[thirdparty/openssl.git] / test / ssl-tests / 17-renegotiate.conf.in

# -*- mode: perl; -*-
# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License").  You may not use
# this file except in compliance with the License.  You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html


## Test Renegotiation

use strict;
use warnings;

package ssltests;
use OpenSSL::Test::Utils;

our @tests = (
    {
        name => "renegotiate-client-no-resume",
        server => {
            "Options" => "NoResumptionOnRenegotiation",
            "MaxProtocol" => "TLSv1.2"
        },
        client => {},
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateClient",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "Success"
        }
    },
    {
        name => "renegotiate-client-resume",
        server => {
            "MaxProtocol" => "TLSv1.2"
        },
        client => {},
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateClient",
            "ResumptionExpected" => "Yes",
            "ExpectedResult" => "Success"
        }
    },
    {
        name => "renegotiate-server-no-resume",
        server => {
            "Options" => "NoResumptionOnRenegotiation",
            "MaxProtocol" => "TLSv1.2"
        },
        client => {},
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateServer",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "Success"
        }
    },
    {
        name => "renegotiate-server-resume",
        server => {
            "MaxProtocol" => "TLSv1.2"
        },
        client => {},
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateServer",
            "ResumptionExpected" => "Yes",
            "ExpectedResult" => "Success"
        }
    },
    {
        name => "renegotiate-client-auth-require",
        server => {
            "Options" => "NoResumptionOnRenegotiation",
            "MaxProtocol" => "TLSv1.2",
            "VerifyCAFile" => test_pem("root-cert.pem"),
            "VerifyMode" => "Require",
        },
        client => {
            "Certificate" => test_pem("ee-client-chain.pem"),
            "PrivateKey"  => test_pem("ee-key.pem"),
        },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateServer",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "Success"
        }
    },
    {
        name => "renegotiate-client-auth-once",
        server => {
            "Options" => "NoResumptionOnRenegotiation",
            "MaxProtocol" => "TLSv1.2",
            "VerifyCAFile" => test_pem("root-cert.pem"),
            "VerifyMode" => "Once",
        },
        client => {
            "Certificate" => test_pem("ee-client-chain.pem"),
            "PrivateKey"  => test_pem("ee-key.pem"),
        },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateServer",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "Success"
        }
    }
);
our @tests_tls1_2 = (
    {
        name => "renegotiate-aead-to-non-aead",
        server => {
            "Options" => "NoResumptionOnRenegotiation",
        },
        client => {
            "CipherString" => "AES128-GCM-SHA256",
            "MaxProtocol" => "TLSv1.2",
            extra => {
                "RenegotiateCiphers" => "AES128-SHA"
            }
        },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateClient",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "Success"
        }
    },
    {
        name => "renegotiate-non-aead-to-aead",
        server => {
            "Options" => "NoResumptionOnRenegotiation",
        },
        client => {
            "CipherString" => "AES128-SHA",
            "MaxProtocol" => "TLSv1.2",
            extra => {
                "RenegotiateCiphers" => "AES128-GCM-SHA256"
            }
        },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateClient",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "Success"
        }
    },
    {
        name => "renegotiate-non-aead-to-non-aead",
        server => {
            "Options" => "NoResumptionOnRenegotiation",
        },
        client => {
            "CipherString" => "AES128-SHA",
            "MaxProtocol" => "TLSv1.2",
            extra => {
                "RenegotiateCiphers" => "AES256-SHA"
            }
        },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateClient",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "Success"
        }
    },
    {
        name => "renegotiate-aead-to-aead",
        server => {
            "Options" => "NoResumptionOnRenegotiation",
        },
        client => {
            "CipherString" => "AES128-GCM-SHA256",
            "MaxProtocol" => "TLSv1.2",
            extra => {
                "RenegotiateCiphers" => "AES256-GCM-SHA384"
            }
        },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateClient",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "Success"
        }
    },
    {
        name => "no-renegotiation-server-by-client",
        server => {
            "Options" => "NoRenegotiation",
            "MaxProtocol" => "TLSv1.2"
        },
        client => { },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateClient",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "ClientFail"
        }
    },
    {
        name => "no-renegotiation-server-by-server",
        server => {
            "Options" => "NoRenegotiation",
            "MaxProtocol" => "TLSv1.2"
        },
        client => { },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateServer",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "ServerFail"
        }
    },
    {
        name => "no-renegotiation-client-by-server",
        server => {
            "MaxProtocol" => "TLSv1.2"
        },
        client => {
            "Options" => "NoRenegotiation",
        },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateServer",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "ServerFail"
        }
    },
    {
        name => "no-renegotiation-client-by-client",
        server => {
            "MaxProtocol" => "TLSv1.2"
        },
        client => {
            "Options" => "NoRenegotiation",
        },
        test => {
            "Method" => "TLS",
            "HandshakeMode" => "RenegotiateClient",
            "ResumptionExpected" => "No",
            "ExpectedResult" => "ClientFail"
        }
    }
);

