1{ 2 "DisabledTests": { 3 "*-Async": "We don't support boringssl concept of async", 4 5 "TLS-ECH-Client-Reject-NoClientCertificate-TLS12": "We won't attempt to negotiate 1.2 if ECH is enabled", 6 "TLS-ECH-Client-Reject-TLS12": "We won't attempt to negotiate 1.2 if ECH is enabled", 7 "TLS-ECH-Client-TLS12-RejectRetryConfigs": "We won't attempt to negotiate 1.2 if ECH is enabled", 8 "TLS-ECH-Client-Rejected-OverrideName-TLS12": "We won't attempt to negotiate 1.2 if ECH is enabled", 9 "TLS-ECH-Client-Reject-TLS12-NoFalseStart": "We won't attempt to negotiate 1.2 if ECH is enabled", 10 "TLS-ECH-Client-TLS12SessionTicket": "We won't attempt to negotiate 1.2 if ECH is enabled", 11 "TLS-ECH-Client-TLS12SessionID": "We won't attempt to negotiate 1.2 if ECH is enabled", 12 13 "TLS-ECH-Client-Reject-ResumeInnerSession-TLS12": "We won't attempt to negotiate 1.2 if ECH is enabled (we could possibly test this if we had the ability to indicate not to send ECH on resumption?)", 14 15 "TLS-ECH-Client-Reject-EarlyDataRejected": "We don't support switiching out ECH configs with this level of granularity", 16 17 "TLS-ECH-Client-NoNPN": "We don't support NPN", 18 19 "TLS-ECH-Client-ChannelID": "We don't support sending channel ID", 20 "TLS-ECH-Client-Reject-NoChannelID-TLS13": "We don't support sending channel ID", 21 "TLS-ECH-Client-Reject-NoChannelID-TLS12": "We don't support sending channel ID", 22 23 "TLS-ECH-Client-GREASE-IgnoreHRRExtension": "We don't support ECH GREASE because we don't fallback to plaintext", 24 "TLS-ECH-Client-NoSupportedConfigs-GREASE": "We don't support ECH GREASE because we don't fallback to plaintext", 25 "TLS-ECH-Client-GREASEExtensions": "We don't support ECH GREASE because we don't fallback to plaintext", 26 "TLS-ECH-Client-GREASE-NoOverrideName": "We don't support ECH GREASE because we don't fallback to plaintext", 27 28 "TLS-ECH-Client-UnsolicitedInnerServerNameAck": "We don't allow sending empty SNI without skipping certificate verification, TODO: could add special flag to bogo to indicate 'empty sni'", 29 30 "TLS-ECH-Client-NoSupportedConfigs": "We don't support fallback to cleartext when there are no valid ECH configs", 31 "TLS-ECH-Client-SkipInvalidPublicName": "We don't support fallback to cleartext when there are no valid ECH configs", 32 33 34 "*ECH-Server*": "no ECH server support", 35 "SendV2ClientHello*": "We don't support SSLv2", 36 "*QUIC*": "No QUIC support", 37 "Compliance-fips*": "No FIPS", 38 "*DTLS*": "No DTLS", 39 "SendEmptyRecords*": "crypto/tls doesn't implement spam protections", 40 "SendWarningAlerts*": "crypto/tls doesn't implement spam protections", 41 "TooManyKeyUpdates": "crypto/tls doesn't implement spam protections (TODO: I think?)", 42 "KyberNotEnabledByDefaultInClients": "crypto/tls intentionally enables it", 43 "JustConfiguringKyberWorks": "we always send a X25519 key share with Kyber", 44 "KyberKeyShareIncludedSecond": "we always send the Kyber key share first", 45 "KyberKeyShareIncludedThird": "we always send the Kyber key share first", 46 "SkipNewSessionTicket": "TODO confusing? maybe bug", 47 "SendUserCanceledAlerts*": "TODO may