VirtualBox

source: vbox/trunk/src/libs/openssl-3.0.7/test/ssl-tests/18-dtls-renegotiate.cnf.in@ 97673

最後變更 在這個檔案從97673是 94320,由 vboxsync 提交於 3 年 前

libs/openssl-3.0.1: Export to OSE and fix copyright headers in Makefiles, bugref:10128
檔案大小: 7.0 KB
 
1# -*- mode: perl; -*-
2# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License"). You may not use
5# this file except in compliance with the License. You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10## Test Renegotiation
11
12use strict;
13use warnings;
14
15package ssltests;
16use OpenSSL::Test::Utils;
17
18our $fips_mode;
19
20our @tests = ();
21
22foreach my $sctp ("No", "Yes")
23{
24 next if disabled("sctp") && $sctp eq "Yes";
25 next if disabled("dtls1_2") && $fips_mode;
26
27 my $suffix = ($sctp eq "No") ? "" : "-sctp";
28 our @tests_basic = (
29 {
30 name => "renegotiate-client-no-resume".$suffix,
31 server => {
32 "CipherString" => 'DEFAULT:@SECLEVEL=0',
33 "Options" => "NoResumptionOnRenegotiation"
34 },
35 client => {
36 "CipherString" => 'DEFAULT:@SECLEVEL=0'
37 },
38 test => {
39 "Method" => "DTLS",
40 "UseSCTP" => $sctp,
41 "HandshakeMode" => "RenegotiateClient",
42 "ResumptionExpected" => "No",
43 "ExpectedResult" => "Success"
44 }
45 },
46 {
47 name => "renegotiate-client-resume".$suffix,
48 server => {
49 "CipherString" => 'DEFAULT:@SECLEVEL=0'
50 },
51 client => {
52 "CipherString" => 'DEFAULT:@SECLEVEL=0'
53 },
54 test => {
55 "Method" => "DTLS",
56 "UseSCTP" => $sctp,
57 "HandshakeMode" => "RenegotiateClient",
58 "ResumptionExpected" => "Yes",
59 "ExpectedResult" => "Success"
60 }
61 },
62 # Note: Unlike the TLS tests, we will never do resumption with server
63 # initiated reneg. This is because an OpenSSL DTLS client will always do a full
64 # handshake (i.e. it doesn't supply a session id) when it receives a
65 # HelloRequest. This is different to the OpenSSL TLS implementation where an
66 # OpenSSL client will always try an abbreviated handshake (i.e. it will supply
67 # the session id). This goes all the way to commit 48ae85b6f when abbreviated
68 # handshake support was first added. Neither behaviour is wrong, but the
69 # discrepancy is strange. TODO: Should we harmonise the TLS and DTLS behaviour,
70 # and if so, what to?
71 {
72 name => "renegotiate-server-resume".$suffix,
73 server => {
74 "CipherString" => 'DEFAULT:@SECLEVEL=0'
75 },
76 client => {
77 "CipherString" => 'DEFAULT:@SECLEVEL=0'
78 },
79 test => {
80 "Method" => "DTLS",
81 "UseSCTP" => $sctp,
82 "HandshakeMode" => "RenegotiateServer",
83 "ResumptionExpected" => "No",
84 "ExpectedResult" => "Success"
85 }
86 },
87 {
88 name => "renegotiate-client-auth-require".$suffix,
89 server => {
90 "VerifyCAFile" => test_pem("root-cert.pem"),
91 "VerifyMode" => "Require",
92 "CipherString" => 'DEFAULT:@SECLEVEL=0'
93 },
94 client => {
95 "Certificate" => test_pem("ee-client-chain.pem"),
96 "PrivateKey" => test_pem("ee-key.pem"),
97 "CipherString" => 'DEFAULT:@SECLEVEL=0'
98 },
99 test => {
100 "Method" => "DTLS",
101 "UseSCTP" => $sctp,
102 "HandshakeMode" => "RenegotiateServer",
103 "ResumptionExpected" => "No",
104 "ExpectedResult" => "Success"
105 }
106 },
107 {
108 name => "renegotiate-client-auth-once".$suffix,
109 server => {
110 "VerifyCAFile" => test_pem("root-cert.pem"),
111 "VerifyMode" => "Once",
112 "CipherString" => 'DEFAULT:@SECLEVEL=0'
113 },
114 client => {
115 "Certificate" => test_pem("ee-client-chain.pem"),
116 "PrivateKey" => test_pem("ee-key.pem"),
117 "CipherString" => 'DEFAULT:@SECLEVEL=0'
118 },
119 test => {
120 "Method" => "DTLS",
121 "UseSCTP" => $sctp,
122 "HandshakeMode" => "RenegotiateServer",
123 "ResumptionExpected" => "No",
124 "ExpectedResult" => "Success"
125 }
126 }
127 );
128 push @tests, @tests_basic;
129
130 next if disabled("dtls1_2");
131 our @tests_dtls1_2 = (
132 {
133 name => "renegotiate-aead-to-non-aead".$suffix,
134 server => {
135 "Options" => "NoResumptionOnRenegotiation"
136 },
137 client => {
138 "CipherString" => "AES128-GCM-SHA256",
139 extra => {
140 "RenegotiateCiphers" => "AES128-SHA"
141 }
142 },
143 test => {
144 "Method" => "DTLS",
145 "UseSCTP" => $sctp,
146 "HandshakeMode" => "RenegotiateClient",
147 "ResumptionExpected" => "No",
148 "ExpectedResult" => "Success"
149 }
150 },
151 {
152 name => "renegotiate-non-aead-to-aead".$suffix,
153 server => {
154 "Options" => "NoResumptionOnRenegotiation"
155 },
156 client => {
157 "CipherString" => "AES128-SHA",
158 extra => {
159 "RenegotiateCiphers" => "AES128-GCM-SHA256"
160 }
161 },
162 test => {
163 "Method" => "DTLS",
164 "UseSCTP" => $sctp,
165 "HandshakeMode" => "RenegotiateClient",
166 "ResumptionExpected" => "No",
167 "ExpectedResult" => "Success"
168 }
169 },
170 {
171 name => "renegotiate-non-aead-to-non-aead".$suffix,
172 server => {
173 "Options" => "NoResumptionOnRenegotiation"
174 },
175 client => {
176 "CipherString" => "AES128-SHA",
177 extra => {
178 "RenegotiateCiphers" => "AES256-SHA"
179 }
180 },
181 test => {
182 "Method" => "DTLS",
183 "UseSCTP" => $sctp,
184 "HandshakeMode" => "RenegotiateClient",
185 "ResumptionExpected" => "No",
186 "ExpectedResult" => "Success"
187 }
188 },
189 {
190 name => "renegotiate-aead-to-aead".$suffix,
191 server => {
192 "Options" => "NoResumptionOnRenegotiation"
193 },
194 client => {
195 "CipherString" => "AES128-GCM-SHA256",
196 extra => {
197 "RenegotiateCiphers" => "AES256-GCM-SHA384"
198 }
199 },
200 test => {
201 "Method" => "DTLS",
202 "UseSCTP" => $sctp,
203 "HandshakeMode" => "RenegotiateClient",
204 "ResumptionExpected" => "No",
205 "ExpectedResult" => "Success"
206 }
207 },
208 );
209 push @tests, @tests_dtls1_2;
210}
注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette