2 # Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the OpenSSL license (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
16 use OpenSSL::Test::Utils;
20 name => "renegotiate-client-no-resume",
22 "Options" => "NoResumptionOnRenegotiation"
27 "HandshakeMode" => "RenegotiateClient",
28 "ResumptionExpected" => "No",
29 "ExpectedResult" => "Success"
33 name => "renegotiate-client-resume",
38 "HandshakeMode" => "RenegotiateClient",
39 "ResumptionExpected" => "Yes",
40 "ExpectedResult" => "Success"
44 name => "renegotiate-server-no-resume",
46 "Options" => "NoResumptionOnRenegotiation"
51 "HandshakeMode" => "RenegotiateServer",
52 "ResumptionExpected" => "No",
53 "ExpectedResult" => "Success"
57 name => "renegotiate-server-resume",
62 "HandshakeMode" => "RenegotiateServer",
63 "ResumptionExpected" => "Yes",
64 "ExpectedResult" => "Success"
68 name => "renegotiate-client-auth-require",
70 "Options" => "NoResumptionOnRenegotiation",
71 "MaxProtocol" => "TLSv1.2",
72 "VerifyCAFile" => test_pem("root-cert.pem"),
73 "VerifyMode" => "Require",
76 "Certificate" => test_pem("ee-client-chain.pem"),
77 "PrivateKey" => test_pem("ee-key.pem"),
81 "HandshakeMode" => "RenegotiateServer",
82 "ResumptionExpected" => "No",
83 "ExpectedResult" => "Success"
87 name => "renegotiate-client-auth-once",
89 "Options" => "NoResumptionOnRenegotiation",
90 "MaxProtocol" => "TLSv1.2",
91 "VerifyCAFile" => test_pem("root-cert.pem"),
92 "VerifyMode" => "Once",
95 "Certificate" => test_pem("ee-client-chain.pem"),
96 "PrivateKey" => test_pem("ee-key.pem"),
100 "HandshakeMode" => "RenegotiateServer",
101 "ResumptionExpected" => "No",
102 "ExpectedResult" => "Success"
106 our @tests_tls1_2 = (
108 name => "renegotiate-aead-to-non-aead",
110 "Options" => "NoResumptionOnRenegotiation",
111 "MaxProtocol" => "TLSv1.2"
114 "CipherString" => "AES128-GCM-SHA256",
116 "RenegotiateCiphers" => "AES128-SHA"
121 "HandshakeMode" => "RenegotiateClient",
122 "ResumptionExpected" => "No",
123 "ExpectedResult" => "Success"
127 name => "renegotiate-non-aead-to-aead",
129 "Options" => "NoResumptionOnRenegotiation",
130 "MaxProtocol" => "TLSv1.2"
133 "CipherString" => "AES128-SHA",
135 "RenegotiateCiphers" => "AES128-GCM-SHA256"
140 "HandshakeMode" => "RenegotiateClient",
141 "ResumptionExpected" => "No",
142 "ExpectedResult" => "Success"
146 name => "renegotiate-non-aead-to-non-aead",
148 "Options" => "NoResumptionOnRenegotiation",
149 "MaxProtocol" => "TLSv1.2"
152 "CipherString" => "AES128-SHA",
154 "RenegotiateCiphers" => "AES256-SHA"
159 "HandshakeMode" => "RenegotiateClient",
160 "ResumptionExpected" => "No",
161 "ExpectedResult" => "Success"
165 name => "renegotiate-aead-to-aead",
167 "Options" => "NoResumptionOnRenegotiation",
168 "MaxProtocol" => "TLSv1.2"
171 "CipherString" => "AES128-GCM-SHA256",
173 "RenegotiateCiphers" => "AES256-GCM-SHA384"
178 "HandshakeMode" => "RenegotiateClient",
179 "ResumptionExpected" => "No",
180 "ExpectedResult" => "Success"
184 name => "no-renegotiation-server-by-client",
186 "Options" => "NoRenegotiation",
187 "MaxProtocol" => "TLSv1.2"
192 "HandshakeMode" => "RenegotiateClient",
193 "ResumptionExpected" => "No",
194 "ExpectedResult" => "ClientFail"
198 name => "no-renegotiation-server-by-server",
200 "Options" => "NoRenegotiation",
201 "MaxProtocol" => "TLSv1.2"
206 "HandshakeMode" => "RenegotiateServer",
207 "ResumptionExpected" => "No",
208 "ExpectedResult" => "ServerFail"
212 name => "no-renegotiation-client-by-server",
214 "MaxProtocol" => "TLSv1.2"
217 "Options" => "NoRenegotiation",
221 "HandshakeMode" => "RenegotiateServer",
222 "ResumptionExpected" => "No",
223 "ExpectedResult" => "ServerFail"
227 name => "no-renegotiation-client-by-client",
229 "MaxProtocol" => "TLSv1.2"
232 "Options" => "NoRenegotiation",
236 "HandshakeMode" => "RenegotiateClient",
237 "ResumptionExpected" => "No",
238 "ExpectedResult" => "ClientFail"
243 push @tests, @tests_tls1_2 unless disabled("tls1_2");