test/ssl-tests/17-renegotiate.conf

   1 # Generated with generate_ssl_tests.pl
   2
   3 num_tests = 14
   4
   5 test-0 = 0-renegotiate-client-no-resume
   6 test-1 = 1-renegotiate-client-resume
   7 test-2 = 2-renegotiate-server-no-resume
   8 test-3 = 3-renegotiate-server-resume
   9 test-4 = 4-renegotiate-client-auth-require
  10 test-5 = 5-renegotiate-client-auth-once
  11 test-6 = 6-renegotiate-aead-to-non-aead
  12 test-7 = 7-renegotiate-non-aead-to-aead
  13 test-8 = 8-renegotiate-non-aead-to-non-aead
  14 test-9 = 9-renegotiate-aead-to-aead
  15 test-10 = 10-no-renegotiation-server-by-client
  16 test-11 = 11-no-renegotiation-server-by-server
  17 test-12 = 12-no-renegotiation-client-by-server
  18 test-13 = 13-no-renegotiation-client-by-client
  19 # ===========================================================
  20
  21 [0-renegotiate-client-no-resume]
  22 ssl_conf = 0-renegotiate-client-no-resume-ssl
  23
  24 [0-renegotiate-client-no-resume-ssl]
  25 server = 0-renegotiate-client-no-resume-server
  26 client = 0-renegotiate-client-no-resume-client
  27
  28 [0-renegotiate-client-no-resume-server]
  29 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  30 CipherString = DEFAULT
  31 Options = NoResumptionOnRenegotiation
  32 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  33
  34 [0-renegotiate-client-no-resume-client]
  35 CipherString = DEFAULT
  36 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  37 VerifyMode = Peer
  38
  39 [test-0]
  40 ExpectedResult = Success
  41 HandshakeMode = RenegotiateClient
  42 Method = TLS
  43 ResumptionExpected = No
  44
  45
  46 # ===========================================================
  47
  48 [1-renegotiate-client-resume]
  49 ssl_conf = 1-renegotiate-client-resume-ssl
  50
  51 [1-renegotiate-client-resume-ssl]
  52 server = 1-renegotiate-client-resume-server
  53 client = 1-renegotiate-client-resume-client
  54
  55 [1-renegotiate-client-resume-server]
  56 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  57 CipherString = DEFAULT
  58 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  59
  60 [1-renegotiate-client-resume-client]
  61 CipherString = DEFAULT
  62 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  63 VerifyMode = Peer
  64
  65 [test-1]
  66 ExpectedResult = Success
  67 HandshakeMode = RenegotiateClient
  68 Method = TLS
  69 ResumptionExpected = Yes
  70
  71
  72 # ===========================================================
  73
  74 [2-renegotiate-server-no-resume]
  75 ssl_conf = 2-renegotiate-server-no-resume-ssl
  76
  77 [2-renegotiate-server-no-resume-ssl]
  78 server = 2-renegotiate-server-no-resume-server
  79 client = 2-renegotiate-server-no-resume-client
  80
  81 [2-renegotiate-server-no-resume-server]
  82 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  83 CipherString = DEFAULT
  84 Options = NoResumptionOnRenegotiation
  85 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  86
  87 [2-renegotiate-server-no-resume-client]
  88 CipherString = DEFAULT
  89 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  90 VerifyMode = Peer
  91
  92 [test-2]
  93 ExpectedResult = Success
  94 HandshakeMode = RenegotiateServer
  95 Method = TLS
  96 ResumptionExpected = No
  97
  98
  99 # ===========================================================
 100
 101 [3-renegotiate-server-resume]
 102 ssl_conf = 3-renegotiate-server-resume-ssl
 103
 104 [3-renegotiate-server-resume-ssl]
 105 server = 3-renegotiate-server-resume-server
 106 client = 3-renegotiate-server-resume-client
 107
 108 [3-renegotiate-server-resume-server]
 109 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 110 CipherString = DEFAULT
 111 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 112
 113 [3-renegotiate-server-resume-client]
 114 CipherString = DEFAULT
 115 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 116 VerifyMode = Peer
 117
 118 [test-3]
 119 ExpectedResult = Success
 120 HandshakeMode = RenegotiateServer
 121 Method = TLS
 122 ResumptionExpected = Yes
 123
 124
 125 # ===========================================================
 126
 127 [4-renegotiate-client-auth-require]
 128 ssl_conf = 4-renegotiate-client-auth-require-ssl
 129
 130 [4-renegotiate-client-auth-require-ssl]
 131 server = 4-renegotiate-client-auth-require-server
 132 client = 4-renegotiate-client-auth-require-client
 133
 134 [4-renegotiate-client-auth-require-server]
 135 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 136 CipherString = DEFAULT
 137 MaxProtocol = TLSv1.2
 138 Options = NoResumptionOnRenegotiation
 139 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 140 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 141 VerifyMode = Require
 142
 143 [4-renegotiate-client-auth-require-client]
 144 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
 145 CipherString = DEFAULT
 146 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 147 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 148 VerifyMode = Peer
 149
 150 [test-4]
 151 ExpectedResult = Success
 152 HandshakeMode = RenegotiateServer
 153 Method = TLS
 154 ResumptionExpected = No
 155
 156
 157 # ===========================================================
 158
 159 [5-renegotiate-client-auth-once]
 160 ssl_conf = 5-renegotiate-client-auth-once-ssl
 161
 162 [5-renegotiate-client-auth-once-ssl]
 163 server = 5-renegotiate-client-auth-once-server
 164 client = 5-renegotiate-client-auth-once-client
 165
 166 [5-renegotiate-client-auth-once-server]
 167 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 168 CipherString = DEFAULT
 169 MaxProtocol = TLSv1.2
 170 Options = NoResumptionOnRenegotiation
 171 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 172 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 173 VerifyMode = Once
 174
 175 [5-renegotiate-client-auth-once-client]
 176 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
 177 CipherString = DEFAULT
 178 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 179 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 180 VerifyMode = Peer
 181
 182 [test-5]
 183 ExpectedResult = Success
 184 HandshakeMode = RenegotiateServer
 185 Method = TLS
 186 ResumptionExpected = No
 187
 188
 189 # ===========================================================
 190
 191 [6-renegotiate-aead-to-non-aead]
 192 ssl_conf = 6-renegotiate-aead-to-non-aead-ssl
 193
 194 [6-renegotiate-aead-to-non-aead-ssl]
 195 server = 6-renegotiate-aead-to-non-aead-server
 196 client = 6-renegotiate-aead-to-non-aead-client
 197
 198 [6-renegotiate-aead-to-non-aead-server]
 199 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 200 CipherString = DEFAULT
 201 MaxProtocol = TLSv1.2
 202 Options = NoResumptionOnRenegotiation
 203 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 204
 205 [6-renegotiate-aead-to-non-aead-client]
 206 CipherString = AES128-GCM-SHA256
 207 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 208 VerifyMode = Peer
 209
 210 [test-6]
 211 ExpectedResult = Success
 212 HandshakeMode = RenegotiateClient
 213 Method = TLS
 214 ResumptionExpected = No
 215 client = 6-renegotiate-aead-to-non-aead-client-extra
 216
 217 [6-renegotiate-aead-to-non-aead-client-extra]
 218 RenegotiateCiphers = AES128-SHA
 219
 220
 221 # ===========================================================
 222
 223 [7-renegotiate-non-aead-to-aead]
 224 ssl_conf = 7-renegotiate-non-aead-to-aead-ssl
 225
 226 [7-renegotiate-non-aead-to-aead-ssl]
 227 server = 7-renegotiate-non-aead-to-aead-server
 228 client = 7-renegotiate-non-aead-to-aead-client
 229
 230 [7-renegotiate-non-aead-to-aead-server]
 231 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 232 CipherString = DEFAULT
 233 MaxProtocol = TLSv1.2
 234 Options = NoResumptionOnRenegotiation
 235 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 236
 237 [7-renegotiate-non-aead-to-aead-client]
 238 CipherString = AES128-SHA
 239 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 240 VerifyMode = Peer
 241
 242 [test-7]
 243 ExpectedResult = Success
 244 HandshakeMode = RenegotiateClient
 245 Method = TLS
 246 ResumptionExpected = No
 247 client = 7-renegotiate-non-aead-to-aead-client-extra
 248
 249 [7-renegotiate-non-aead-to-aead-client-extra]
 250 RenegotiateCiphers = AES128-GCM-SHA256
 251
 252
 253 # ===========================================================
 254
 255 [8-renegotiate-non-aead-to-non-aead]
 256 ssl_conf = 8-renegotiate-non-aead-to-non-aead-ssl
 257
 258 [8-renegotiate-non-aead-to-non-aead-ssl]
 259 server = 8-renegotiate-non-aead-to-non-aead-server
 260 client = 8-renegotiate-non-aead-to-non-aead-client
 261
 262 [8-renegotiate-non-aead-to-non-aead-server]
 263 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 264 CipherString = DEFAULT
 265 MaxProtocol = TLSv1.2
 266 Options = NoResumptionOnRenegotiation
 267 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 268
 269 [8-renegotiate-non-aead-to-non-aead-client]
 270 CipherString = AES128-SHA
 271 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 272 VerifyMode = Peer
 273
 274 [test-8]
 275 ExpectedResult = Success
 276 HandshakeMode = RenegotiateClient
 277 Method = TLS
 278 ResumptionExpected = No
 279 client = 8-renegotiate-non-aead-to-non-aead-client-extra
 280
 281 [8-renegotiate-non-aead-to-non-aead-client-extra]
 282 RenegotiateCiphers = AES256-SHA
 283
 284
 285 # ===========================================================
 286
 287 [9-renegotiate-aead-to-aead]
 288 ssl_conf = 9-renegotiate-aead-to-aead-ssl
 289
 290 [9-renegotiate-aead-to-aead-ssl]
 291 server = 9-renegotiate-aead-to-aead-server
 292 client = 9-renegotiate-aead-to-aead-client
 293
 294 [9-renegotiate-aead-to-aead-server]
 295 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 296 CipherString = DEFAULT
 297 MaxProtocol = TLSv1.2
 298 Options = NoResumptionOnRenegotiation
 299 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 300
 301 [9-renegotiate-aead-to-aead-client]
 302 CipherString = AES128-GCM-SHA256
 303 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 304 VerifyMode = Peer
 305
 306 [test-9]
 307 ExpectedResult = Success
 308 HandshakeMode = RenegotiateClient
 309 Method = TLS
 310 ResumptionExpected = No
 311 client = 9-renegotiate-aead-to-aead-client-extra
 312
 313 [9-renegotiate-aead-to-aead-client-extra]
 314 RenegotiateCiphers = AES256-GCM-SHA384
 315
 316
 317 # ===========================================================
 318
 319 [10-no-renegotiation-server-by-client]
 320 ssl_conf = 10-no-renegotiation-server-by-client-ssl
 321
 322 [10-no-renegotiation-server-by-client-ssl]
 323 server = 10-no-renegotiation-server-by-client-server
 324 client = 10-no-renegotiation-server-by-client-client
 325
 326 [10-no-renegotiation-server-by-client-server]
 327 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 328 CipherString = DEFAULT
 329 MaxProtocol = TLSv1.2
 330 Options = NoRenegotiation
 331 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 332
 333 [10-no-renegotiation-server-by-client-client]
 334 CipherString = DEFAULT
 335 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 336 VerifyMode = Peer
 337
 338 [test-10]
 339 ExpectedResult = ClientFail
 340 HandshakeMode = RenegotiateClient
 341 Method = TLS
 342 ResumptionExpected = No
 343
 344
 345 # ===========================================================
 346
 347 [11-no-renegotiation-server-by-server]
 348 ssl_conf = 11-no-renegotiation-server-by-server-ssl
 349
 350 [11-no-renegotiation-server-by-server-ssl]
 351 server = 11-no-renegotiation-server-by-server-server
 352 client = 11-no-renegotiation-server-by-server-client
 353
 354 [11-no-renegotiation-server-by-server-server]
 355 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 356 CipherString = DEFAULT
 357 MaxProtocol = TLSv1.2
 358 Options = NoRenegotiation
 359 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 360
 361 [11-no-renegotiation-server-by-server-client]
 362 CipherString = DEFAULT
 363 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 364 VerifyMode = Peer
 365
 366 [test-11]
 367 ExpectedResult = ServerFail
 368 HandshakeMode = RenegotiateServer
 369 Method = TLS
 370 ResumptionExpected = No
 371
 372
 373 # ===========================================================
 374
 375 [12-no-renegotiation-client-by-server]
 376 ssl_conf = 12-no-renegotiation-client-by-server-ssl
 377
 378 [12-no-renegotiation-client-by-server-ssl]
 379 server = 12-no-renegotiation-client-by-server-server
 380 client = 12-no-renegotiation-client-by-server-client
 381
 382 [12-no-renegotiation-client-by-server-server]
 383 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 384 CipherString = DEFAULT
 385 MaxProtocol = TLSv1.2
 386 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 387
 388 [12-no-renegotiation-client-by-server-client]
 389 CipherString = DEFAULT
 390 Options = NoRenegotiation
 391 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 392 VerifyMode = Peer
 393
 394 [test-12]
 395 ExpectedResult = ServerFail
 396 HandshakeMode = RenegotiateServer
 397 Method = TLS
 398 ResumptionExpected = No
 399
 400
 401 # ===========================================================
 402
 403 [13-no-renegotiation-client-by-client]
 404 ssl_conf = 13-no-renegotiation-client-by-client-ssl
 405
 406 [13-no-renegotiation-client-by-client-ssl]
 407 server = 13-no-renegotiation-client-by-client-server
 408 client = 13-no-renegotiation-client-by-client-client
 409
 410 [13-no-renegotiation-client-by-client-server]
 411 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 412 CipherString = DEFAULT
 413 MaxProtocol = TLSv1.2
 414 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 415
 416 [13-no-renegotiation-client-by-client-client]
 417 CipherString = DEFAULT
 418 Options = NoRenegotiation
 419 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 420 VerifyMode = Peer
 421
 422 [test-13]
 423 ExpectedResult = ClientFail
 424 HandshakeMode = RenegotiateClient
 425 Method = TLS
 426 ResumptionExpected = No
 427
 428