Reusable test coverage for TLS implementations

Current libraries that implement Transport Layer Security (TLS) need to implement multiple versions of the protocol, many separate features (sometimes dozens) and support multiple configurations. This complexity means that it is very hard to manually create tests that provide high degree of test coverage (especially if the interactions between features are unexpected).

The tlsfuzzer project addresses this problem, by testing several features, corner cases and lesser used features of TLS implementations. There are however, some features missing.

The goal of the work is to study cryptographic features used in modern software libraries like OpenSSL, GnuTLS or NSS and implement selected features in tlsfuzzer and tlslite-ng. For other features, implementing them to verify that they are now correctly disabled and can’t be negotiated. Examples include:

  • AES-CCM cipher mode in TLS
  • DSA support (in TLS and X.509)
  • ECDSA support (in TLS and X.509)
  • Static DH and ECDH key exchange in TLS 1.2 and earlier
  • PSK key exchange in TLS 1.2 and earlier
  • Kerberos 5 key exchange in TLS 1.2 and earlier
  • Session Ticket support
  • Camellia ciphers
  • SEED-CBC ciphers
  • DES-CBC ciphers
  • IDEA-CBC ciphers
  • SSLv2 RC2-CBC, RC4-64 ciphers
  • ARIA ciphers
  • export grade ciphers and key exchange
  • Next Protocol Negotiation extension
  • Heartbeat extension
  • Datagram Transport Layer Security (DTLS) protocol