be a real bug?", 48 "GREASE-Server-TLS13": "TODO ???", 49 "GarbageCertificate*": "TODO ask davidben, alertDecode vs alertBadCertificate", 50 "SendBogusAlertType": "sending wrong alert type", 51 "EchoTLS13CompatibilitySessionID": "TODO reject compat session ID", 52 "*Client-P-224*": "no P-224 support", 53 "*Server-P-224*": "no P-224 support", 54 "CurveID-Resume*": "unexposed curveID is not stored in the ticket yet", 55 "CheckLeafCurve": "TODO: first pass, this should be fixed", 56 "DisabledCurve-HelloRetryRequest-TLS13": "TODO: first pass, this should be fixed", 57 "UnsupportedCurve": "TODO: first pass, this should be fixed", 58 "SupportTicketsWithSessionID": "TODO: first pass, this should be fixed", 59 "NoNullCompression-TLS12": "TODO: first pass, this should be fixed", 60 "KeyUpdate-RequestACK": "TODO: first pass, this should be fixed", 61 "TLS13-HRR-InvalidCompressionMethod": "TODO: first pass, this should be fixed", 62 "InvalidCompressionMethod": "TODO: first pass, this should be fixed", 63 "TLS-TLS12-RSA_WITH_AES_128_GCM_SHA256-LargeRecord": "TODO: first pass, this should be fixed", 64 "TLS-TLS1-RSA_WITH_AES_128_CBC_SHA-LargeRecord": "TODO: first pass, this should be fixed", 65 "TLS-TLS11-RSA_WITH_AES_128_CBC_SHA-LargeRecord": "TODO: first pass, this should be fixed", 66 "TLS-TLS12-RSA_WITH_AES_128_CBC_SHA-LargeRecord": "TODO: first pass, this should be fixed", 67 "TLS-TLS12-RSA_WITH_AES_256_GCM_SHA384-LargeRecord": "TODO: first pass, this should be fixed", 68 "TLS-TLS1-RSA_WITH_AES_256_CBC_SHA-LargeRecord": "TODO: first pass, this should be fixed", 69 "TLS-TLS11-RSA_WITH_AES_256_CBC_SHA-LargeRecord": "TODO: first pass, this should be fixed", 70 "TLS-TLS12-RSA_WITH_AES_256_CBC_SHA-LargeRecord": "TODO: first pass, this should be fixed", 71 "TLS-TLS12-ECDHE_RSA_WITH_AES_128_CBC_SHA256-LargeRecord": "TODO: first pass, this should be fixed", 72 "RequireAnyClientCertificate-TLS1": "TODO: first pass, this should be fixed", 73 "RequireAnyClientCertificate-TLS11": "TODO: first pass, this should be fixed", 74 "RequireAnyClientCertificate-TLS12": "TODO: first pass, this should be fixed", 75 "ClientHelloVersionTooHigh": "TODO: first pass, this should be fixed", 76 "MinorVersionTolerance": "TODO: first pass, this should be fixed", 77 "IgnoreClientVersionOrder": "TODO: first pass, this should be fixed", 78 "SupportedVersionSelection-TLS12": "TODO: first pass, this should be fixed", 79 "MajorVersionTolerance": "TODO: first pass, this should be fixed", 80 "DuplicateExtensionServer-TLS-TLS1": "TODO: first pass, this should be fixed", 81 "DuplicateExtensionClient-TLS-TLS1": "TODO: first pass, this should be fixed", 82 "UnsolicitedServerNameAck-TLS-TLS1": "TODO: first pass, this should be fixed", 83 "TicketSessionIDLength-33-TLS-TLS1": "TODO: first pass, this should be fixed", 84 "DuplicateExtensionServer-TLS-TLS11": "TODO: first pass, this should be fixed", 85 "DuplicateExtensionClient-TLS-TLS11": "TODO: first pass, this should be fixed", 86 "UnsolicitedServerNameAck-TLS-TLS11": "TODO: first pass, this should be fixed", 87 "TicketSessionIDLength-33-TLS-TLS11": "TODO: first pass, this should