1# Generated with generate_ssl_tests.pl 2 3num_tests = 18 4 5test-0 = 0-renegotiate-client-no-resume 6test-1 = 1-renegotiate-client-resume 7test-2 = 2-renegotiate-server-no-resume 8test-3 = 3-renegotiate-server-resume 9test-4 = 4-renegotiate-client-auth-require 10test-5 = 5-renegotiate-client-auth-once 11test-6 = 6-renegotiate-client-legacy-connect 12test-7 = 7-renegotiate-aead-to-non-aead 13test-8 = 8-renegotiate-non-aead-to-aead 14test-9 = 9-renegotiate-non-aead-to-non-aead 15test-10 = 10-renegotiate-aead-to-aead 16test-11 = 11-no-renegotiation-server-by-client 17test-12 = 12-no-renegotiation-server-by-server 18test-13 = 13-no-renegotiation-client-by-server 19test-14 = 14-no-renegotiation-client-by-client 20test-15 = 15-no-extms-on-renegotiation 21test-16 = 16-allow-client-renegotiation 22test-17 = 17-no-client-renegotiation 23# =========================================================== 24 25[0-renegotiate-client-no-resume] 26ssl_conf = 0-renegotiate-client-no-resume-ssl 27 28[0-renegotiate-client-no-resume-ssl] 29server = 0-renegotiate-client-no-resume-server 30client = 0-renegotiate-client-no-resume-client 31 32[0-renegotiate-client-no-resume-server] 33Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 34CipherString = DEFAULT 35MaxProtocol = TLSv1.2 36Options = NoResumptionOnRenegotiation 37PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 38 39[0-renegotiate-client-no-resume-client] 40CipherString = DEFAULT 41VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 42VerifyMode = Peer 43 44[test-0] 45ExpectedResult = Success 46HandshakeMode = RenegotiateClient 47Method = TLS 48ResumptionExpected = No 49 50 51# =========================================================== 52 53[1-renegotiate-client-resume] 54ssl_conf = 1-renegotiate-client-resume-ssl 55 56[1-renegotiate-client-resume-ssl] 57server = 1-renegotiate-client-resume-server 58client = 1-renegotiate-client-resume-client 59 60[1-renegotiate-client-resume-server] 61Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 62CipherString = DEFAULT 63MaxProtocol = TLSv1.2 64PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 65 66[1-renegotiate-client-resume-client] 67CipherString = DEFAULT 68VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 69VerifyMode = Peer 70 71[test-1] 72ExpectedResult = Success 73HandshakeMode = RenegotiateClient 74Method = TLS 75ResumptionExpected = Yes 76 77 78# =========================================================== 79 80[2-renegotiate-server-no-resume] 81ssl_conf = 2-renegotiate-server-no-resume-ssl 82 83[2-renegotiate-server-no-resume-ssl] 84server = 2-renegotiate-server-no-resume-server 85client = 2-renegotiate-server-no-resume-client 86 87[2-renegotiate-server-no-resume-server] 88Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 89CipherString = DEFAULT 90MaxProtocol = TLSv1.2 91Options = NoResumptionOnRenegotiation 92PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 93 94[2-renegotiate-server-no-resume-client] 95CipherString = DEFAULT 96VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 97VerifyMode = Peer 98 99[test-2] 100ExpectedResult = Success 101HandshakeMode = RenegotiateServer 102Method = TLS 103ResumptionExpected = No 104 105 106# =========================================================== 107 108[3-renegotiate-server-resume] 109ssl_conf = 3-renegotiate-server-resume-ssl 110 111[3-renegotiate-server-resume-ssl] 112server = 3-renegotiate-server-resume-server 113client = 3-renegotiate-server-resume-client 114 115[3-renegotiate-server-resume-server] 116Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 117CipherString = DEFAULT 118MaxProtocol = TLSv1.2 119PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 120 121[3-renegotiate-server-resume-client] 122CipherString = DEFAULT 123VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 124VerifyMode = Peer 125 126[test-3] 127ExpectedResult = Success 128HandshakeMode = RenegotiateServer 129Method = TLS 130ResumptionExpected = Yes 131 132 133# =========================================================== 134 135[4-renegotiate-client-auth-require] 136ssl_conf = 4-renegotiate-client-auth-require-ssl 137 138[4-renegotiate-client-auth-require-ssl] 139server = 4-renegotiate-client-auth-require-server 140client = 4-renegotiate-client-auth-require-client 141 142[4-renegotiate-client-auth-require-server] 143Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 144CipherString = DEFAULT 145MaxProtocol = TLSv1.2 146Options = NoResumptionOnRenegotiation 147PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 148VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 149VerifyMode = Require 150 151[4-renegotiate-client-auth-require-client] 152Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 153CipherString = DEFAULT 154PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 155VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 156VerifyMode = Peer 157 158[test-4] 159ExpectedResult = Success 160HandshakeMode = RenegotiateServer 161Method = TLS 162ResumptionExpected = No 163 164 165# =========================================================== 166 167[5-renegotiate-client-auth-once] 168ssl_conf = 5-renegotiate-client-auth-once-ssl 169 170[5-renegotiate-client-auth-once-ssl] 171server = 5-renegotiate-client-auth-once-server 172client = 5-renegotiate-client-auth-once-client 173 174[5-renegotiate-client-auth-once-server] 175Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 176CipherString = DEFAULT 177MaxProtocol = TLSv1.2 178Options = NoResumptionOnRenegotiation 179PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 180VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 181VerifyMode = Once 182 183[5-renegotiate-client-auth-once-client] 184Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 185CipherString = DEFAULT 186PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 187VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 188VerifyMode = Peer 189 190[test-5] 191ExpectedResult = Success 192HandshakeMode = RenegotiateServer 193Method = TLS 194ResumptionExpected = No 195 196 197# =========================================================== 198 199[6-renegotiate-client-legacy-connect] 200ssl_conf = 6-renegotiate-client-legacy-connect-ssl 201 202[6-renegotiate-client-legacy-connect-ssl] 203server = 6-renegotiate-client-legacy-connect-server 204client = 6-renegotiate-client-legacy-connect-client 205 206[6-renegotiate-client-legacy-connect-server] 207Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 208CipherString = DEFAULT 209MaxProtocol = TLSv1.2 210PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 211 212[6-renegotiate-client-legacy-connect-client] 213CipherString = DEFAULT 214Options = UnsafeLegacyServerConnect 215VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 216VerifyMode = Peer 217 218[test-6] 219ExpectedResult = Success 220HandshakeMode = RenegotiateClient 221Method = TLS 222ResumptionExpected = Yes 223 224 225# =========================================================== 226 227[7-renegotiate-aead-to-non-aead] 228ssl_conf = 7-renegotiate-aead-to-non-aead-ssl 229 230[7-renegotiate-aead-to-non-aead-ssl] 231server = 7-renegotiate-aead-to-non-aead-server 232client = 7-renegotiate-aead-to-non-aead-client 233 234[7-renegotiate-aead-to-non-aead-server] 235Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 236CipherString = DEFAULT 237Options = NoResumptionOnRenegotiation 238PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 239 240[7-renegotiate-aead-to-non-aead-client] 241CipherString = AES128-GCM-SHA256 242MaxProtocol = TLSv1.2 243VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 244VerifyMode = Peer 245 246[test-7] 247ExpectedResult = Success 248HandshakeMode = RenegotiateClient 249Method = TLS 250ResumptionExpected = No 251client = 7-renegotiate-aead-to-non-aead-client-extra 252 253[7-renegotiate-aead-to-non-aead-client-extra] 254RenegotiateCiphers = AES128-SHA 255 256 257# =========================================================== 258 259[8-renegotiate-non-aead-to-aead] 260ssl_conf = 8-renegotiate-non-aead-to-aead-ssl 261 262[8-renegotiate-non-aead-to-aead-ssl] 263server = 8-renegotiate-non-aead-to-aead-server 264client = 8-renegotiate-non-aead-to-aead-client 265 266[8-renegotiate-non-aead-to-aead-server] 267Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 268CipherString = DEFAULT 269Options = NoResumptionOnRenegotiation 270PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 271 272[8-renegotiate-non-aead-to-aead-client] 