17-renegotiate.cnf@ 105945

最後變更在這個檔案從105945是 104078,由 vboxsync 提交於 8 月前
openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638
檔案大小: 14.9 KB

行
1	# Generated with generate_ssl_tests.pl
2
3	num_tests = 18
4
5	test-0 = 0-renegotiate-client-no-resume
6	test-1 = 1-renegotiate-client-resume
7	test-2 = 2-renegotiate-server-no-resume
8	test-3 = 3-renegotiate-server-resume
9	test-4 = 4-renegotiate-client-auth-require
10	test-5 = 5-renegotiate-client-auth-once
11	test-6 = 6-renegotiate-client-legacy-connect
12	test-7 = 7-renegotiate-aead-to-non-aead
13	test-8 = 8-renegotiate-non-aead-to-aead
14	test-9 = 9-renegotiate-non-aead-to-non-aead
15	test-10 = 10-renegotiate-aead-to-aead
16	test-11 = 11-no-renegotiation-server-by-client
17	test-12 = 12-no-renegotiation-server-by-server
18	test-13 = 13-no-renegotiation-client-by-server
19	test-14 = 14-no-renegotiation-client-by-client
20	test-15 = 15-no-extms-on-renegotiation
21	test-16 = 16-allow-client-renegotiation
22	test-17 = 17-no-client-renegotiation
23	# ===========================================================
24
25	[0-renegotiate-client-no-resume]
26	ssl_conf = 0-renegotiate-client-no-resume-ssl
27
28	[0-renegotiate-client-no-resume-ssl]
29	server = 0-renegotiate-client-no-resume-server
30	client = 0-renegotiate-client-no-resume-client
31
32	[0-renegotiate-client-no-resume-server]
33	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
34	CipherString = DEFAULT
35	MaxProtocol = TLSv1.2
36	Options = NoResumptionOnRenegotiation
37	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
38
39	[0-renegotiate-client-no-resume-client]
40	CipherString = DEFAULT
41	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
42	VerifyMode = Peer
43
44	[test-0]
45	ExpectedResult = Success
46	HandshakeMode = RenegotiateClient
47	Method = TLS
48	ResumptionExpected = No
49
50
51	# ===========================================================
52
53	[1-renegotiate-client-resume]
54	ssl_conf = 1-renegotiate-client-resume-ssl
55
56	[1-renegotiate-client-resume-ssl]
57	server = 1-renegotiate-client-resume-server
58	client = 1-renegotiate-client-resume-client
59
60	[1-renegotiate-client-resume-server]
61	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
62	CipherString = DEFAULT
63	MaxProtocol = TLSv1.2
64	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
65
66	[1-renegotiate-client-resume-client]
67	CipherString = DEFAULT
68	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
69	VerifyMode = Peer
70
71	[test-1]
72	ExpectedResult = Success
73	HandshakeMode = RenegotiateClient
74	Method = TLS
75	ResumptionExpected = Yes
76
77
78	# ===========================================================
79
80	[2-renegotiate-server-no-resume]
81	ssl_conf = 2-renegotiate-server-no-resume-ssl
82
83	[2-renegotiate-server-no-resume-ssl]
84	server = 2-renegotiate-server-no-resume-server
85	client = 2-renegotiate-server-no-resume-client
86
87	[2-renegotiate-server-no-resume-server]
88	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
89	CipherString = DEFAULT
90	MaxProtocol = TLSv1.2
91	Options = NoResumptionOnRenegotiation
92	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
93
94	[2-renegotiate-server-no-resume-client]
95	CipherString = DEFAULT
96	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
97	VerifyMode = Peer
98
99	[test-2]
100	ExpectedResult = Success
101	HandshakeMode = RenegotiateServer
102	Method = TLS
103	ResumptionExpected = No
104
105
106	# ===========================================================
107
108	[3-renegotiate-server-resume]
109	ssl_conf = 3-renegotiate-server-resume-ssl
110
111	[3-renegotiate-server-resume-ssl]
112	server = 3-renegotiate-server-resume-server
113	client = 3-renegotiate-server-resume-client
114
115	[3-renegotiate-server-resume-server]
116	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
117	CipherString = DEFAULT
118	MaxProtocol = TLSv1.2
119	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
120
121	[3-renegotiate-server-resume-client]
122	CipherString = DEFAULT
123	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
124	VerifyMode = Peer
125
126	[test-3]
127	ExpectedResult = Success
128	HandshakeMode = RenegotiateServer
129	Method = TLS
130	ResumptionExpected = Yes
131
132
133	# ===========================================================
134
135	[4-renegotiate-client-auth-require]
136	ssl_conf = 4-renegotiate-client-auth-require-ssl
137
