Viewing Results

TLS-Anvil stores test results in multiple json files. Additionally, all network traffic is captured during execution.
Since manually analyzing these files is tedious, we created a web application called Anvil-Web to simplify the process.

The result analyzer is packaged as a Docker container. Because it requires a database, the easiest way to start it is with docker compose.
A docker-compose.yml file is available in the Anvil-Web GitHub Repository.

👉 Download docker-compose.yml

Start the Application

First, download the docker-compose.yml file.
Then, in the same directory as the file, run the following commands to start the web application.
This will pull the prebuilt Anvil-Web images and launch the web server.

docker compose pull
docker compose up -d

Once started, the application should be available at http://localhost:5001.

info

For a more detailed overview of Anvil-Web’s features, see Result Analysis.
Below is a brief description of the core concepts.

Basic Principles

Importing the Results

Next, import the results generated by TLS-Anvil into Anvil-Web.
This involves uploading the JSON files to a MongoDB backend used by the web application.

The easiest method is to zip your results folder (which contains report.json) and upload it through the web interface.
If you used the -zip flag when running TLS-Anvil, the zipped results file is already available in the results folder.

To upload:

Navigate to Tests → Upload Test
Select the .zip file you want to import

Using the Application

Open your browser and go to http://localhost:5001.
Click on Tests in the navigation bar (if not already selected), and find the test you uploaded. Click Details.
You'll see an overview of the test results. Each test template ⓘ is listed in a table at the bottom, sorted by RFC.
Click on any table row to view detailed information about that test:
- You'll see what was tested and the outcome for each test input ⓘ, i.e., each handshake attempt.
- The Parameter Combination section displays the input generated by the combinatorial testing algorithm.
- You can also view the recorded PCAP dump and handshake details for each test case.

Possible Test Results

Strictly Succeeded (✅)
The SUT ⓘ (System Under Test) behaved exactly as expected for all test cases ⓘ under a given test template ⓘ.

Conceptually Succeeded (⚠️✅)
The SUT ⓘ didn’t fully conform to the RFC—e.g., missing an alert or using an incorrect alert description—but still behaved functionally correct.

Partially Failed (⚠️❌)
Some test inputs ⓘ under a test template ⓘ failed, while others succeeded.

Fully Failed (❌)
None of the test inputs ⓘ passed for the given test template ⓘ.

Result Annotations

Additional Information (❗️)
Some test templates highlight extra context that influenced the result. These annotations are shown as ❗️ and are visible when hovering over a test result.

Contradictory Additional Information (⁉️)
If test cases within the same template include conflicting additional information, the result is annotated with ⁉️.
This may indicate inconsistent behavior. You can filter these in the result view.

Start the Application​

Basic Principles​

Importing the Results​

Using the Application​

Possible Test Results​

Result Annotations​