TLS-Attacker extended tests and fuzzing #732
Conversation
…r direct TLS CBC testing. CLI TLS server now catches an exception if an invalid connection is received (Otherwise, the server always stopped working)
Current coverage is 88.30% (diff: 100%)
|
|
Thanks for submitting this. I will merge this now and look at adding the testsuite portion to Travis CI sometime soon, so the tests are run reliably. From my understanding, with the proper workflows defined TLS-Attacker is also capable of acting as a server which attacks clients which connect to it. It would be great to add tests for that, as well as for DTLS. The system in TLS-Attacker for this looks very easy to use but I have not yet had time to play with it much. |
|
Yes, adding further tests for TLS clients or DTLS functionality should be simple, but is not yet well tested. We are currently refactoring TLS-Attacker and adding new functionalities in the internal branches (e.g., new fuzzing strategies or an action system allowing you to change TLS protocol version in the middle of the protocol flow). Once this is done, we will add also new testing capabilities. However, this can take several weeks. Thank you for accepting my pull request and integrating TLS-Attacker. |
|
Btw., you can find the (probably obvious) travis script I used previously here: |
Extended server test suite and policy tests with TLS-Attacker.
TLS-Attacker server fuzzing.