Andreas Steffen
39d6469d76
Added swanctl/rw-psk-fqdn and swanctl/rw-psk-ipv4 scenarios
2014-06-14 15:40:23 +02:00
Andreas Steffen
3eb22f1f00
Single-line --raw mode simplifies evaltest of swanctl scenarios
2014-06-14 15:40:23 +02:00
Andreas Steffen
12d618e280
Added swanctl/ip-pool-db scenario
2014-06-11 18:12:35 +02:00
Andreas Steffen
cda2a1e4dc
Updated strongTNC configuration
2014-06-11 18:12:34 +02:00
Andreas Steffen
d643f2cf91
Added swanctl/ip-pool scenario
2014-06-10 16:48:16 +02:00
Andreas Steffen
c621847395
Added swanctl/rw-cert scenario
2014-06-10 16:48:15 +02:00
Andreas Steffen
b09016377a
Define default swanctl credentials in hosts directory
2014-06-10 16:19:00 +02:00
Tobias Brunner
acdcb91e07
testing: Cache packages downloaded with pip for strongTNC
...
This way no network connections is required to rebuild the root/guest images.
2014-06-02 17:45:42 +02:00
Andreas Steffen
2721832a45
First swanctl scenario
2014-06-01 21:12:15 +02:00
Andreas Steffen
2382d45b1c
Test SWID REST API ins tnc/tnccs-20-pdp scenarios
2014-05-31 21:25:46 +02:00
Andreas Steffen
2997077bae
Migration from Debian 7.4 to 7.5
2014-05-31 20:37:57 +02:00
Andreas Steffen
0f000cdd6c
Minor changes in the test environment
2014-05-15 21:30:42 +02:00
Andreas Steffen
8d59090349
Implemented PT-EAP protocol (RFC 7171)
2014-05-12 06:59:21 +02:00
Tobias Brunner
1dfd11fd92
testing: Added pfkey/compress test case
2014-04-24 17:36:17 +02:00
Andreas Steffen
fa6c5f3506
Handle tag separators
2014-04-15 09:28:38 +02:00
Andreas Steffen
edd2ed860f
Renewed expired user certificate
2014-04-15 09:28:37 +02:00
Andreas Steffen
9b7f9ab5d2
Updated SWID scenarios
2014-04-15 09:21:06 +02:00
Andreas Steffen
3e7044b45e
Implemented segmented SWID tag attributes on IMV side
2014-04-15 09:21:06 +02:00
Andreas Steffen
8c40609f96
Use python-based swidGenerator to generated SWID tags
2014-04-15 09:21:06 +02:00
Andreas Steffen
48f37c448c
Make Attestation IMV independent of OS IMV
2014-04-15 09:21:05 +02:00
Andreas Steffen
ab8ed95bfc
Fixed pretest script in tnc/tnccs-20-pt-tls scenario
2014-04-04 23:04:54 +02:00
Tobias Brunner
7a61bf9032
testing: Run 'conntrack -F' before all test scenarios
...
This prevents failures due to remaining conntrack entries.
2014-04-02 11:55:05 +02:00
Andreas Steffen
96e3142c39
Test TLS AEAD cipher suites
2014-04-01 10:12:15 +02:00
Andreas Steffen
05eb83e986
Slightly edited evaltest of ikev2/ocsp-untrusted-cert scenario
2014-03-31 22:22:58 +02:00
Martin Willi
91d71abb16
revocation: Restrict OCSP signing to specific certificates
...
To avoid considering each cached OCSP response and evaluating its trustchain,
we limit the certificates considered for OCSP signing to:
- The issuing CA of the checked certificate
- A directly delegated signer by the same CA, having the OCSP signer constraint
- Any locally installed (trusted) certificate having the OCSP signer constraint
The first two options cover the requirements from RFC 6960 2.6. For
compatibility with non-conforming CAs, we allow the third option as exception,
but require the installation of such certificates locally.
2014-03-31 14:40:33 +02:00
Martin Willi
babd848778
testing: Add an acert test that forces a fallback connection based on groups
2014-03-31 11:14:59 +02:00
Martin Willi
1a4d3222be
testing: Add an acert test case sending attribute certificates inline
2014-03-31 11:14:59 +02:00
Martin Willi
9f676321a9
testing: Add an acert test using locally cached attribute certificates
2014-03-31 11:14:59 +02:00
Martin Willi
c602ee65dc
testing: build strongSwan with acert plugin
2014-03-31 11:14:59 +02:00
Andreas Steffen
959ef1a2e4
Added libipsec/net2net-3des scenario
2014-03-28 09:21:51 +01:00
Andreas Steffen
7afd217ff9
Renewed self-signed OCSP signer certificate
2014-03-27 22:52:11 +01:00
Andreas Steffen
c6d173a1f1
Check that valid OCSP responses are received in the ikev2/ocsp-multi-level scenario
2014-03-24 23:57:55 +01:00
Andreas Steffen
bee64a82d7
Updated expired certificates issued by the Research and Sales Intermediate CAs
2014-03-24 23:38:45 +01:00
Andreas Steffen
2d79f6d81e
Renewed revoked Research CA certificate
2014-03-22 15:16:15 +01:00
Andreas Steffen
07e7cb146f
Added openssl-ikev2/net2net-pgp-v3 scenario
2014-03-22 09:55:03 +01:00
Andreas Steffen
22e1aa51f9
Completed integration of ntru_crypto library into ntru plugin
2014-03-22 09:51:00 +01:00
Andreas Steffen
c683b389ba
Merged libstrongswan options into charon section
2014-03-15 14:07:34 +01:00
Andreas Steffen
f2a3a01134
strongswan.conf is not needed on RADIUS server alice
2014-03-15 14:07:33 +01:00
Andreas Steffen
342bc6e545
Disable mandatory ECP support for attestion
2014-03-07 21:56:34 +01:00
Andreas Steffen
a334ac80ae
Added ikev2/lookip scenario
2014-02-17 12:04:21 +01:00
Tobias Brunner
9942e43dc6
testing: Use installed PTS SQL schema and data instead of local copy
2014-02-12 14:08:34 +01:00
Tobias Brunner
96e8715e32
testing: Use installed SQL schema instead of local copy
2014-02-12 14:08:34 +01:00
Andreas Steffen
f0ffb9f9af
Fixed description of ikev1/rw-ntru-psk scenario
2014-02-12 13:21:46 +01:00
Andreas Steffen
ccb7630ca1
Updated test kvm tests to Linux 3.13 kernel
2014-02-12 13:16:34 +01:00
Andreas Steffen
83caf0827c
Added ikev1/net2net-ntru-cert and ikev1/rw-ntru-psk scenarios
2014-02-12 13:16:34 +01:00
Tobias Brunner
44e6dbf04d
testing: Add ssh script to distribution
2014-02-12 10:53:17 +01:00
Andreas Steffen
d6804e3041
Added missing semicolon in SQL statements
2014-02-05 10:15:56 +01:00
Andreas Steffen
523c2874fb
Added Android 4.3.1 to products database table
2014-02-04 19:49:34 +01:00
Andreas Steffen
2a43f7fd9e
Added new Android versions to PTS database
2014-02-04 06:59:01 +01:00
Martin Willi
0c5dfb741f
testing: Fetch the FreeRADIUS tarball from the "old" directory
...
Fixes #483 .
2014-01-31 17:51:45 +01:00