138	[4-renegotiate-client-auth-require-ssl]
139	server = 4-renegotiate-client-auth-require-server
140	client = 4-renegotiate-client-auth-require-client
141
142	[4-renegotiate-client-auth-require-server]
143	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
144	CipherString = DEFAULT
145	MaxProtocol = TLSv1.2
146	Options = NoResumptionOnRenegotiation
147	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
148	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
149	VerifyMode = Require
150
151	[4-renegotiate-client-auth-require-client]
152	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
153	CipherString = DEFAULT
154	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
155	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
156	VerifyMode = Peer
157
158	[test-4]
159	ExpectedResult = Success
160	HandshakeMode = RenegotiateServer
161	Method = TLS
162	ResumptionExpected = No
163
164
165	# ===========================================================
166
167	[5-renegotiate-client-auth-once]
168	ssl_conf = 5-renegotiate-client-auth-once-ssl
169
170	[5-renegotiate-client-auth-once-ssl]
171	server = 5-renegotiate-client-auth-once-server
172	client = 5-renegotiate-client-auth-once-client
173
174	[5-renegotiate-client-auth-once-server]
175	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
176	CipherString = DEFAULT
177	MaxProtocol = TLSv1.2
178	Options = NoResumptionOnRenegotiation
179	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
180	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
181	VerifyMode = Once
182
183	[5-renegotiate-client-auth-once-client]
184	Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
185	CipherString = DEFAULT
186	PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
187	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
188	VerifyMode = Peer
189
190	[test-5]
191	ExpectedResult = Success
192	HandshakeMode = RenegotiateServer
193	Method = TLS
194	ResumptionExpected = No
195
196
197	# ===========================================================
198
199	[6-renegotiate-client-legacy-connect]
200	ssl_conf = 6-renegotiate-client-legacy-connect-ssl
201
202	[6-renegotiate-client-legacy-connect-ssl]
203	server = 6-renegotiate-client-legacy-connect-server
204	client = 6-renegotiate-client-legacy-connect-client
205
206	[6-renegotiate-client-legacy-connect-server]
207	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
208	CipherString = DEFAULT
209	MaxProtocol = TLSv1.2
210	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
211
212	[6-renegotiate-client-legacy-connect-client]
213	CipherString = DEFAULT
214	Options = UnsafeLegacyServerConnect
215	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
216	VerifyMode = Peer
217
218	[test-6]
219	ExpectedResult = Success
220	HandshakeMode = RenegotiateClient
221	Method = TLS
222	ResumptionExpected = Yes
223
224
225	# ===========================================================
226
227	[7-renegotiate-aead-to-non-aead]
228	ssl_conf = 7-renegotiate-aead-to-non-aead-ssl
229
230	[7-renegotiate-aead-to-non-aead-ssl]
231	server = 7-renegotiate-aead-to-non-aead-server
232	client = 7-renegotiate-aead-to-non-aead-client
233
234	[7-renegotiate-aead-to-non-aead-server]
235	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
236	CipherString = DEFAULT
237	Options = NoResumptionOnRenegotiation
238	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
239
240	[7-renegotiate-aead-to-non-aead-client]
241	CipherString = AES128-GCM-SHA256
242	MaxProtocol = TLSv1.2
243	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
244	VerifyMode = Peer
245
246	[test-7]
247	ExpectedResult = Success
248	HandshakeMode = RenegotiateClient
249	Method = TLS
250	ResumptionExpected = No
251	client = 7-renegotiate-aead-to-non-aead-client-extra
252
253	[7-renegotiate-aead-to-non-aead-client-extra]
254	RenegotiateCiphers = AES128-SHA
255
256
257	# ===========================================================
258
259	[8-renegotiate-non-aead-to-aead]
260	ssl_conf = 8-renegotiate-non-aead-to-aead-ssl
261
262	[8-renegotiate-non-aead-to-aead-ssl]
263	server = 8-renegotiate-non-aead-to-aead-server
264	client = 8-renegotiate-non-aead-to-aead-client
265
266	[8-renegotiate-non-aead-to-aead-server]
267	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
268	CipherString = DEFAULT
269	Options = NoResumptionOnRenegotiation
270	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
271
272	[8-renegotiate-non-aead-to-aead-client]
273	CipherString = AES128-SHA
274	MaxProtocol = TLSv1.2
275	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
276	VerifyMode = Peer
277
278	[test-8]
279	ExpectedResult = Success
280	HandshakeMode = RenegotiateClient
281	Method = TLS
282	ResumptionExpected = No
283	client = 8-renegotiate-non-aead-to-aead-client-extra
284
285	[8-renegotiate-non-aead-to-aead-client-extra]
286	RenegotiateCiphers = AES128-GCM-SHA256
287
288
289	# ===========================================================
290
291	[9-renegotiate-non-aead-to-non-aead]
292	ssl_conf = 9-renegotiate-non-aead-to-non-aead-ssl
293
294	[9-renegotiate-non-aead-to-non-aead-ssl]
295	server = 9-renegotiate-non-aead-to-non-aead-server
296	client = 9-renegotiate-non-aead-to-non-aead-client
297
298	[9-renegotiate-non-aead-to-non-aead-server]
299	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
300	CipherString = DEFAULT
301	Options = NoResumptionOnRenegotiation
302	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
303
304	[9-renegotiate-non-aead-to-non-aead-client]
305	CipherString = AES128-SHA
306	MaxProtocol = TLSv1.2
307	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
308	VerifyMode = Peer
309
310	[test-9]
311	ExpectedResult = Success
312	HandshakeMode = RenegotiateClient
313	Method = TLS
314	ResumptionExpected = No
315	client = 9-renegotiate-non-aead-to-non-aead-client-extra
316
317	[9-renegotiate-non-aead-to-non-aead-client-extra]
318	RenegotiateCiphers = AES256-SHA
319
320
321	# ===========================================================
322
323	[10-renegotiate-aead-to-aead]
324	ssl_conf = 10-renegotiate-aead-to-aead-ssl
325
326	[10-renegotiate-aead-to-aead-ssl]
327	server = 10-renegotiate-aead-to-aead-server
328	client = 10-renegotiate-aead-to-aead-client
329
330	[10-renegotiate-aead-to-aead-server]
331	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
332	CipherString = DEFAULT
333	Options = NoResumptionOnRenegotiation
334	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
335
336	[10-renegotiate-aead-to-aead-client]
337	CipherString = AES128-GCM-SHA256
338	MaxProtocol = TLSv1.2
339	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
340	VerifyMode = Peer
341
342	[test-10]
343	ExpectedResult = Success
344	HandshakeMode = RenegotiateClient
345	Method = TLS
346	ResumptionExpected = No
347	client = 10-renegotiate-aead-to-aead-client-extra
348
349	[10-renegotiate-aead-to-aead-client-extra]
350	RenegotiateCiphers = AES256-GCM-SHA384
351
352
353	# ===========================================================
354
355	[11-no-renegotiation-server-by-client]
356	ssl_conf = 11-no-renegotiation-server-by-client-ssl
357
358	[11-no-renegotiation-server-by-client-ssl]
359	server = 11-no-renegotiation-server-by-client-server
360	client = 11-no-renegotiation-server-by-client-client
361
362	[11-no-renegotiation-server-by-client-server]
363	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
364	CipherString = DEFAULT
365	MaxProtocol = TLSv1.2
366	Options = NoRenegotiation
367	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
368
369	[11-no-renegotiation-server-by-client-client]
370	CipherString = DEFAULT
371	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
372	VerifyMode = Peer
373
374	[test-11]
375	ExpectedResult = ClientFail
376	HandshakeMode = RenegotiateClient
377	Method = TLS
378	ResumptionExpected = No
379
380
381	# ===========================================================
382
383	[12-no-renegotiation-server-by-server]
384	ssl_conf = 12-no-renegotiation-server-by-server-ssl
385
386	[12-no-renegotiation-server-by-server-ssl]
387	server = 12-no-renegotiation-server-by-server-server
388	client = 12-no-renegotiation-server-by-server-client
389
390	[12-no-renegotiation-server-by-server-server]
391	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
392	CipherString = DEFAULT
393	MaxProtocol = TLSv1.2
394	Options = NoRenegotiation
395	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
396
397	[12-no-renegotiation-server-by-server-client]
398	CipherString = DEFAULT
399	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
400	VerifyMode = Peer
401
402	[test-12]
403	ExpectedResult = ServerFail
404	HandshakeMode = RenegotiateServer
405	Method = TLS
406	ResumptionExpected = No
407
408
409	# ===========================================================
410
411	[13-no-renegotiation-client-by-server]
