1# Generated with generate_ssl_tests.pl 2 3num_tests = 17 4 5test-0 = 0-renegotiate-client-no-resume 6test-1 = 1-renegotiate-client-resume 7test-2 = 2-renegotiate-server-no-resume 8test-3 = 3-renegotiate-server-resume 9test-4 = 4-renegotiate-client-auth-require 10test-5 = 5-renegotiate-client-auth-once 11test-6 = 6-renegotiate-aead-to-non-aead 12test-7 = 7-renegotiate-non-aead-to-aead 13test-8 = 8-renegotiate-non-aead-to-non-aead 14test-9 = 9-renegotiate-aead-to-aead 15test-10 = 10-no-renegotiation-server-by-client 16test-11 = 11-no-renegotiation-server-by-server 17test-12 = 12-no-renegotiation-client-by-server 18test-13 = 13-no-renegotiation-client-by-client 19test-14 = 14-no-extms-on-renegotiation 20test-15 = 15-allow-client-renegotiation 21test-16 = 16-no-client-renegotiation 22# =========================================================== 23 24[0-renegotiate-client-no-resume] 25ssl_conf = 0-renegotiate-client-no-resume-ssl 26 27[0-renegotiate-client-no-resume-ssl] 28server = 0-renegotiate-client-no-resume-server 29client = 0-renegotiate-client-no-resume-client 30 31[0-renegotiate-client-no-resume-server] 32Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 33CipherString = DEFAULT 34MaxProtocol = TLSv1.2 35Options = NoResumptionOnRenegotiation 36PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 37 38[0-renegotiate-client-no-resume-client] 39CipherString = DEFAULT 40VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 41VerifyMode = Peer 42 43[test-0] 44ExpectedResult = Success 45HandshakeMode = RenegotiateClient 46Method = TLS 47ResumptionExpected = No 48 49 50# =========================================================== 51 52[1-renegotiate-client-resume] 53ssl_conf = 1-renegotiate-client-resume-ssl 54 55[1-renegotiate-client-resume-ssl] 56server = 1-renegotiate-client-resume-server 57client = 1-renegotiate-client-resume-client 58 59[1-renegotiate-client-resume-server] 60Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 61CipherString = DEFAULT 62MaxProtocol = TLSv1.2 63PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 64 65[1-renegotiate-client-resume-client] 66CipherString = DEFAULT 67VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 68VerifyMode = Peer 69 70[test-1] 71ExpectedResult = Success 72HandshakeMode = RenegotiateClient 73Method = TLS 74ResumptionExpected = Yes 75 76 77# =========================================================== 78 79[2-renegotiate-server-no-resume] 80ssl_conf = 2-renegotiate-server-no-resume-ssl 81 82[2-renegotiate-server-no-resume-ssl] 83server = 2-renegotiate-server-no-resume-server 84client = 2-renegotiate-server-no-resume-client 85 86[2-renegotiate-server-no-resume-server] 87Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 88CipherString = DEFAULT 89MaxProtocol = TLSv1.2 90Options = NoResumptionOnRenegotiation 91PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 92 93[2-renegotiate-server-no-resume-client] 94CipherString = DEFAULT 95VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 96VerifyMode = Peer 97 98[test-2] 99ExpectedResult = Success 100HandshakeMode = RenegotiateServer 101Method = TLS 102ResumptionExpected = No 103 104 105# =========================================================== 106 107[3-renegotiate-server-resume] 108ssl_conf = 3-renegotiate-server-resume-ssl 109 110[3-renegotiate-server-resume-ssl] 111server = 3-renegotiate-server-resume-server 112client = 3-renegotiate-server-resume-client 113 114[3-renegotiate-server-resume-server] 115Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 116CipherString = DEFAULT 117MaxProtocol = TLSv1.2 118PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 119 120[3-renegotiate-server-resume-client] 121CipherString = DEFAULT 122VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 123VerifyMode = Peer 124 125[test-3] 126ExpectedResult = Success 127HandshakeMode = RenegotiateServer 128Method = TLS 129ResumptionExpected = Yes 130 131 132# =========================================================== 133 