273CipherString = AES128-SHA 274MaxProtocol = TLSv1.2 275VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 276VerifyMode = Peer 277 278[test-8] 279ExpectedResult = Success 280HandshakeMode = RenegotiateClient 281Method = TLS 282ResumptionExpected = No 283client = 8-renegotiate-non-aead-to-aead-client-extra 284 285[8-renegotiate-non-aead-to-aead-client-extra] 286RenegotiateCiphers = AES128-GCM-SHA256 287 288 289# =========================================================== 290 291[9-renegotiate-non-aead-to-non-aead] 292ssl_conf = 9-renegotiate-non-aead-to-non-aead-ssl 293 294[9-renegotiate-non-aead-to-non-aead-ssl] 295server = 9-renegotiate-non-aead-to-non-aead-server 296client = 9-renegotiate-non-aead-to-non-aead-client 297 298[9-renegotiate-non-aead-to-non-aead-server] 299Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 300CipherString = DEFAULT 301Options = NoResumptionOnRenegotiation 302PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 303 304[9-renegotiate-non-aead-to-non-aead-client] 305CipherString = AES128-SHA 306MaxProtocol = TLSv1.2 307VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 308VerifyMode = Peer 309 310[test-9] 311ExpectedResult = Success 312HandshakeMode = RenegotiateClient 313Method = TLS 314ResumptionExpected = No 315client = 9-renegotiate-non-aead-to-non-aead-client-extra 316 317[9-renegotiate-non-aead-to-non-aead-client-extra] 318RenegotiateCiphers = AES256-SHA 319 320 321# =========================================================== 322 323[10-renegotiate-aead-to-aead] 324ssl_conf = 10-renegotiate-aead-to-aead-ssl 325 326[10-renegotiate-aead-to-aead-ssl] 327server = 10-renegotiate-aead-to-aead-server 328client = 10-renegotiate-aead-to-aead-client 329 330[10-renegotiate-aead-to-aead-server] 331Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 332CipherString = DEFAULT 333Options = NoResumptionOnRenegotiation 334PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 335 336[10-renegotiate-aead-to-aead-client] 337CipherString = AES128-GCM-SHA256 338MaxProtocol = TLSv1.2 339VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 340VerifyMode = Peer 341 342[test-10] 343ExpectedResult = Success 344HandshakeMode = RenegotiateClient 345Method = TLS 346ResumptionExpected = No 347client = 10-renegotiate-aead-to-aead-client-extra 348 349[10-renegotiate-aead-to-aead-client-extra] 350RenegotiateCiphers = AES256-GCM-SHA384 351 352 353# =========================================================== 354 355[11-no-renegotiation-server-by-client] 356ssl_conf = 11-no-renegotiation-server-by-client-ssl 357 358[11-no-renegotiation-server-by-client-ssl] 359server = 11-no-renegotiation-server-by-client-server 360client = 11-no-renegotiation-server-by-client-client 361 362[11-no-renegotiation-server-by-client-server] 363Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 364CipherString = DEFAULT 365MaxProtocol = TLSv1.2 366Options = NoRenegotiation 367PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 368 369[11-no-renegotiation-server-by-client-client] 370CipherString = DEFAULT 371VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 372VerifyMode = Peer 373 374[test-11] 375ExpectedResult = ClientFail 376HandshakeMode = RenegotiateClient 377Method = TLS 378ResumptionExpected = No 379 380 381# =========================================================== 382 383[12-no-renegotiation-server-by-server] 384ssl_conf = 12-no-renegotiation-server-by-server-ssl 385 386[12-no-renegotiation-server-by-server-ssl] 387server = 12-no-renegotiation-server-by-server-server 388client = 12-no-renegotiation-server-by-server-client 389 390[12-no-renegotiation-server-by-server-server] 391Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 392CipherString = DEFAULT 393MaxProtocol = TLSv1.2 394Options = NoRenegotiation 395PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 396 397[12-no-renegotiation-server-by-server-client] 398CipherString = DEFAULT 399VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 400VerifyMode = Peer 401 402[test-12] 403ExpectedResult = ServerFail 404HandshakeMode = RenegotiateServer 405Method = TLS 406ResumptionExpected = No 407 408 409# =========================================================== 410 411[13-no-renegotiation-client-by-server] 412ssl_conf = 13-no-renegotiation-client-by-server-ssl 413 414[13-no-renegotiation-client-by-server-ssl] 415server = 13-no-renegotiation-client-by-server-server 416client = 13-no-renegotiation-client-by-server-client 417 418[13-no-renegotiation-client-by-server-server] 419Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 420CipherString = DEFAULT 421MaxProtocol = TLSv1.2 422PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 423 424[13-no-renegotiation-client-by-server-client] 425CipherString = DEFAULT 426Options = NoRenegotiation 427VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 428VerifyMode = Peer 429 430[test-13] 431ExpectedResult = ServerFail 432HandshakeMode = RenegotiateServer 433Method = TLS 434ResumptionExpected = No 435 436 437# =========================================================== 438 439[14-no-renegotiation-client-by-client] 440ssl_conf = 14-no-renegotiation-client-by-client-ssl 441 442[14-no-renegotiation-client-by-client-ssl] 443server = 14-no-renegotiation-client-by-client-server 444client = 14-no-renegotiation-client-by-client-client 445 446[14-no-renegotiation-client-by-client-server] 447Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 448CipherString = DEFAULT 449MaxProtocol = TLSv1.2 450PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 451 452[14-no-renegotiation-client-by-client-client] 453CipherString = DEFAULT 454Options = NoRenegotiation 455VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 456VerifyMode = Peer 457 458[test-14] 459ExpectedResult = ClientFail 460HandshakeMode = RenegotiateClient 461Method = TLS 462ResumptionExpected = No 463 464 465# =========================================================== 466 467[15-no-extms-on-renegotiation] 468ssl_conf = 15-no-extms-on-renegotiation-ssl 469 470[15-no-extms-on-renegotiation-ssl] 471server = 15-no-extms-on-renegotiation-server 472client = 15-no-extms-on-renegotiation-client 473 474[15-no-extms-on-renegotiation-server] 475Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 476CipherString = DEFAULT 477MaxProtocol = TLSv1.2 478PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 479 480[15-no-extms-on-renegotiation-client] 481CipherString = DEFAULT 482MaxProtocol = TLSv1.2 483VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 484VerifyMode = Peer 485 486[test-15] 487ExpectedResult = ServerFail 488HandshakeMode = RenegotiateClient 489Method = TLS 490ResumptionExpected = No 491client = 15-no-extms-on-renegotiation-client-extra 492 493[15-no-extms-on-renegotiation-client-extra] 494RenegotiateNoExtms = Yes 495 496 497# =========================================================== 498 499[16-allow-client-renegotiation] 500ssl_conf = 16-allow-client-renegotiation-ssl 501 502[16-allow-client-renegotiation-ssl] 503server = 16-allow-client-renegotiation-server 504client = 16-allow-client-renegotiation-client 505 506[16-allow-client-renegotiation-server] 507Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 508CipherString = DEFAULT 509MaxProtocol = TLSv1.2 510PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 511 512[16-allow-client-renegotiation-client] 513CipherString = DEFAULT 514MaxProtocol = TLSv1.2 515VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 516VerifyMode = Peer 517 518[test-16] 519ExpectedResult = Success 520HandshakeMode = RenegotiateClient 521Method = TLS 522ResumptionExpected = Yes 523 524 525# =========================================================== 526 527[17-no-client-renegotiation] 528ssl_conf = 17-no-client-renegotiation-ssl 529 530[17-no-client-renegotiation-ssl] 531server = 17-no-client-renegotiation-server 532client = 17-no-client-renegotiation-client 533 534[17-no-client-renegotiation-server] 535Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 536CipherString = DEFAULT 537MaxProtocol = TLSv1.2 538Options = -ClientRenegotiation 539PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 540 541[17-no-client-renegotiation-client] 542CipherString = DEFAULT 543MaxProtocol = TLSv1.2 544VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 545VerifyMode = Peer 546 547[test-17] 548ExpectedResult = ClientFail 549ExpectedServerAlert = NoRenegotiation 550HandshakeMode = RenegotiateClient 551Method = TLS 552ResumptionExpected = No 553 554 555