]>
Commit | Line | Data |
---|---|---|
63936115 EK |
1 | # Generated with generate_ssl_tests.pl |
2 | ||
49619ab0 | 3 | num_tests = 30 |
63936115 EK |
4 | |
5 | test-0 = 0-server-auth-flex | |
6 | test-1 = 1-client-auth-flex-request | |
7 | test-2 = 2-client-auth-flex-require-fail | |
8 | test-3 = 3-client-auth-flex-require | |
9 | test-4 = 4-client-auth-flex-noroot | |
10 | test-5 = 5-server-auth-TLSv1 | |
11 | test-6 = 6-client-auth-TLSv1-request | |
12 | test-7 = 7-client-auth-TLSv1-require-fail | |
13 | test-8 = 8-client-auth-TLSv1-require | |
14 | test-9 = 9-client-auth-TLSv1-noroot | |
15 | test-10 = 10-server-auth-TLSv1.1 | |
16 | test-11 = 11-client-auth-TLSv1.1-request | |
17 | test-12 = 12-client-auth-TLSv1.1-require-fail | |
18 | test-13 = 13-client-auth-TLSv1.1-require | |
19 | test-14 = 14-client-auth-TLSv1.1-noroot | |
20 | test-15 = 15-server-auth-TLSv1.2 | |
21 | test-16 = 16-client-auth-TLSv1.2-request | |
22 | test-17 = 17-client-auth-TLSv1.2-require-fail | |
23 | test-18 = 18-client-auth-TLSv1.2-require | |
24 | test-19 = 19-client-auth-TLSv1.2-noroot | |
49619ab0 EK |
25 | test-20 = 20-server-auth-DTLSv1 |
26 | test-21 = 21-client-auth-DTLSv1-request | |
27 | test-22 = 22-client-auth-DTLSv1-require-fail | |
28 | test-23 = 23-client-auth-DTLSv1-require | |
29 | test-24 = 24-client-auth-DTLSv1-noroot | |
30 | test-25 = 25-server-auth-DTLSv1.2 | |
31 | test-26 = 26-client-auth-DTLSv1.2-request | |
32 | test-27 = 27-client-auth-DTLSv1.2-require-fail | |
33 | test-28 = 28-client-auth-DTLSv1.2-require | |
34 | test-29 = 29-client-auth-DTLSv1.2-noroot | |
63936115 EK |
35 | # =========================================================== |
36 | ||
37 | [0-server-auth-flex] | |
38 | ssl_conf = 0-server-auth-flex-ssl | |
39 | ||
40 | [0-server-auth-flex-ssl] | |
41 | server = 0-server-auth-flex-server | |
42 | client = 0-server-auth-flex-client | |
43 | ||
44 | [0-server-auth-flex-server] | |
45 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
46 | CipherString = DEFAULT | |
47 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
48 | ||
63936115 EK |
49 | [0-server-auth-flex-client] |
50 | CipherString = DEFAULT | |
51 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
52 | VerifyMode = Peer | |
53 | ||
63936115 EK |
54 | [test-0] |
55 | ExpectedResult = Success | |
56 | ||
57 | ||
58 | # =========================================================== | |
59 | ||
60 | [1-client-auth-flex-request] | |
61 | ssl_conf = 1-client-auth-flex-request-ssl | |
62 | ||
63 | [1-client-auth-flex-request-ssl] | |
64 | server = 1-client-auth-flex-request-server | |
65 | client = 1-client-auth-flex-request-client | |
66 | ||
67 | [1-client-auth-flex-request-server] | |
68 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
69 | CipherString = DEFAULT | |
70 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
71 | VerifyMode = Request | |
72 | ||
63936115 EK |
73 | [1-client-auth-flex-request-client] |
74 | CipherString = DEFAULT | |
75 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
76 | VerifyMode = Peer | |
77 | ||
63936115 EK |
78 | [test-1] |
79 | ExpectedResult = Success | |
80 | ||
81 | ||
82 | # =========================================================== | |
83 | ||
84 | [2-client-auth-flex-require-fail] | |
85 | ssl_conf = 2-client-auth-flex-require-fail-ssl | |
86 | ||
87 | [2-client-auth-flex-require-fail-ssl] | |
88 | server = 2-client-auth-flex-require-fail-server | |
89 | client = 2-client-auth-flex-require-fail-client | |
90 | ||
91 | [2-client-auth-flex-require-fail-server] | |
92 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
93 | CipherString = DEFAULT | |
94 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
95 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem | |
96 | VerifyMode = Require | |
97 | ||
63936115 EK |
98 | [2-client-auth-flex-require-fail-client] |
99 | CipherString = DEFAULT | |
100 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
101 | VerifyMode = Peer | |
102 | ||
63936115 EK |
103 | [test-2] |
104 | ExpectedResult = ServerFail | |
9f48bbac | 105 | ExpectedServerAlert = HandshakeFailure |
63936115 EK |
106 | |
107 | ||
108 | # =========================================================== | |
109 | ||
110 | [3-client-auth-flex-require] | |
111 | ssl_conf = 3-client-auth-flex-require-ssl | |
112 | ||
113 | [3-client-auth-flex-require-ssl] | |
114 | server = 3-client-auth-flex-require-server | |
115 | client = 3-client-auth-flex-require-client | |
116 | ||
117 | [3-client-auth-flex-require-server] | |
118 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
119 | CipherString = DEFAULT | |
120 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
121 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem | |
122 | VerifyMode = Request | |
123 | ||
63936115 EK |
124 | [3-client-auth-flex-require-client] |
125 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
126 | CipherString = DEFAULT | |
127 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem | |
128 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
129 | VerifyMode = Peer | |
130 | ||
63936115 | 131 | [test-3] |
a470f023 | 132 | ExpectedClientCertType = RSA |
63936115 EK |
133 | ExpectedResult = Success |
134 | ||
135 | ||
136 | # =========================================================== | |
137 | ||
138 | [4-client-auth-flex-noroot] | |
139 | ssl_conf = 4-client-auth-flex-noroot-ssl | |
140 | ||
141 | [4-client-auth-flex-noroot-ssl] | |
142 | server = 4-client-auth-flex-noroot-server | |
143 | client = 4-client-auth-flex-noroot-client | |
144 | ||
145 | [4-client-auth-flex-noroot-server] | |
146 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
147 | CipherString = DEFAULT | |
148 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
149 | VerifyMode = Require | |
150 | ||
63936115 EK |
151 | [4-client-auth-flex-noroot-client] |
152 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
153 | CipherString = DEFAULT | |
154 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem | |
155 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
156 | VerifyMode = Peer | |
157 | ||
63936115 EK |
158 | [test-4] |
159 | ExpectedResult = ServerFail | |
9f48bbac | 160 | ExpectedServerAlert = UnknownCA |
63936115 EK |
161 | |
162 | ||
163 | # =========================================================== | |
164 | ||
165 | [5-server-auth-TLSv1] | |
166 | ssl_conf = 5-server-auth-TLSv1-ssl | |
167 | ||
168 | [5-server-auth-TLSv1-ssl] | |
169 | server = 5-server-auth-TLSv1-server | |
170 | client = 5-server-auth-TLSv1-client | |
171 | ||
172 | [5-server-auth-TLSv1-server] | |
173 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
174 | CipherString = DEFAULT | |
78cbe94f MC |
175 | MaxProtocol = TLSv1 |
176 | MinProtocol = TLSv1 | |
63936115 | 177 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 | 178 | |
63936115 EK |
179 | [5-server-auth-TLSv1-client] |
180 | CipherString = DEFAULT | |
78cbe94f MC |
181 | MaxProtocol = TLSv1 |
182 | MinProtocol = TLSv1 | |
63936115 EK |
183 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
184 | VerifyMode = Peer | |
185 | ||
63936115 EK |
186 | [test-5] |
187 | ExpectedResult = Success | |
188 | ||
189 | ||
190 | # =========================================================== | |
191 | ||
192 | [6-client-auth-TLSv1-request] | |
193 | ssl_conf = 6-client-auth-TLSv1-request-ssl | |
194 | ||
195 | [6-client-auth-TLSv1-request-ssl] | |
196 | server = 6-client-auth-TLSv1-request-server | |
197 | client = 6-client-auth-TLSv1-request-client | |
198 | ||
199 | [6-client-auth-TLSv1-request-server] | |
200 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
201 | CipherString = DEFAULT | |
78cbe94f MC |
202 | MaxProtocol = TLSv1 |
203 | MinProtocol = TLSv1 | |
63936115 | 204 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
205 | VerifyMode = Request |
206 | ||
63936115 EK |
207 | [6-client-auth-TLSv1-request-client] |
208 | CipherString = DEFAULT | |
78cbe94f MC |
209 | MaxProtocol = TLSv1 |
210 | MinProtocol = TLSv1 | |
63936115 EK |
211 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
212 | VerifyMode = Peer | |
213 | ||
63936115 EK |
214 | [test-6] |
215 | ExpectedResult = Success | |
216 | ||
217 | ||
218 | # =========================================================== | |
219 | ||
220 | [7-client-auth-TLSv1-require-fail] | |
221 | ssl_conf = 7-client-auth-TLSv1-require-fail-ssl | |
222 | ||
223 | [7-client-auth-TLSv1-require-fail-ssl] | |
224 | server = 7-client-auth-TLSv1-require-fail-server | |
225 | client = 7-client-auth-TLSv1-require-fail-client | |
226 | ||