push @tests, @tests_tls1_2 unless disabled("tls1_2");
Commit	Line	Data
e42c4544 MC	1	# -- mode: perl; --
	2	# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
	3	#
909f1a2e	4	# Licensed under the Apache License 2.0 (the "License"). You may not use
e42c4544 MC	5	# this file except in compliance with the License. You can obtain a copy
	6	# in the file LICENSE in the source distribution or at
	7	# https://www.openssl.org/source/license.html
	8
	9
	10	## Test Renegotiation
	11
	12	use strict;
	13	use warnings;
	14
	15	package ssltests;
4d118fe0	16	use OpenSSL::Test::Utils;
e42c4544	17
e42c4544 MC	18	our @tests = (
e42c4544 MC	19	{
fe7dd553 MC	20	name => "renegotiate-client-no-resume",
fe7dd553 MC	21	server => {
cd998837 MC	22	"Options" => "NoResumptionOnRenegotiation",
cd998837 MC	23	"MaxProtocol" => "TLSv1.2"
fe7dd553 MC	24	},
	25	client => {},
	26	test => {
	27	"Method" => "TLS",
	28	"HandshakeMode" => "RenegotiateClient",
	29	"ResumptionExpected" => "No",
	30	"ExpectedResult" => "Success"
	31	}
	32	},
	33	{
	34	name => "renegotiate-client-resume",
cd998837 MC	35	server => {
	36	"MaxProtocol" => "TLSv1.2"
	37	},
fe7dd553 MC	38	client => {},
	39	test => {
	40	"Method" => "TLS",
	41	"HandshakeMode" => "RenegotiateClient",
	42	"ResumptionExpected" => "Yes",
	43	"ExpectedResult" => "Success"
	44	}
	45	},
	46	{
	47	name => "renegotiate-server-no-resume",
	48	server => {
cd998837 MC	49	"Options" => "NoResumptionOnRenegotiation",
cd998837 MC	50	"MaxProtocol" => "TLSv1.2"
fe7dd553 MC	51	},
	52	client => {},
	53	test => {
	54	"Method" => "TLS",
	55	"HandshakeMode" => "RenegotiateServer",
	56	"ResumptionExpected" => "No",
	57	"ExpectedResult" => "Success"
	58	}
	59	},
	60	{
	61	name => "renegotiate-server-resume",
cd998837 MC	62	server => {
	63	"MaxProtocol" => "TLSv1.2"
	64	},
e42c4544 MC	65	client => {},
	66	test => {
	67	"Method" => "TLS",
fe7dd553 MC	68	"HandshakeMode" => "RenegotiateServer",
fe7dd553 MC	69	"ResumptionExpected" => "Yes",
e42c4544 MC	70	"ExpectedResult" => "Success"
	71	}
	72	},
dff70a2b MC	73	{
	74	name => "renegotiate-client-auth-require",
	75	server => {
	76	"Options" => "NoResumptionOnRenegotiation",
	77	"MaxProtocol" => "TLSv1.2",
31b238ad	78	"VerifyCAFile" => test_pem("root-cert.pem"),
dff70a2b MC	79	"VerifyMode" => "Require",
	80	},
	81	client => {
31b238ad DSH	82	"Certificate" => test_pem("ee-client-chain.pem"),
31b238ad DSH	83	"PrivateKey" => test_pem("ee-key.pem"),
dff70a2b MC	84	},
	85	test => {
	86	"Method" => "TLS",
	87	"HandshakeMode" => "RenegotiateServer",
	88	"ResumptionExpected" => "No",
	89	"ExpectedResult" => "Success"
	90	}
	91	},
	92	{
	93	name => "renegotiate-client-auth-once",
	94	server => {
	95	"Options" => "NoResumptionOnRenegotiation",
	96	"MaxProtocol" => "TLSv1.2",
31b238ad	97	"VerifyCAFile" => test_pem("root-cert.pem"),
dff70a2b MC	98	"VerifyMode" => "Once",
	99	},
	100	client => {
31b238ad DSH	101	"Certificate" => test_pem("ee-client-chain.pem"),
31b238ad DSH	102	"PrivateKey" => test_pem("ee-key.pem"),
dff70a2b MC	103	},
	104	test => {
	105	"Method" => "TLS",
	106	"HandshakeMode" => "RenegotiateServer",
	107	"ResumptionExpected" => "No",
	108	"ExpectedResult" => "Success"
	109	}
4d118fe0 MC	110	}
	111	);
	112	our @tests_tls1_2 = (
cc22cd54 MC	113	{
	114	name => "renegotiate-aead-to-non-aead",
	115	server => {
	116	"Options" => "NoResumptionOnRenegotiation",
cc22cd54 MC	117	},
	118	client => {
	119	"CipherString" => "AES128-GCM-SHA256",
aafec89c	120	"MaxProtocol" => "TLSv1.2",
cc22cd54 MC	121	extra => {
	122	"RenegotiateCiphers" => "AES128-SHA"
	123	}
	124	},
	125	test => {
	126	"Method" => "TLS",
	127	"HandshakeMode" => "RenegotiateClient",
	128	"ResumptionExpected" => "No",
	129	"ExpectedResult" => "Success"
	130	}
	131	},
	132	{
	133	name => "renegotiate-non-aead-to-aead",
	134	server => {
	135	"Options" => "NoResumptionOnRenegotiation",
cc22cd54 MC	136	},
	137	client => {
	138	"CipherString" => "AES128-SHA",
aafec89c	139	"MaxProtocol" => "TLSv1.2",
cc22cd54 MC	140	extra => {
	141	"RenegotiateCiphers" => "AES128-GCM-SHA256"
	142	}
	143	},
	144	test => {
	145	"Method" => "TLS",
	146	"HandshakeMode" => "RenegotiateClient",
	147	"ResumptionExpected" => "No",
	148	"ExpectedResult" => "Success"
	149	}
	150	},
	151	{
	152	name => "renegotiate-non-aead-to-non-aead",
	153	server => {
	154	"Options" => "NoResumptionOnRenegotiation",
cc22cd54 MC	155	},
	156	client => {
	157	"CipherString" => "AES128-SHA",
aafec89c	158	"MaxProtocol" => "TLSv1.2",
cc22cd54 MC	159	extra => {
	160	"RenegotiateCiphers" => "AES256-SHA"
	161	}
	162	},
	163	test => {
	164	"Method" => "TLS",
	165	"HandshakeMode" => "RenegotiateClient",
	166	"ResumptionExpected" => "No",
	167	"ExpectedResult" => "Success"
	168	}
	169	},
	170	{
	171	name => "renegotiate-aead-to-aead",
	172	server => {
	173	"Options" => "NoResumptionOnRenegotiation",
cc22cd54 MC	174	},
	175	client => {
	176	"CipherString" => "AES128-GCM-SHA256",
aafec89c	177	"MaxProtocol" => "TLSv1.2",
cc22cd54 MC	178	extra => {
	179	"RenegotiateCiphers" => "AES256-GCM-SHA384"
	180	}
	181	},
	182	test => {
	183	"Method" => "TLS",
	184	"HandshakeMode" => "RenegotiateClient",
	185	"ResumptionExpected" => "No",
	186	"ExpectedResult" => "Success"
	187	}
db0f35dd TS	188	},
	189	{
	190	name => "no-renegotiation-server-by-client",
	191	server => {
	192	"Options" => "NoRenegotiation",
	193	"MaxProtocol" => "TLSv1.2"
	194	},
	195	client => { },
	196	test => {
	197	"Method" => "TLS",
	198	"HandshakeMode" => "RenegotiateClient",
	199	"ResumptionExpected" => "No",
	200	"ExpectedResult" => "ClientFail"
	201	}
	202	},
	203	{
	204	name => "no-renegotiation-server-by-server",
	205	server => {
	206	"Options" => "NoRenegotiation",
	207	"MaxProtocol" => "TLSv1.2"
	208	},
	209	client => { },
	210	test => {
	211	"Method" => "TLS",
	212	"HandshakeMode" => "RenegotiateServer",
	213	"ResumptionExpected" => "No",
	214	"ExpectedResult" => "ServerFail"
	215	}
	216	},
	217	{
	218	name => "no-renegotiation-client-by-server",
	219	server => {
	220	"MaxProtocol" => "TLSv1.2"
	221	},
	222	client => {
	223	"Options" => "NoRenegotiation",
	224	},
	225	test => {
	226	"Method" => "TLS",
	227	"HandshakeMode" => "RenegotiateServer",
	228	"ResumptionExpected" => "No",
	229	"ExpectedResult" => "ServerFail"
	230	}
	231	},
	232	{
	233	name => "no-renegotiation-client-by-client",
	234	server => {
	235	"MaxProtocol" => "TLSv1.2"
	236	},
	237	client => {
	238	"Options" => "NoRenegotiation",
	239	},
	240	test => {
	241	"Method" => "TLS",
	242	"HandshakeMode" => "RenegotiateClient",
	243	"ResumptionExpected" => "No",
	244	"ExpectedResult" => "ClientFail"
	245	}
4d118fe0	246	}
e42c4544	247	);
4d118fe0 MC	248
4d118fe0 MC	249	push @tests, @tests_tls1_2 unless disabled("tls1_2");