134[4-renegotiate-client-auth-require] 135ssl_conf = 4-renegotiate-client-auth-require-ssl 136 137[4-renegotiate-client-auth-require-ssl] 138server = 4-renegotiate-client-auth-require-server 139client = 4-renegotiate-client-auth-require-client 140 141[4-renegotiate-client-auth-require-server] 142Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 143CipherString = DEFAULT 144MaxProtocol = TLSv1.2 145Options = NoResumptionOnRenegotiation 146PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 147VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 148VerifyMode = Require 149 150[4-renegotiate-client-auth-require-client] 151Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 152CipherString = DEFAULT 153PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 154VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 155VerifyMode = Peer 156 157[test-4] 158ExpectedResult = Success 159HandshakeMode = RenegotiateServer 160Method = TLS 161ResumptionExpected = No 162 163 164# =========================================================== 165 166[5-renegotiate-client-auth-once] 167ssl_conf = 5-renegotiate-client-auth-once-ssl 168 169[5-renegotiate-client-auth-once-ssl] 170server = 5-renegotiate-client-auth-once-server 171client = 5-renegotiate-client-auth-once-client 172 173[5-renegotiate-client-auth-once-server] 174Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 175CipherString = DEFAULT 176MaxProtocol = TLSv1.2 177Options = NoResumptionOnRenegotiation 178PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 179VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 180VerifyMode = Once 181 182[5-renegotiate-client-auth-once-client] 183Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 184CipherString = DEFAULT 185PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 186VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 187VerifyMode = Peer 188 189[test-5] 190ExpectedResult = Success 191HandshakeMode = RenegotiateServer 192Method = TLS 193ResumptionExpected = No 194 195 196# =========================================================== 197 198[6-renegotiate-aead-to-non-aead] 199ssl_conf = 6-renegotiate-aead-to-non-aead-ssl 200 201[6-renegotiate-aead-to-non-aead-ssl] 202server = 6-renegotiate-aead-to-non-aead-server 203client = 6-renegotiate-aead-to-non-aead-client 204 205[6-renegotiate-aead-to-non-aead-server] 206Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 207CipherString = DEFAULT 208Options = NoResumptionOnRenegotiation 209PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 210 211[6-renegotiate-aead-to-non-aead-client] 212CipherString = AES128-GCM-SHA256 213MaxProtocol = TLSv1.2 214VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 215VerifyMode = Peer 216 217[test-6] 218ExpectedResult = Success 219HandshakeMode = RenegotiateClient 220Method = TLS 221ResumptionExpected = No 222client = 6-renegotiate-aead-to-non-aead-client-extra 223 224[6-renegotiate-aead-to-non-aead-client-extra] 225RenegotiateCiphers = AES128-SHA 226 227 228# =========================================================== 229 230[7-renegotiate-non-aead-to-aead] 231ssl_conf = 7-renegotiate-non-aead-to-aead-ssl 232 233[7-renegotiate-non-aead-to-aead-ssl] 234server = 7-renegotiate-non-aead-to-aead-server 235client = 7-renegotiate-non-aead-to-aead-client 236 237[7-renegotiate-non-aead-to-aead-server] 238Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 239CipherString = DEFAULT 240Options = NoResumptionOnRenegotiation 241PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 242 243[7-renegotiate-non-aead-to-aead-client] 244CipherString = AES128-SHA 245MaxProtocol = TLSv1.2 246VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 247VerifyMode = Peer 248 249[test-7] 250ExpectedResult = Success 251HandshakeMode = RenegotiateClient 252Method = TLS 253ResumptionExpected = No 254client = 7-renegotiate-non-aead-to-aead-client-extra 255 256[7-renegotiate-non-aead-to-aead-client-extra] 257RenegotiateCiphers = AES128-GCM-SHA256 258 259 260# =========================================================== 