|
|
"GarbageCertificate-Server-TLS12": "remote error: bad certificate",
|
|
"GarbageCertificate-Server-TLS13": "remote error: bad certificate",
|
|
"GarbageCertificate-Client-TLS12": "remote error: bad certificate",
|
|
"GarbageCertificate-Client-TLS13": "remote error: bad certificate",
|
|
"Client-VerifyDefault-RSA_PKCS1_SHA1-TLS12": "tls: no common signature algorithms",
|
|
"Server-VerifyDefault-RSA_PKCS1_SHA1-TLS12": "tls: no common signature algorithms",
|
|
"Downgrade-TLS10-Client": "tls: no cipher suite supported by both client and server",
|
|
"Downgrade-TLS10-Server": "remote error: protocol version not supported",
|
|
"TrailingDataWithFinished-Client-TLS13": "local error: bad record MAC",
|
|
"TrailingDataWithFinished-Resume-Client-TLS13": "local error: bad record MAC",
|
|
"SkipEarlyData-SecondClientHelloEarlyData-TLS13": "remote error: illegal parameter"
|
|
},
|
|
"HalfRTTTickets": 0
|
|
}
|