Skip to main content

Base IPMs

TLS-Anvil provides four common IPMs that specify which parameters are used as input for the combinatorial testing algorithm. These values are determined automatically based on the features supported by the SUT ⓘ and the constraints applied to restrict parameter values.

The models are defined in the TlsModelTypes enum. The specific model used is specified by annotating a test template with the @ModelFromScope annotation.

By default, the GENERIC model is used, since the @ModelFromScope annotation is part of the TlsBaseTest base class.

Below, the four base models are listed along with their corresponding parameters:

  • EMPTY
    • No parameters
  • GENERIC
    • CIPHERSUITE (CipherSuite enum)
    • NAMED_GROUP (NamedGroup enum)
    • RECORD_LENGTH (Integer)
    • TCP_FRAGMENTATION (Boolean)
    • INCLUDE_CHANGE_CIPHER_SPEC (Boolean) (TLS 1.3 only)
    • Server tests:
      • INCLUDE_ALPN_EXTENSION (Boolean)
      • INCLUDE_HEARTBEAT_EXTENSION (Boolean)
      • INCLUDE_PADDING_EXTENSION (Boolean)
      • INCLUDE_RENEGOTIATION_EXTENSION (Boolean)
      • INCLUDE_EXTENDED_MASTER_SECRET_EXTENSION (Boolean)
      • INCLUDE_SESSION_TICKET_EXTENSION (Boolean)
      • MAX_FRAGMENT_LENGTH (MaxFragmentLength enum)
      • INCLUDE_ENCRYPT_THEN_MAC_EXTENSION (Boolean)
      • INCLUDE_PSK_EXCHANGE_MODES_EXTENSION (Boolean, TLS 1.3 only)
      • INCLUDE_GREASE_CIPHER_SUITES (Boolean)
      • INCLUDE_GREASE_NAMED_GROUPS (Boolean)
      • INCLUDE_GREASE_SIG_HASH_ALGORITHMS (Boolean)
    • Client tests:
      • INCLUDE_ENCRYPT_THEN_MAC_EXTENSION (Boolean)
      • INCLUDE_EXTENDED_MASTER_SECRET_EXTENSION (Boolean)
  • CERTIFICATE
    • Same parameters as GENERIC
    • Client tests:
  • LENGTHFIELD
    • Same parameters as CERTIFICATE

In addition to these parameters, many more are available and defined in the TlsParameterType enum.

For each parameter, a corresponding class exists within the derivationParameter package, which defines how the parameter value is applied to the TLS-Attacker configuration.

Details on how additional parameters and/or parameter values are utilized are described on the next page.