227 | [7-client-auth-TLSv1-require-fail-server] | |
228 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
229 | CipherString = DEFAULT | |
78cbe94f MC |
230 | MaxProtocol = TLSv1 |
231 | MinProtocol = TLSv1 | |
63936115 | 232 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
233 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
234 | VerifyMode = Require | |
235 | ||
63936115 EK |
236 | [7-client-auth-TLSv1-require-fail-client] |
237 | CipherString = DEFAULT | |
78cbe94f MC |
238 | MaxProtocol = TLSv1 |
239 | MinProtocol = TLSv1 | |
63936115 EK |
240 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
241 | VerifyMode = Peer | |
242 | ||
63936115 EK |
243 | [test-7] |
244 | ExpectedResult = ServerFail | |
9f48bbac | 245 | ExpectedServerAlert = HandshakeFailure |
63936115 EK |
246 | |
247 | ||
248 | # =========================================================== | |
249 | ||
250 | [8-client-auth-TLSv1-require] | |
251 | ssl_conf = 8-client-auth-TLSv1-require-ssl | |
252 | ||
253 | [8-client-auth-TLSv1-require-ssl] | |
254 | server = 8-client-auth-TLSv1-require-server | |
255 | client = 8-client-auth-TLSv1-require-client | |
256 | ||
257 | [8-client-auth-TLSv1-require-server] | |
258 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
259 | CipherString = DEFAULT | |
78cbe94f MC |
260 | MaxProtocol = TLSv1 |
261 | MinProtocol = TLSv1 | |
63936115 | 262 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
263 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
264 | VerifyMode = Request | |
265 | ||
63936115 EK |
266 | [8-client-auth-TLSv1-require-client] |
267 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
268 | CipherString = DEFAULT | |
78cbe94f MC |
269 | MaxProtocol = TLSv1 |
270 | MinProtocol = TLSv1 | |
63936115 | 271 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
272 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
273 | VerifyMode = Peer | |
274 | ||
63936115 | 275 | [test-8] |
a470f023 | 276 | ExpectedClientCertType = RSA |
63936115 EK |
277 | ExpectedResult = Success |
278 | ||
279 | ||
280 | # =========================================================== | |
281 | ||
282 | [9-client-auth-TLSv1-noroot] | |
283 | ssl_conf = 9-client-auth-TLSv1-noroot-ssl | |
284 | ||
285 | [9-client-auth-TLSv1-noroot-ssl] | |
286 | server = 9-client-auth-TLSv1-noroot-server | |
287 | client = 9-client-auth-TLSv1-noroot-client | |
288 | ||
289 | [9-client-auth-TLSv1-noroot-server] | |
290 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
291 | CipherString = DEFAULT | |
78cbe94f MC |
292 | MaxProtocol = TLSv1 |
293 | MinProtocol = TLSv1 | |
63936115 | 294 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
295 | VerifyMode = Require |
296 | ||
63936115 EK |
297 | [9-client-auth-TLSv1-noroot-client] |
298 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
299 | CipherString = DEFAULT | |
78cbe94f MC |
300 | MaxProtocol = TLSv1 |
301 | MinProtocol = TLSv1 | |
63936115 | 302 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
303 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
304 | VerifyMode = Peer | |
305 | ||
63936115 EK |
306 | [test-9] |
307 | ExpectedResult = ServerFail | |
9f48bbac | 308 | ExpectedServerAlert = UnknownCA |
63936115 EK |
309 | |
310 | ||
311 | # =========================================================== | |
312 | ||
313 | [10-server-auth-TLSv1.1] | |
314 | ssl_conf = 10-server-auth-TLSv1.1-ssl | |
315 | ||
316 | [10-server-auth-TLSv1.1-ssl] | |
317 | server = 10-server-auth-TLSv1.1-server | |
318 | client = 10-server-auth-TLSv1.1-client | |
319 | ||
320 | [10-server-auth-TLSv1.1-server] | |
321 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
322 | CipherString = DEFAULT | |
78cbe94f MC |
323 | MaxProtocol = TLSv1.1 |
324 | MinProtocol = TLSv1.1 | |
63936115 | 325 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 | 326 | |
63936115 EK |
327 | [10-server-auth-TLSv1.1-client] |
328 | CipherString = DEFAULT | |
78cbe94f MC |
329 | MaxProtocol = TLSv1.1 |
330 | MinProtocol = TLSv1.1 | |
63936115 EK |
331 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
332 | VerifyMode = Peer | |
333 | ||
63936115 EK |
334 | [test-10] |
335 | ExpectedResult = Success | |
336 | ||
337 | ||
338 | # =========================================================== | |
339 | ||