412	ssl_conf = 13-no-renegotiation-client-by-server-ssl
413
414	[13-no-renegotiation-client-by-server-ssl]
415	server = 13-no-renegotiation-client-by-server-server
416	client = 13-no-renegotiation-client-by-server-client
417
418	[13-no-renegotiation-client-by-server-server]
419	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
420	CipherString = DEFAULT
421	MaxProtocol = TLSv1.2
422	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
423
424	[13-no-renegotiation-client-by-server-client]
425	CipherString = DEFAULT
426	Options = NoRenegotiation
427	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
428	VerifyMode = Peer
429
430	[test-13]
431	ExpectedResult = ServerFail
432	HandshakeMode = RenegotiateServer
433	Method = TLS
434	ResumptionExpected = No
435
436
437	# ===========================================================
438
439	[14-no-renegotiation-client-by-client]
440	ssl_conf = 14-no-renegotiation-client-by-client-ssl
441
442	[14-no-renegotiation-client-by-client-ssl]
443	server = 14-no-renegotiation-client-by-client-server
444	client = 14-no-renegotiation-client-by-client-client
445
446	[14-no-renegotiation-client-by-client-server]
447	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
448	CipherString = DEFAULT
449	MaxProtocol = TLSv1.2
450	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
451
452	[14-no-renegotiation-client-by-client-client]
453	CipherString = DEFAULT
454	Options = NoRenegotiation
455	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
456	VerifyMode = Peer
457
458	[test-14]
459	ExpectedResult = ClientFail
460	HandshakeMode = RenegotiateClient
461	Method = TLS
462	ResumptionExpected = No
463
464
465	# ===========================================================
466
467	[15-no-extms-on-renegotiation]
468	ssl_conf = 15-no-extms-on-renegotiation-ssl
469
470	[15-no-extms-on-renegotiation-ssl]
471	server = 15-no-extms-on-renegotiation-server
472	client = 15-no-extms-on-renegotiation-client
473
474	[15-no-extms-on-renegotiation-server]
475	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
476	CipherString = DEFAULT
477	MaxProtocol = TLSv1.2
478	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
479
480	[15-no-extms-on-renegotiation-client]
481	CipherString = DEFAULT
482	MaxProtocol = TLSv1.2
483	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
484	VerifyMode = Peer
485
486	[test-15]
487	ExpectedResult = ServerFail
488	HandshakeMode = RenegotiateClient
489	Method = TLS
490	ResumptionExpected = No
491	client = 15-no-extms-on-renegotiation-client-extra
492
493	[15-no-extms-on-renegotiation-client-extra]
494	RenegotiateNoExtms = Yes
495
496
497	# ===========================================================
498
499	[16-allow-client-renegotiation]
500	ssl_conf = 16-allow-client-renegotiation-ssl
501
502	[16-allow-client-renegotiation-ssl]
503	server = 16-allow-client-renegotiation-server
504	client = 16-allow-client-renegotiation-client
505
506	[16-allow-client-renegotiation-server]
507	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
508	CipherString = DEFAULT
509	MaxProtocol = TLSv1.2
510	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
511
512	[16-allow-client-renegotiation-client]
513	CipherString = DEFAULT
514	MaxProtocol = TLSv1.2
515	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
516	VerifyMode = Peer
517
518	[test-16]
519	ExpectedResult = Success
520	HandshakeMode = RenegotiateClient
521	Method = TLS
522	ResumptionExpected = Yes
523
524
525	# ===========================================================
526
527	[17-no-client-renegotiation]
528	ssl_conf = 17-no-client-renegotiation-ssl
529
530	[17-no-client-renegotiation-ssl]
531	server = 17-no-client-renegotiation-server
532	client = 17-no-client-renegotiation-client
533
534	[17-no-client-renegotiation-server]
535	Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
536	CipherString = DEFAULT
537	MaxProtocol = TLSv1.2
538	Options = -ClientRenegotiation
539	PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
540
541	[17-no-client-renegotiation-client]
542	CipherString = DEFAULT
543	MaxProtocol = TLSv1.2
544	VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
545	VerifyMode = Peer
546
547	[test-17]
548	ExpectedResult = ClientFail
549	ExpectedServerAlert = NoRenegotiation
550	HandshakeMode = RenegotiateClient
551	Method = TLS
552	ResumptionExpected = No
553
554

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

以其他格式下載:

原來格式