261 262[8-renegotiate-non-aead-to-non-aead] 263ssl_conf = 8-renegotiate-non-aead-to-non-aead-ssl 264 265[8-renegotiate-non-aead-to-non-aead-ssl] 266server = 8-renegotiate-non-aead-to-non-aead-server 267client = 8-renegotiate-non-aead-to-non-aead-client 268 269[8-renegotiate-non-aead-to-non-aead-server] 270Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 271CipherString = DEFAULT 272Options = NoResumptionOnRenegotiation 273PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 274 275[8-renegotiate-non-aead-to-non-aead-client] 276CipherString = AES128-SHA 277MaxProtocol = TLSv1.2 278VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 279VerifyMode = Peer 280 281[test-8] 282ExpectedResult = Success 283HandshakeMode = RenegotiateClient 284Method = TLS 285ResumptionExpected = No 286client = 8-renegotiate-non-aead-to-non-aead-client-extra 287 288[8-renegotiate-non-aead-to-non-aead-client-extra] 289RenegotiateCiphers = AES256-SHA 290 291 292# =========================================================== 293 294[9-renegotiate-aead-to-aead] 295ssl_conf = 9-renegotiate-aead-to-aead-ssl 296 297[9-renegotiate-aead-to-aead-ssl] 298server = 9-renegotiate-aead-to-aead-server 299client = 9-renegotiate-aead-to-aead-client 300 301[9-renegotiate-aead-to-aead-server] 302Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 303CipherString = DEFAULT 304Options = NoResumptionOnRenegotiation 305PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 306 307[9-renegotiate-aead-to-aead-client] 308CipherString = AES128-GCM-SHA256 309MaxProtocol = TLSv1.2 310VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 311VerifyMode = Peer 312 313[test-9] 314ExpectedResult = Success 315HandshakeMode = RenegotiateClient 316Method = TLS 317ResumptionExpected = No 318client = 9-renegotiate-aead-to-aead-client-extra 319 320[9-renegotiate-aead-to-aead-client-extra] 321RenegotiateCiphers = AES256-GCM-SHA384 322 323 324# =========================================================== 325 326[10-no-renegotiation-server-by-client] 327ssl_conf = 10-no-renegotiation-server-by-client-ssl 328 329[10-no-renegotiation-server-by-client-ssl] 330server = 10-no-renegotiation-server-by-client-server 331client = 10-no-renegotiation-server-by-client-client 332 333[10-no-renegotiation-server-by-client-server] 334Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 335CipherString = DEFAULT 336MaxProtocol = TLSv1.2 337Options = NoRenegotiation 338PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 339 340[10-no-renegotiation-server-by-client-client] 341CipherString = DEFAULT 342VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 343VerifyMode = Peer 344 345[test-10] 346ExpectedResult = ClientFail 347HandshakeMode = RenegotiateClient 348Method = TLS 349ResumptionExpected = No 350 351 352# =========================================================== 353 354[11-no-renegotiation-server-by-server] 355ssl_conf = 11-no-renegotiation-server-by-server-ssl 356 357[11-no-renegotiation-server-by-server-ssl] 358server = 11-no-renegotiation-server-by-server-server 359client = 11-no-renegotiation-server-by-server-client 360 361[11-no-renegotiation-server-by-server-server] 362Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 363CipherString = DEFAULT 364MaxProtocol = TLSv1.2 365Options = NoRenegotiation 366PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 367 368[11-no-renegotiation-server-by-server-client] 369CipherString = DEFAULT 370VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 371VerifyMode = Peer 372 373[test-11] 374ExpectedResult = ServerFail 375HandshakeMode = RenegotiateServer 376Method = TLS 377ResumptionExpected = No 378 379 380# =========================================================== 381 382[12-no-renegotiation-client-by-server] 383ssl_conf = 12-no-renegotiation-client-by-server-ssl 384 385[12-no-renegotiation-client-by-server-ssl] 386server = 12-no-renegotiation-client-by-server-server 387client = 12-no-renegotiation-client-by-server-client 388 