340 | [11-client-auth-TLSv1.1-request] | |
341 | ssl_conf = 11-client-auth-TLSv1.1-request-ssl | |
342 | ||
343 | [11-client-auth-TLSv1.1-request-ssl] | |
344 | server = 11-client-auth-TLSv1.1-request-server | |
345 | client = 11-client-auth-TLSv1.1-request-client | |
346 | ||
347 | [11-client-auth-TLSv1.1-request-server] | |
348 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
349 | CipherString = DEFAULT | |
78cbe94f MC |
350 | MaxProtocol = TLSv1.1 |
351 | MinProtocol = TLSv1.1 | |
63936115 | 352 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
353 | VerifyMode = Request |
354 | ||
63936115 EK |
355 | [11-client-auth-TLSv1.1-request-client] |
356 | CipherString = DEFAULT | |
78cbe94f MC |
357 | MaxProtocol = TLSv1.1 |
358 | MinProtocol = TLSv1.1 | |
63936115 EK |
359 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
360 | VerifyMode = Peer | |
361 | ||
63936115 EK |
362 | [test-11] |
363 | ExpectedResult = Success | |
364 | ||
365 | ||
366 | # =========================================================== | |
367 | ||
368 | [12-client-auth-TLSv1.1-require-fail] | |
369 | ssl_conf = 12-client-auth-TLSv1.1-require-fail-ssl | |
370 | ||
371 | [12-client-auth-TLSv1.1-require-fail-ssl] | |
372 | server = 12-client-auth-TLSv1.1-require-fail-server | |
373 | client = 12-client-auth-TLSv1.1-require-fail-client | |
374 | ||
375 | [12-client-auth-TLSv1.1-require-fail-server] | |
376 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
377 | CipherString = DEFAULT | |
78cbe94f MC |
378 | MaxProtocol = TLSv1.1 |
379 | MinProtocol = TLSv1.1 | |
63936115 | 380 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
381 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
382 | VerifyMode = Require | |
383 | ||
63936115 EK |
384 | [12-client-auth-TLSv1.1-require-fail-client] |
385 | CipherString = DEFAULT | |
78cbe94f MC |
386 | MaxProtocol = TLSv1.1 |
387 | MinProtocol = TLSv1.1 | |
63936115 EK |
388 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
389 | VerifyMode = Peer | |
390 | ||
63936115 EK |
391 | [test-12] |
392 | ExpectedResult = ServerFail | |
9f48bbac | 393 | ExpectedServerAlert = HandshakeFailure |
63936115 EK |
394 | |
395 | ||
396 | # =========================================================== | |
397 | ||
398 | [13-client-auth-TLSv1.1-require] | |
399 | ssl_conf = 13-client-auth-TLSv1.1-require-ssl | |
400 | ||
401 | [13-client-auth-TLSv1.1-require-ssl] | |
402 | server = 13-client-auth-TLSv1.1-require-server | |
403 | client = 13-client-auth-TLSv1.1-require-client | |
404 | ||
405 | [13-client-auth-TLSv1.1-require-server] | |
406 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
407 | CipherString = DEFAULT | |
78cbe94f MC |
408 | MaxProtocol = TLSv1.1 |
409 | MinProtocol = TLSv1.1 | |
63936115 | 410 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
411 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
412 | VerifyMode = Request | |
413 | ||
63936115 EK |
414 | [13-client-auth-TLSv1.1-require-client] |
415 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
416 | CipherString = DEFAULT | |
78cbe94f MC |
417 | MaxProtocol = TLSv1.1 |
418 | MinProtocol = TLSv1.1 | |
63936115 | 419 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
420 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
421 | VerifyMode = Peer | |
422 | ||
63936115 | 423 | [test-13] |
a470f023 | 424 | ExpectedClientCertType = RSA |
63936115 EK |
425 | ExpectedResult = Success |
426 | ||
427 | ||
428 | # =========================================================== | |
429 | ||
430 | [14-client-auth-TLSv1.1-noroot] | |
431 | ssl_conf = 14-client-auth-TLSv1.1-noroot-ssl | |
432 | ||
433 | [14-client-auth-TLSv1.1-noroot-ssl] | |
434 | server = 14-client-auth-TLSv1.1-noroot-server | |
435 | client = 14-client-auth-TLSv1.1-noroot-client | |
436 | ||
437 | [14-client-auth-TLSv1.1-noroot-server] | |
438 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
439 | CipherString = DEFAULT | |
78cbe94f MC |
440 | MaxProtocol = TLSv1.1 |
441 | MinProtocol = TLSv1.1 | |
63936115 | 442 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
443 | VerifyMode = Require |
444 | ||
63936115 EK |
445 | [14-client-auth-TLSv1.1-noroot-client] |
446 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
447 | CipherString = DEFAULT | |