be fixed", 88 "DuplicateExtensionServer-TLS-TLS12": "TODO: first pass, this should be fixed", 89 "DuplicateExtensionClient-TLS-TLS12": "TODO: first pass, this should be fixed", 90 "UnsolicitedServerNameAck-TLS-TLS12": "TODO: first pass, this should be fixed", 91 "TicketSessionIDLength-33-TLS-TLS12": "TODO: first pass, this should be fixed", 92 "DuplicateExtensionClient-TLS-TLS13": "TODO: first pass, this should be fixed", 93 "DuplicateExtensionServer-TLS-TLS13": "TODO: first pass, this should be fixed", 94 "UnsolicitedServerNameAck-TLS-TLS13": "TODO: first pass, this should be fixed", 95 "RenegotiationInfo-Forbidden-TLS13": "TODO: first pass, this should be fixed", 96 "EMS-Forbidden-TLS13": "TODO: first pass, this should be fixed", 97 "SendUnsolicitedOCSPOnCertificate-TLS13": "TODO: first pass, this should be fixed", 98 "SendUnsolicitedSCTOnCertificate-TLS13": "TODO: first pass, this should be fixed", 99 "SendUnknownExtensionOnCertificate-TLS13": "TODO: first pass, this should be fixed", 100 "Resume-Server-NoTickets-TLS1-TLS1-TLS": "TODO: first pass, this should be fixed", 101 "Resume-Server-NoTickets-TLS11-TLS11-TLS": "TODO: first pass, this should be fixed", 102 "Resume-Server-NoTickets-TLS12-TLS12-TLS": "TODO: first pass, this should be fixed", 103 "Resume-Server-NoPSKBinder": "TODO: first pass, this should be fixed", 104 "Resume-Server-PSKBinderFirstExtension": "TODO: first pass, this should be fixed", 105 "Resume-Server-PSKBinderFirstExtension-SecondBinder": "TODO: first pass, this should be fixed", 106 "Resume-Server-NoPSKBinder-SecondBinder": "TODO: first pass, this should be fixed", 107 "Resume-Server-OmitPSKsOnSecondClientHello": "TODO: first pass, this should be fixed", 108 "Renegotiate-Server-Forbidden": "TODO: first pass, this should be fixed", 109 "Renegotiate-Client-Forbidden-1": "TODO: first pass, this should be fixed", 110 "Client-Sign-RSA_PKCS1_SHA1-TLS13": "TODO: first pass, this should be fixed", 111 "Client-Sign-RSA_PKCS1_SHA256-TLS13": "TODO: first pass, this should be fixed", 112 "Client-Sign-RSA_PKCS1_SHA384-TLS13": "TODO: first pass, this should be fixed", 113 "Client-Sign-RSA_PKCS1_SHA512-TLS13": "TODO: first pass, this should be fixed", 114 "Client-Sign-ECDSA_SHA1-TLS13": "TODO: first pass, this should be fixed", 115 "Client-Sign-ECDSA_P224_SHA256-TLS13": "TODO: first pass, this should be fixed", 116 "ClientAuth-NoFallback-TLS13": "TODO: first pass, this should be fixed", 117 "ClientAuth-NoFallback-ECDSA": "TODO: first pass, this should be fixed", 118 "ClientAuth-NoFallback-RSA": "TODO: first pass, this should be fixed", 119 "ECDSACurveMismatch-Verify-TLS13": "TODO: first pass, this should be fixed", 120 "Ed25519DefaultDisable-NoAdvertise": "TODO: first pass, this should be fixed", 121 "Ed25519DefaultDisable-NoAccept": "TODO: first pass, this should be fixed", 122 "NoCommonSignatureAlgorithms-TLS12-Fallback": "TODO: first pass, this should be fixed", 123 "UnknownExtension-Client": "TODO: first pass, this should be fixed", 124 "UnknownUnencryptedExtension-Client-TLS13": "TODO: first pass, this should be fixed", 125 "UnofferedExtension-Client-TLS13": "TODO: first pass, this should be fixed", 126 "UnknownExtension-Client-TLS13": "TODO: first pass, this should be fixed", 127 "SendClientVersion-RSA": "TODO: first pass, this should be fixed", 128 "NoCommonCurves": "TODO: first pass, this should be fixed", 129 "PointFormat-EncryptedExtensions-TLS13": "TODO: first pass, this should be fixed", 130 "PointFormat-Client-MissingUncompressed": "TODO: first pass, this should be fixed", 131 "TLS13-SendNoKEMModesWithPSK-Server": "TODO: first pass, this should be fixed", 132 "TLS13-DuplicateTicketEarlyDataSupport": "TODO: first pass, this should be fixed", 133 "Basic-Client-NoTicket-TLS-Sync": "TODO: first pass, this should be fixed", 134 "Basic-Server-RSA-TLS-Sync": "TODO: first pass, this should be fixed", 135 "Basic-Client-NoTicket-TLS-Sync-SplitHandshakeRecords": "TODO: first pass, this should be fixed", 136 "Basic-Server-RSA-TLS-Sync-SplitHandshakeRecords": "TODO: first pass, this should be fixed", 137 "Basic-Client-NoTicket-TLS-Sync-PackHandshake": "TODO: first pass, this should be fixed", 138 "Basic-Server-RSA-TLS-Sync-PackHandshake": "TODO: first pass, this should be fixed", 139 "PartialSecondClientHelloAfterFirst": "TODO: first pass, this should be fixed", 140 "PartialServerHelloWithHelloRetryRequest": "TODO: first pass, this should be fixed", 141 "TrailingDataWithFinished-Server-TLS1": "TODO: first pass, this should be fixed", 142 "PartialClientKeyExchangeWithClientHello": "TODO: first pass, this should be fixed", 143 "TrailingDataWithFinished-Resume-Server-TLS1": "TODO: first pass, this should be fixed", 144 "TrailingDataWithFinished-Resume-Client-TLS11": "TODO: first pass, this should be fixed", 145 "TrailingDataWithFinished-Client-TLS1": "TODO: first pass, this should be fixed", 146 "TrailingDataWithFinished-Client-TLS11": "TODO: first pass, this should be fixed", 147 "TrailingDataWithFinished-Client-TLS12": "TODO: first pass, this should be fixed", 148 "TrailingDataWithFinished-Client-TLS13": "TODO: first pass, this should be fixed", 149 "PartialNewSessionTicketWithServerHelloDone": "TODO: first pass, this should be fixed", 150 "TrailingDataWithFinished-Server-TLS11": "TODO: first pass, this should be fixed", 151 "TrailingDataWithFinished-Server-TLS12": "TODO: first pass, this should be fixed", 152 "TrailingDataWithFinished-Resume-Server-TLS11": "TODO: first pass, this should be fixed", 153 "TrailingDataWithFinished-Resume-Client-TLS12": "TODO: first pass, this should be fixed", 154 "TrailingDataWithFinished-Resume-Server-TLS12": "TODO: first pass, this should be fixed", 155 "TrailingDataWithFinished-Resume-Client-TLS13": "TODO: first pass, this should be fixed", 156 "TrailingDataWithFinished-Resume-Client-TLS1": "TODO: first pass, this should be fixed", 157 "TrailingMessageData-ClientHello-TLS": "TODO: first pass, this should be fixed", 158 "TrailingMessageData-ServerHello-TLS": "TODO: first pass, this should be fixed", 159 "TrailingMessageData-ServerCertificate-TLS": "TODO: first pass, this should be fixed", 160 "TrailingMessageData-ServerHelloDone-TLS": "TODO: first pass, this should be fixed", 161 "TrailingMessageData-ServerKeyExchange-TLS": "TODO: first pass, this should be fixed", 162 "TrailingMessageData-CertificateRequest-TLS": "TODO: first pass, this should be fixed", 163 "TrailingMessageData-CertificateVerify-TLS": "TODO: first pass, this should be fixed", 164 "TrailingMessageData-ServerFinished-TLS": "TODO: first pass, this should be fixed", 165 "TrailingMessageData-ClientKeyExchange-TLS": "TODO: first pass, this should be fixed", 166 "TrailingMessageData-TLS13-ClientHello-TLS": "TODO: first pass, this should be fixed", 167 "TrailingMessageData-ClientFinished-TLS": "TODO: first pass, this should be fixed", 168 "TrailingMessageData-NewSessionTicket-TLS": "TODO: first pass, this should be fixed", 169 "TrailingMessageData-ClientCertificate-TLS": "TODO: first pass, this should be fixed", 170 "TrailingMessageData-TLS13-CertificateRequest-TLS": "TODO: first pass, this should be fixed", 171 "TrailingMessageData-TLS13-ServerCertificateVerify-TLS": "TODO: first pass, this should be fixed", 172 "TrailingMessageData-TLS13-EncryptedExtensions-TLS": "TODO: first pass, this should be fixed", 173 "TrailingMessageData-TLS13-ClientCertificate-TLS": "TODO: first pass, this should be fixed", 174 "TrailingMessageData-TLS13-ClientCertificateVerify-TLS": "TODO: first pass, this should be fixed", 175 "TrailingMessageData-TLS13-ServerCertificate-TLS": "TODO: first pass, this should be fixed", 176 "ResumeTLS12SessionID-TLS13": "TODO: first pass, this should be fixed", 177 "SkipEarlyData-TLS13": "TODO: first pass, this should be fixed", 178 "DuplicateKeyShares-TLS13": "TODO: first pass, this should be fixed", 179 "Server-TooLongSessionID-TLS13": "TODO: first pass, this should be fixed", 180 "Client-TooLongSessionID": "TODO: first pass, this should be fixed", 181 "Client-ShortSessionID": "TODO: first pass, this should be fixed", 182 "TLS12NoSessionID-TLS13": "TODO: first pass, this should be fixed", 183 "Server-TooLongSessionID-TLS12": "TODO: first pass, this should be fixed", 184 "EmptyEncryptedExtensions-TLS13": "TODO: first pass, this should be fixed", 185 "SkipEarlyData-SecondClientHelloEarlyData-TLS13": "TODO: first pass, this should be fixed", 186 "EncryptedExtensionsWithKeyShare-TLS13": "TODO: first pass, this should be fixed", 187 "HelloRetryRequest-DuplicateCurve-TLS13": "TODO: first pass, this should be fixed", 188 "HelloRetryRequest-DuplicateCookie-TLS13": "TODO: first pass, this should be fixed", 189 "HelloRetryRequest-Unknown-TLS13": "TODO: first pass, this should be fixed", 190 "SendPostHandshakeChangeCipherSpec-TLS13": "TODO: first pass, this should be fixed", 191 "ECDSAKeyUsage-Server-TLS12": "TODO: first pass, this should be fixed", 192 "ECDSAKeyUsage-Server-TLS13": "TODO: first pass, this should be fixed", 193 "RSAKeyUsage-Client-WantEncipherment-GotEnciphermentTLS1": "TODO: first pass, this should be fixed", 194 "RSAKeyUsage-Server-WantSignature-GotEncipherment-TLS1": "TODO: first pass, this should be fixed", 195 "RSAKeyUsage-Client-WantSignature-GotSignature-TLS1": "TODO: first pass, this should be fixed", 196 "RSAKeyUsage-Client-WantEncipherment-GotEnciphermentTLS11": "TODO: first pass, this should be fixed", 197 "RSAKeyUsage-Client-WantSignature-GotSignature-TLS11": "TODO: first pass, this should be fixed", 198 "RSAKeyUsage-Client-WantEncipherment-GotEnciphermentTLS12": "TODO: first pass, this should be fixed", 199 "RSAKeyUsage-Server-WantSignature-GotEncipherment-TLS12": "TODO: first pass, this should be fixed", 200 "RSAKeyUsage-Server-WantSignature-GotEncipherment-TLS11": "TODO: first pass, this should be fixed", 201 "RSAKeyUsage-Client-WantSignature-GotSignature-TLS12": "TODO: first pass, this should be fixed", 202 "RSAKeyUsage-Client-WantSignature-GotSignature-TLS13": "TODO: first pass, this should be fixed", 203 "RSAKeyUsage-Server-WantSignature-GotEncipherment-TLS13": "TODO: first pass, this should be fixed", 204 "EmptyExtensions-ClientHello-TLS1": "TODO: first pass, this should be fixed", 205 "OmitExtensions-ClientHello-TLS1": "TODO: first pass, this should be fixed", 206 "EmptyExtensions-ClientHello-TLS12": "TODO: first pass, this should be fixed", 207 "OmitExtensions-ClientHello-TLS12": "TODO: first pass, this should be fixed", 208 "EmptyExtensions-ClientHello-TLS11": "TODO: first pass, this should be fixed", 209 "OmitExtensions-ClientHello-TLS11": "TODO: first pass, this should be fixed", 210 "DuplicateCertCompressionExt-TLS12": "TODO: first pass, this should be fixed", 211 "DuplicateCertCompressionExt-TLS13": "TODO: first pass, this should be fixed", 212 "Client-RejectJDK11DowngradeRandom": "TODO: first pass, this should be fixed", 213 "CheckClientCertificateTypes": "TODO: first pass, this should be fixed", 214 "CheckECDSACurve-TLS12": "TODO: first pass, this should be fixed", 215 "ALPNClient-RejectUnknown-TLS-TLS1": "TODO: first pass, this should be fixed", 216 "ALPNClient-RejectUnknown-TLS-TLS11": "TODO: first pass, this should be fixed", 217 "ALPNClient-RejectUnknown-TLS-TLS12": "TODO: first pass, this should be fixed", 218 "ALPNClient-RejectUnknown-TLS-TLS13": "TODO: first pass, this should be fixed", 219 "ClientHelloPadding": "TODO: first pass, this should be fixed", 220 "TLS13-ExpectTicketEarlyDataSupport": "TODO: first pass, this should be fixed", 221 "TLS13-EarlyData-TooMuchData-Client-TLS-Sync": "TODO: first pass, this should be fixed", 222 "TLS13-EarlyData-TooMuchData-Client-TLS-Sync-SplitHandshakeRecords": "TODO: first pass, this should be fixed", 223 "TLS13-EarlyData-TooMuchData-Client-TLS-Sync-PackHandshake": "TODO: first pass, this should be fixed", 224 "WrongMessageType-TLS13-EndOfEarlyData-TLS": "TODO: first pass, this should be fixed", 225 "TrailingMessageData-TLS13-EndOfEarlyData-TLS": "TODO: first pass, this should be fixed", 226 "SendHelloRetryRequest-2-TLS13": "TODO: first pass, this should be fixed", 227 "EarlyData-SkipEndOfEarlyData-TLS13": "TODO: first pass, this should be fixed", 228 "EarlyData-Server-BadFinished-TLS13": "TODO: first pass, this should be fixed", 229 "EarlyData-UnexpectedHandshake-Server-TLS13": "TODO: first pass, this should be fixed", 230 "EarlyData-CipherMismatch-Client-TLS13": "TODO: first pass, this should be fixed", 231 "Resume-Server-UnofferedCipher-TLS13": "TODO: first pass, this should be fixed" 232 } 233} 234