[thirdparty/openssl.git] / test / ssl-tests / 12-ct.cnf.in

# -*- mode: perl; -*-
# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License").  You may not use
# this file except in compliance with the License.  You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html


## Test version negotiation

use strict;
use warnings;

package ssltests;


our @tests = (
    {
        name => "ct-permissive-without-scts",
        server => { },
        client => {
            extra => {
                "CTValidation" => "Permissive",
            },
        },
        test => {
            "ExpectedResult" => "Success",
        },
    },
    {
        name => "ct-permissive-with-scts",
        server => {
            "Certificate" => test_pem("embeddedSCTs1.pem"),
            "PrivateKey"  => test_pem("embeddedSCTs1-key.pem"),
        },
        client => {
            "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
            extra => {
                "CTValidation" => "Permissive",
            },
        },
        test => {
            "ExpectedResult" => "Success",
        },
    },
    {
        name => "ct-strict-without-scts",
        server => { },
        client => {
            extra => {
                "CTValidation" => "Strict",
            },
        },
        test => {
            "ExpectedResult" => "ClientFail",
            "ExpectedClientAlert" => "HandshakeFailure",
        },
    },
    {
        name => "ct-strict-with-scts",
        server => {
            "Certificate" => test_pem("embeddedSCTs1.pem"),
            "PrivateKey"  => test_pem("embeddedSCTs1-key.pem"),
        },
        client => {
            "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
            extra => {
                "CTValidation" => "Strict",
            },
        },
        test => {
            "ExpectedResult" => "Success",
        },
    },
    {
        name => "ct-permissive-resumption",
        server => {
            "Certificate" => test_pem("embeddedSCTs1.pem"),
            "PrivateKey"  => test_pem("embeddedSCTs1-key.pem"),
        },
        client => {
            "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
            extra => {
                "CTValidation" => "Permissive",
            },
        },
        test => {
            "HandshakeMode" => "Resume",
            "ResumptionExpected" => "Yes",
            "ExpectedResult" => "Success",
        },
    },
    {
        name => "ct-strict-resumption",
        server => {
            "Certificate" => test_pem("embeddedSCTs1.pem"),
            "PrivateKey"  => test_pem("embeddedSCTs1-key.pem"),
        },
        client => {
            "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
            extra => {
                "CTValidation" => "Strict",
            },
        },
        # SCTs are not present during resumption, so the resumption
        # should succeed.
        resume_client => {
            extra => {
                "CTValidation" => "Strict",
            },
        },
        test => {
            "HandshakeMode" => "Resume",
            "ResumptionExpected" => "Yes",
            "ExpectedResult" => "Success",
        },
    },
);
Commit	Line	Data
da085d27 EK	1	# -- mode: perl; --
	2	# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
	3	#
909f1a2e	4	# Licensed under the Apache License 2.0 (the "License"). You may not use
da085d27 EK	5	# this file except in compliance with the License. You can obtain a copy
	6	# in the file LICENSE in the source distribution or at
	7	# https://www.openssl.org/source/license.html
	8
	9
	10	## Test version negotiation
	11
	12	use strict;
	13	use warnings;
	14
	15	package ssltests;
	16
	17
	18	our @tests = (
da085d27	19	{
2094ea07	20	name => "ct-permissive-without-scts",
71728dd8 MC	21	server => { },
	22	client => {
	23	extra => {
	24	"CTValidation" => "Permissive",
	25	},
	26	},
	27	test => {
	28	"ExpectedResult" => "Success",
	29	},
2094ea07	30	},
da085d27	31	{
2094ea07 RP	32	name => "ct-permissive-with-scts",
	33	server => {
	34	"Certificate" => test_pem("embeddedSCTs1.pem"),
	35	"PrivateKey" => test_pem("embeddedSCTs1-key.pem"),
	36	},
	37	client => {
	38	"VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
	39	extra => {
	40	"CTValidation" => "Permissive",
	41	},
	42	},
	43	test => {
	44	"ExpectedResult" => "Success",
	45	},
	46	},
	47	{
	48	name => "ct-strict-without-scts",
71728dd8 MC	49	server => { },
	50	client => {
	51	extra => {
	52	"CTValidation" => "Strict",
	53	},
	54	},
	55	test => {
	56	"ExpectedResult" => "ClientFail",
	57	"ExpectedClientAlert" => "HandshakeFailure",
	58	},
da085d27	59	},
2094ea07 RP	60	{
	61	name => "ct-strict-with-scts",
	62	server => {
	63	"Certificate" => test_pem("embeddedSCTs1.pem"),
	64	"PrivateKey" => test_pem("embeddedSCTs1-key.pem"),
	65	},
	66	client => {
	67	"VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
	68	extra => {
	69	"CTValidation" => "Strict",
	70	},
	71	},
	72	test => {
	73	"ExpectedResult" => "Success",
	74	},
	75	},
da085d27	76	{
71728dd8	77	name => "ct-permissive-resumption",
2094ea07 RP	78	server => {
	79	"Certificate" => test_pem("embeddedSCTs1.pem"),
	80	"PrivateKey" => test_pem("embeddedSCTs1-key.pem"),
	81	},
71728dd8	82	client => {
2094ea07	83	"VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
71728dd8 MC	84	extra => {
	85	"CTValidation" => "Permissive",
	86	},
	87	},
	88	test => {
	89	"HandshakeMode" => "Resume",
	90	"ResumptionExpected" => "Yes",
	91	"ExpectedResult" => "Success",
	92	},
2094ea07	93	},
da085d27	94	{
71728dd8	95	name => "ct-strict-resumption",
2094ea07 RP	96	server => {
	97	"Certificate" => test_pem("embeddedSCTs1.pem"),
	98	"PrivateKey" => test_pem("embeddedSCTs1-key.pem"),
	99	},
71728dd8	100	client => {
2094ea07	101	"VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
71728dd8	102	extra => {
2094ea07	103	"CTValidation" => "Strict",
71728dd8 MC	104	},
	105	},
	106	# SCTs are not present during resumption, so the resumption
	107	# should succeed.
	108	resume_client => {
71728dd8 MC	109	extra => {
	110	"CTValidation" => "Strict",
	111	},
	112	},
	113	test => {
	114	"HandshakeMode" => "Resume",
	115	"ResumptionExpected" => "Yes",
	116	"ExpectedResult" => "Success",
	117	},
da085d27 EK	118	},
da085d27 EK	119	);