78cbe94f MC |
448 | MaxProtocol = TLSv1.1 |
449 | MinProtocol = TLSv1.1 | |
63936115 | 450 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
451 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
452 | VerifyMode = Peer | |
453 | ||
63936115 EK |
454 | [test-14] |
455 | ExpectedResult = ServerFail | |
9f48bbac | 456 | ExpectedServerAlert = UnknownCA |
63936115 EK |
457 | |
458 | ||
459 | # =========================================================== | |
460 | ||
461 | [15-server-auth-TLSv1.2] | |
462 | ssl_conf = 15-server-auth-TLSv1.2-ssl | |
463 | ||
464 | [15-server-auth-TLSv1.2-ssl] | |
465 | server = 15-server-auth-TLSv1.2-server | |
466 | client = 15-server-auth-TLSv1.2-client | |
467 | ||
468 | [15-server-auth-TLSv1.2-server] | |
469 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
470 | CipherString = DEFAULT | |
78cbe94f MC |
471 | MaxProtocol = TLSv1.2 |
472 | MinProtocol = TLSv1.2 | |
63936115 | 473 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 | 474 | |
63936115 EK |
475 | [15-server-auth-TLSv1.2-client] |
476 | CipherString = DEFAULT | |
78cbe94f MC |
477 | MaxProtocol = TLSv1.2 |
478 | MinProtocol = TLSv1.2 | |
63936115 EK |
479 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
480 | VerifyMode = Peer | |
481 | ||
63936115 EK |
482 | [test-15] |
483 | ExpectedResult = Success | |
484 | ||
485 | ||
486 | # =========================================================== | |
487 | ||
488 | [16-client-auth-TLSv1.2-request] | |
489 | ssl_conf = 16-client-auth-TLSv1.2-request-ssl | |
490 | ||
491 | [16-client-auth-TLSv1.2-request-ssl] | |
492 | server = 16-client-auth-TLSv1.2-request-server | |
493 | client = 16-client-auth-TLSv1.2-request-client | |
494 | ||
495 | [16-client-auth-TLSv1.2-request-server] | |
496 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
497 | CipherString = DEFAULT | |
78cbe94f MC |
498 | MaxProtocol = TLSv1.2 |
499 | MinProtocol = TLSv1.2 | |
63936115 | 500 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
501 | VerifyMode = Request |
502 | ||
63936115 EK |
503 | [16-client-auth-TLSv1.2-request-client] |
504 | CipherString = DEFAULT | |
78cbe94f MC |
505 | MaxProtocol = TLSv1.2 |
506 | MinProtocol = TLSv1.2 | |
63936115 EK |
507 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
508 | VerifyMode = Peer | |
509 | ||
63936115 EK |
510 | [test-16] |
511 | ExpectedResult = Success | |
512 | ||
513 | ||
514 | # =========================================================== | |
515 | ||
516 | [17-client-auth-TLSv1.2-require-fail] | |
517 | ssl_conf = 17-client-auth-TLSv1.2-require-fail-ssl | |
518 | ||
519 | [17-client-auth-TLSv1.2-require-fail-ssl] | |
520 | server = 17-client-auth-TLSv1.2-require-fail-server | |
521 | client = 17-client-auth-TLSv1.2-require-fail-client | |
522 | ||
523 | [17-client-auth-TLSv1.2-require-fail-server] | |
524 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
525 | CipherString = DEFAULT | |
78cbe94f MC |
526 | MaxProtocol = TLSv1.2 |
527 | MinProtocol = TLSv1.2 | |
63936115 | 528 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
529 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
530 | VerifyMode = Require | |
531 | ||
63936115 EK |
532 | [17-client-auth-TLSv1.2-require-fail-client] |
533 | CipherString = DEFAULT | |
78cbe94f MC |
534 | MaxProtocol = TLSv1.2 |
535 | MinProtocol = TLSv1.2 | |
63936115 EK |
536 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
537 | VerifyMode = Peer | |
538 | ||
63936115 EK |
539 | [test-17] |
540 | ExpectedResult = ServerFail | |
9f48bbac | 541 | ExpectedServerAlert = HandshakeFailure |
63936115 EK |
542 | |
543 | ||
544 | # =========================================================== | |
545 | ||
546 | [18-client-auth-TLSv1.2-require] | |
547 | ssl_conf = 18-client-auth-TLSv1.2-require-ssl | |
548 | ||
549 | [18-client-auth-TLSv1.2-require-ssl] | |
550 | server = 18-client-auth-TLSv1.2-require-server | |
551 | client = 18-client-auth-TLSv1.2-require-client | |
552 | ||
553 | [18-client-auth-TLSv1.2-require-server] | |
554 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
555 | CipherString = DEFAULT | |
062540cb | 556 | ClientSignatureAlgorithms = SHA256+RSA |
78cbe94f MC |
557 | MaxProtocol = TLSv1.2 |
558 | MinProtocol = TLSv1.2 | |
63936115 | 559 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
560 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
561 | VerifyMode = Request | |
562 | ||
63936115 EK |
563 | [18-client-auth-TLSv1.2-require-client] |
564 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
565 | CipherString = DEFAULT | |
78cbe94f MC |
566 | MaxProtocol = TLSv1.2 |
567 | MinProtocol = TLSv1.2 | |
63936115 | 568 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
569 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
570 | VerifyMode = Peer | |
571 | ||
63936115 | 572 | [test-18] |
a470f023 | 573 | ExpectedClientCertType = RSA |
062540cb | 574 | ExpectedClientSignHash = SHA256 |
a92e710b | 575 | ExpectedClientSignType = RSA |
63936115 EK |
576 | ExpectedResult = Success |
577 | ||
578 | ||
579 | # =========================================================== | |
580 | ||
581 | [19-client-auth-TLSv1.2-noroot] | |
582 | ssl_conf = 19-client-auth-TLSv1.2-noroot-ssl | |
583 | ||
584 | [19-client-auth-TLSv1.2-noroot-ssl] | |
585 | server = 19-client-auth-TLSv1.2-noroot-server | |
586 | client = 19-client-auth-TLSv1.2-noroot-client | |
587 | ||
588 | [19-client-auth-TLSv1.2-noroot-server] | |
589 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
590 | CipherString = DEFAULT | |
78cbe94f MC |
591 | MaxProtocol = TLSv1.2 |
592 | MinProtocol = TLSv1.2 | |
63936115 | 593 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
594 | VerifyMode = Require |
595 | ||
63936115 EK |
596 | [19-client-auth-TLSv1.2-noroot-client] |
597 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
598 | CipherString = DEFAULT | |
78cbe94f MC |
599 | MaxProtocol = TLSv1.2 |
600 | MinProtocol = TLSv1.2 | |
63936115 | 601 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
602 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
603 | VerifyMode = Peer | |
604 | ||
63936115 EK |
605 | [test-19] |
606 | ExpectedResult = ServerFail | |
9f48bbac | 607 | ExpectedServerAlert = UnknownCA |
63936115 EK |
608 | |
609 | ||
49619ab0 EK |
610 | # =========================================================== |
611 | ||
612 | [20-server-auth-DTLSv1] | |
613 | ssl_conf = 20-server-auth-DTLSv1-ssl | |
614 | ||
615 | [20-server-auth-DTLSv1-ssl] | |
616 | server = 20-server-auth-DTLSv1-server | |
617 | client = 20-server-auth-DTLSv1-client | |
618 | ||
619 | [20-server-auth-DTLSv1-server] | |
620 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
621 | CipherString = DEFAULT | |
622 | MaxProtocol = DTLSv1 | |
623 | MinProtocol = DTLSv1 | |
624 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
625 | ||
626 | [20-server-auth-DTLSv1-client] | |
627 | CipherString = DEFAULT | |
628 | MaxProtocol = DTLSv1 | |
629 | MinProtocol = DTLSv1 | |
630 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
631 | VerifyMode = Peer | |
632 | ||
633 | [test-20] | |
634 | ExpectedResult = Success | |
635 | Method = DTLS | |
636 | ||
637 | ||
638 | # =========================================================== | |
639 | ||
640 | [21-client-auth-DTLSv1-request] | |
641 | ssl_conf = 21-client-auth-DTLSv1-request-ssl | |
642 | ||
643 | [21-client-auth-DTLSv1-request-ssl] | |
644 | server = 21-client-auth-DTLSv1-request-server | |
645 | client = 21-client-auth-DTLSv1-request-client | |
646 | ||
647 | [21-client-auth-DTLSv1-request-server] | |
648 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
649 | CipherString = DEFAULT | |
650 | MaxProtocol = DTLSv1 | |
651 | MinProtocol = DTLSv1 | |
652 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
653 | VerifyMode = Request | |
654 | ||
655 | [21-client-auth-DTLSv1-request-client] | |
656 | CipherString = DEFAULT | |
657 | MaxProtocol = DTLSv1 | |
658 | MinProtocol = DTLSv1 | |
659 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
660 | VerifyMode = Peer | |
661 | ||
662 | [test-21] | |
663 | ExpectedResult = Success | |
664 | Method = DTLS | |
665 | ||
666 | ||
667 | # =========================================================== | |
668 | ||
669 | [22-client-auth-DTLSv1-require-fail] | |
670 | ssl_conf = 22-client-auth-DTLSv1-require-fail-ssl | |
671 | ||
672 | [22-client-auth-DTLSv1-require-fail-ssl] | |
673 | server = 22-client-auth-DTLSv1-require-fail-server | |
674 | client = 22-client-auth-DTLSv1-require-fail-client | |
675 | ||
676 | [22-client-auth-DTLSv1-require-fail-server] | |
