add DTLS 1.2 server cert req / nreq arg files

c-southwest · c-southwest · commit 898e18b4e89e · 2025-07-19T23:29:45.000+08:00
diff --git a/args/wolfssl/learn_wolfssl_server_x_cert_nreq b/args/wolfssl/learn_wolfssl_server_x_cert_nreq
@@ -0,0 +1,31 @@
+state-fuzzer-server
+
+# SUT config
+-connect
+localhost:${sul.port}
+-startWait
+200
+-responseWait
+200
+-protocol
+DTLS12
+-cmd
+${fuzzer.dir}/suts/wolfssl-${wolfssl.version}/examples/server/server  -i -x -p ${sul.port} -u -l TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 -d -c ${fuzzer.dir}/${keystore}/rsa2048_cert.pem -k ${fuzzer.dir}/${keystore}/rsa2048_key.pem -A ${fuzzer.dir}/${keystore}/rsa2048_cert.pem
+-processDir
+${fuzzer.dir}/suts/wolfssl-${wolfssl.version}/
+
+# learning config
+-alphabet
+${alphabets.servers}/x_cert_nreq.xml
+-randLength
+10
+-equivalenceQueryBound
+20000
+-output
+output/wolfssl-${wolfssl.version}_server_x_cert_nreq
+-equivalenceAlgorithms
+RANDOM_WP_METHOD,WP_METHOD
+-depth
+1
+-ceReruns
+3
diff --git a/args/wolfssl/learn_wolfssl_server_x_cert_req b/args/wolfssl/learn_wolfssl_server_x_cert_req
@@ -0,0 +1,31 @@
+state-fuzzer-server
+
+# SUT config
+-connect
+localhost:${sul.port}
+-startWait
+200
+-responseWait
+200
+-protocol
+DTLS12
+-cmd
+${fuzzer.dir}/suts/wolfssl-${wolfssl.version}/examples/server/server  -i -x -p ${sul.port} -u -l TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 -c ${fuzzer.dir}/${keystore}/rsa2048_cert.pem -k ${fuzzer.dir}/${keystore}/rsa2048_key.pem -A ${fuzzer.dir}/${keystore}/rsa2048_cert.pem
+-processDir
+${fuzzer.dir}/suts/wolfssl-${wolfssl.version}/
+
+# learning config
+-alphabet
+${alphabets.servers}/x_cert_req.xml
+-randLength
+10
+-equivalenceQueryBound
+20000
+-output
+output/wolfssl-${wolfssl.version}_server_x_cert_req
+-equivalenceAlgorithms
+RANDOM_WP_METHOD,WP_METHOD
+-depth
+1
+-ceReruns
+3
diff --git a/examples/alphabets/servers/x_cert_nreq.xml b/examples/alphabets/servers/x_cert_nreq.xml
@@ -0,0 +1,20 @@
+<!-- DTLS alphabet comprising the messages necessary to perform RSA handshakes.
+client authentication.-->
+<alphabet>
+    <ClientHelloInput suite="TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" name="RSA_CLIENT_HELLO"/>
+    <ClientKeyExchangeInput name="DH_CLIENT_KEY_EXCHANGE" algorithm="DH"/>
+    <ChangeCipherSpecInput/>
+    <FinishedInput name="FINISHED"/>
+    <GenericTlsInput name="APPLICATION">
+        <Application>
+            <data>
+                <byteArrayExplicitValueModification>
+                    <!--HEX(This is a hello message!)-->
+                    <explicitValue>0x5468697320697320612068656c6c6f206d65737361676521</explicitValue>
+                </byteArrayExplicitValueModification>
+            </data>
+        </Application>
+    </GenericTlsInput>
+    <AlertInput name="Alert(WARNING,CLOSE_NOTIFY)" level="WARNING" description="CLOSE_NOTIFY"/>
+    <AlertInput name="Alert(FATAL,UNEXPECTED_MESSAGE)" level="FATAL" description="UNEXPECTED_MESSAGE"/>
+</alphabet>
diff --git a/examples/alphabets/servers/x_cert_req.xml b/examples/alphabets/servers/x_cert_req.xml
@@ -0,0 +1,25 @@
+<!-- DTLS alphabet comprising the messages necessary to perform RSA handshakes.
+client authentication.-->
+<alphabet>
+    <ClientHelloInput suite="TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" name="RSA_CLIENT_HELLO"/>
+    <ClientKeyExchangeInput name="DH_CLIENT_KEY_EXCHANGE" algorithm="DH"/>
+    <ChangeCipherSpecInput/>
+    <FinishedInput name="FINISHED"/>
+    <CertificateInput name="CERTIFICATE"/>
+    <CertificateInput name="EMPTY_CERTIFICATE" empty ="true"/>
+    <GenericTlsInput name="CERTIFICATE_VERIFY">
+        <CertificateVerify/>
+    </GenericTlsInput>
+    <GenericTlsInput name="APPLICATION">
+        <Application>
+            <data>
+                <byteArrayExplicitValueModification>
+                    <!--HEX(This is a hello message!)-->
+                    <explicitValue>0x5468697320697320612068656c6c6f206d65737361676521</explicitValue>
+                </byteArrayExplicitValueModification>
+            </data>
+        </Application>
+    </GenericTlsInput>
+    <AlertInput name="Alert(WARNING,CLOSE_NOTIFY)" level="WARNING" description="CLOSE_NOTIFY"/>
+    <AlertInput name="Alert(FATAL,UNEXPECTED_MESSAGE)" level="FATAL" description="UNEXPECTED_MESSAGE"/>
+</alphabet>
diff --git a/examples/tests/servers/x_cert_nreq b/examples/tests/servers/x_cert_nreq
@@ -0,0 +1,6 @@
+RSA_CLIENT_HELLO
+RSA_CLIENT_HELLO
+DH_CLIENT_KEY_EXCHANGE
+CHANGE_CIPHER_SPEC
+FINISHED
+APPLICATION
diff --git a/examples/tests/servers/x_cert_req b/examples/tests/servers/x_cert_req
@@ -0,0 +1,8 @@
+RSA_CLIENT_HELLO
+RSA_CLIENT_HELLO
+CERTIFICATE
+DH_CLIENT_KEY_EXCHANGE
+CERTIFICATE_VERIFY
+CHANGE_CIPHER_SPEC
+FINISHED
+APPLICATION