389[12-no-renegotiation-client-by-server-server] 390Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 391CipherString = DEFAULT 392MaxProtocol = TLSv1.2 393PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 394 395[12-no-renegotiation-client-by-server-client] 396CipherString = DEFAULT 397Options = NoRenegotiation 398VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 399VerifyMode = Peer 400 401[test-12] 402ExpectedResult = ServerFail 403HandshakeMode = RenegotiateServer 404Method = TLS 405ResumptionExpected = No 406 407 408# =========================================================== 409 410[13-no-renegotiation-client-by-client] 411ssl_conf = 13-no-renegotiation-client-by-client-ssl 412 413[13-no-renegotiation-client-by-client-ssl] 414server = 13-no-renegotiation-client-by-client-server 415client = 13-no-renegotiation-client-by-client-client 416 417[13-no-renegotiation-client-by-client-server] 418Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 419CipherString = DEFAULT 420MaxProtocol = TLSv1.2 421PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 422 423[13-no-renegotiation-client-by-client-client] 424CipherString = DEFAULT 425Options = NoRenegotiation 426VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 427VerifyMode = Peer 428 429[test-13] 430ExpectedResult = ClientFail 431HandshakeMode = RenegotiateClient 432Method = TLS 433ResumptionExpected = No 434 435 436# =========================================================== 437 438[14-no-extms-on-renegotiation] 439ssl_conf = 14-no-extms-on-renegotiation-ssl 440 441[14-no-extms-on-renegotiation-ssl] 442server = 14-no-extms-on-renegotiation-server 443client = 14-no-extms-on-renegotiation-client 444 445[14-no-extms-on-renegotiation-server] 446Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 447CipherString = DEFAULT 448MaxProtocol = TLSv1.2 449PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 450 451[14-no-extms-on-renegotiation-client] 452CipherString = DEFAULT 453MaxProtocol = TLSv1.2 454VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 455VerifyMode = Peer 456 457[test-14] 458ExpectedResult = ServerFail 459HandshakeMode = RenegotiateClient 460Method = TLS 461ResumptionExpected = No 462client = 14-no-extms-on-renegotiation-client-extra 463 464[14-no-extms-on-renegotiation-client-extra] 465RenegotiateNoExtms = Yes 466 467 468# =========================================================== 469 470[15-allow-client-renegotiation] 471ssl_conf = 15-allow-client-renegotiation-ssl 472 473[15-allow-client-renegotiation-ssl] 474server = 15-allow-client-renegotiation-server 475client = 15-allow-client-renegotiation-client 476 477[15-allow-client-renegotiation-server] 478Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 479CipherString = DEFAULT 480MaxProtocol = TLSv1.2 481PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 482 483[15-allow-client-renegotiation-client] 484CipherString = DEFAULT 485MaxProtocol = TLSv1.2 486VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 487VerifyMode = Peer 488 489[test-15] 490ExpectedResult = Success 491HandshakeMode = RenegotiateClient 492Method = TLS 493ResumptionExpected = Yes 494 495 496# =========================================================== 497 498[16-no-client-renegotiation] 499ssl_conf = 16-no-client-renegotiation-ssl 500 501[16-no-client-renegotiation-ssl] 502server = 16-no-client-renegotiation-server 503client = 16-no-client-renegotiation-client 504 505[16-no-client-renegotiation-server] 506Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 507CipherString = DEFAULT 508MaxProtocol = TLSv1.2 509Options = -ClientRenegotiation 510PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 511 512[16-no-client-renegotiation-client] 513CipherString = DEFAULT 514MaxProtocol = TLSv1.2 515VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 516VerifyMode = Peer 517 518[test-16] 519ExpectedResult = ClientFail 520ExpectedServerAlert = NoRenegotiation 521HandshakeMode = RenegotiateClient 522Method = TLS 523ResumptionExpected = No 524 525 526