677 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
678 | CipherString = DEFAULT | |
679 | MaxProtocol = DTLSv1 | |
680 | MinProtocol = DTLSv1 | |
681 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
682 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem | |
683 | VerifyMode = Require | |
684 | ||
685 | [22-client-auth-DTLSv1-require-fail-client] | |
686 | CipherString = DEFAULT | |
687 | MaxProtocol = DTLSv1 | |
688 | MinProtocol = DTLSv1 | |
689 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
690 | VerifyMode = Peer | |
691 | ||
692 | [test-22] | |
693 | ExpectedResult = ServerFail | |
694 | ExpectedServerAlert = HandshakeFailure | |
695 | Method = DTLS | |
696 | ||
697 | ||
698 | # =========================================================== | |
699 | ||
700 | [23-client-auth-DTLSv1-require] | |
701 | ssl_conf = 23-client-auth-DTLSv1-require-ssl | |
702 | ||
703 | [23-client-auth-DTLSv1-require-ssl] | |
704 | server = 23-client-auth-DTLSv1-require-server | |
705 | client = 23-client-auth-DTLSv1-require-client | |
706 | ||
707 | [23-client-auth-DTLSv1-require-server] | |
708 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
709 | CipherString = DEFAULT | |
710 | MaxProtocol = DTLSv1 | |
711 | MinProtocol = DTLSv1 | |
712 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
713 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem | |
714 | VerifyMode = Request | |
715 | ||
716 | [23-client-auth-DTLSv1-require-client] | |
717 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
718 | CipherString = DEFAULT | |
719 | MaxProtocol = DTLSv1 | |
720 | MinProtocol = DTLSv1 | |
721 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem | |
722 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
723 | VerifyMode = Peer | |
724 | ||
725 | [test-23] | |
726 | ExpectedClientCertType = RSA | |
727 | ExpectedResult = Success | |
728 | Method = DTLS | |
729 | ||
730 | ||
731 | # =========================================================== | |
732 | ||
733 | [24-client-auth-DTLSv1-noroot] | |
734 | ssl_conf = 24-client-auth-DTLSv1-noroot-ssl | |
735 | ||
736 | [24-client-auth-DTLSv1-noroot-ssl] | |
737 | server = 24-client-auth-DTLSv1-noroot-server | |
738 | client = 24-client-auth-DTLSv1-noroot-client | |
739 | ||
740 | [24-client-auth-DTLSv1-noroot-server] | |
741 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
742 | CipherString = DEFAULT | |
743 | MaxProtocol = DTLSv1 | |
744 | MinProtocol = DTLSv1 | |
745 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
746 | VerifyMode = Require | |
747 | ||
748 | [24-client-auth-DTLSv1-noroot-client] | |
749 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
750 | CipherString = DEFAULT | |
751 | MaxProtocol = DTLSv1 | |
752 | MinProtocol = DTLSv1 | |
753 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem | |
754 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
755 | VerifyMode = Peer | |
756 | ||
757 | [test-24] | |
758 | ExpectedResult = ServerFail | |
759 | ExpectedServerAlert = UnknownCA | |
760 | Method = DTLS | |
761 | ||
762 | ||
763 | # =========================================================== | |
764 | ||
765 | [25-server-auth-DTLSv1.2] | |
766 | ssl_conf = 25-server-auth-DTLSv1.2-ssl | |
767 | ||
768 | [25-server-auth-DTLSv1.2-ssl] | |
769 | server = 25-server-auth-DTLSv1.2-server | |
770 | client = 25-server-auth-DTLSv1.2-client | |
771 | ||
772 | [25-server-auth-DTLSv1.2-server] | |
773 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
774 | CipherString = DEFAULT | |
775 | MaxProtocol = DTLSv1.2 | |
776 | MinProtocol = DTLSv1.2 | |
777 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
778 | ||
779 | [25-server-auth-DTLSv1.2-client] | |
780 | CipherString = DEFAULT | |
781 | MaxProtocol = DTLSv1.2 | |
782 | MinProtocol = DTLSv1.2 | |
783 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
784 | VerifyMode = Peer | |
785 | ||
786 | [test-25] | |
787 | ExpectedResult = Success | |
788 | Method = DTLS | |
789 | ||
790 | ||
791 | # =========================================================== | |
792 | ||
793 | [26-client-auth-DTLSv1.2-request] | |
794 | ssl_conf = 26-client-auth-DTLSv1.2-request-ssl | |
795 | ||
796 | [26-client-auth-DTLSv1.2-request-ssl] | |
797 | server = 26-client-auth-DTLSv1.2-request-server | |
798 | client = 26-client-auth-DTLSv1.2-request-client | |
799 | ||
800 | [26-client-auth-DTLSv1.2-request-server] | |
801 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
802 | CipherString = DEFAULT | |
803 | MaxProtocol = DTLSv1.2 | |
804 | MinProtocol = DTLSv1.2 | |
805 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
806 | VerifyMode = Request | |
807 | ||
808 | [26-client-auth-DTLSv1.2-request-client] | |
809 | CipherString = DEFAULT | |
810 | MaxProtocol = DTLSv1.2 | |
811 | MinProtocol = DTLSv1.2 | |
812 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
813 | VerifyMode = Peer | |
814 | ||
815 | [test-26] | |
816 | ExpectedResult = Success | |
817 | Method = DTLS | |
818 | ||
819 | ||
820 | # =========================================================== | |
821 | ||
822 | [27-client-auth-DTLSv1.2-require-fail] | |
823 | ssl_conf = 27-client-auth-DTLSv1.2-require-fail-ssl | |
824 | ||
825 | [27-client-auth-DTLSv1.2-require-fail-ssl] | |
826 | server = 27-client-auth-DTLSv1.2-require-fail-server | |
827 | client = 27-client-auth-DTLSv1.2-require-fail-client | |
828 | ||
829 | [27-client-auth-DTLSv1.2-require-fail-server] | |
830 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
831 | CipherString = DEFAULT | |
832 | MaxProtocol = DTLSv1.2 | |
833 | MinProtocol = DTLSv1.2 | |
834 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
835 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem | |
836 | VerifyMode = Require | |
837 | ||
838 | [27-client-auth-DTLSv1.2-require-fail-client] | |
839 | CipherString = DEFAULT | |
840 | MaxProtocol = DTLSv1.2 | |
841 | MinProtocol = DTLSv1.2 | |
842 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
843 | VerifyMode = Peer | |
844 | ||
845 | [test-27] | |
846 | ExpectedResult = ServerFail | |
847 | ExpectedServerAlert = HandshakeFailure | |
848 | Method = DTLS | |
849 | ||
850 | ||
851 | # =========================================================== | |
852 | ||
853 | [28-client-auth-DTLSv1.2-require] | |
854 | ssl_conf = 28-client-auth-DTLSv1.2-require-ssl | |
855 | ||
856 | [28-client-auth-DTLSv1.2-require-ssl] | |
857 | server = 28-client-auth-DTLSv1.2-require-server | |
858 | client = 28-client-auth-DTLSv1.2-require-client | |
859 | ||
860 | [28-client-auth-DTLSv1.2-require-server] | |
861 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
862 | CipherString = DEFAULT | |
863 | MaxProtocol = DTLSv1.2 | |
864 | MinProtocol = DTLSv1.2 | |
865 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
866 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem | |
867 | VerifyMode = Request | |
868 | ||
869 | [28-client-auth-DTLSv1.2-require-client] | |
870 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
871 | CipherString = DEFAULT | |
872 | MaxProtocol = DTLSv1.2 | |
873 | MinProtocol = DTLSv1.2 | |
874 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem | |
875 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
876 | VerifyMode = Peer | |
877 | ||
878 | [test-28] | |
879 | ExpectedClientCertType = RSA | |
880 | ExpectedResult = Success | |
881 | Method = DTLS | |
882 | ||
883 | ||
884 | # =========================================================== | |
885 | ||
886 | [29-client-auth-DTLSv1.2-noroot] | |
887 | ssl_conf = 29-client-auth-DTLSv1.2-noroot-ssl | |
888 | ||
889 | [29-client-auth-DTLSv1.2-noroot-ssl] | |
890 | server = 29-client-auth-DTLSv1.2-noroot-server | |
891 | client = 29-client-auth-DTLSv1.2-noroot-client | |
892 | ||
893 | [29-client-auth-DTLSv1.2-noroot-server] | |
894 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
895 | CipherString = DEFAULT | |
896 | MaxProtocol = DTLSv1.2 | |
897 | MinProtocol = DTLSv1.2 | |
898 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
899 | VerifyMode = Require | |
900 | ||
901 | [29-client-auth-DTLSv1.2-noroot-client] | |
902 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
903 | CipherString = DEFAULT | |
904 | MaxProtocol = DTLSv1.2 | |
905 | MinProtocol = DTLSv1.2 | |
906 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem | |
907 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
908 | VerifyMode = Peer | |
909 | ||
910 | [test-29] | |
911 | ExpectedResult = ServerFail | |
912 | ExpectedServerAlert = UnknownCA | |
913 | Method = DTLS | |
914 | ||
915 |