test/ssl-tests/17-renegotiate.conf

   1 # Generated with generate_ssl_tests.pl
   2
   3 num_tests = 14
   4
   5 test-0 = 0-renegotiate-client-no-resume
   6 test-1 = 1-renegotiate-client-resume
   7 test-2 = 2-renegotiate-server-no-resume
   8 test-3 = 3-renegotiate-server-resume
   9 test-4 = 4-renegotiate-client-auth-require
  10 test-5 = 5-renegotiate-client-auth-once
  11 test-6 = 6-renegotiate-aead-to-non-aead
  12 test-7 = 7-renegotiate-non-aead-to-aead
  13 test-8 = 8-renegotiate-non-aead-to-non-aead
  14 test-9 = 9-renegotiate-aead-to-aead
  15 test-10 = 10-no-renegotiation-server-by-client
  16 test-11 = 11-no-renegotiation-server-by-server
  17 test-12 = 12-no-renegotiation-client-by-server
  18 test-13 = 13-no-renegotiation-client-by-client
  19 # ===========================================================
  20
  21 [0-renegotiate-client-no-resume]
  22 ssl_conf = 0-renegotiate-client-no-resume-ssl
  23
  24 [0-renegotiate-client-no-resume-ssl]
  25 server = 0-renegotiate-client-no-resume-server
  26 client = 0-renegotiate-client-no-resume-client
  27
  28 [0-renegotiate-client-no-resume-server]
  29 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  30 CipherString = DEFAULT
  31 MaxProtocol = TLSv1.2
  32 Options = NoResumptionOnRenegotiation
  33 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  34
  35 [0-renegotiate-client-no-resume-client]
  36 CipherString = DEFAULT
  37 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  38 VerifyMode = Peer
  39
  40 [test-0]
  41 ExpectedResult = Success
  42 HandshakeMode = RenegotiateClient
  43 Method = TLS
  44 ResumptionExpected = No
  45
  46
  47 # ===========================================================
  48
  49 [1-renegotiate-client-resume]
  50 ssl_conf = 1-renegotiate-client-resume-ssl
  51
  52 [1-renegotiate-client-resume-ssl]
  53 server = 1-renegotiate-client-resume-server
  54 client = 1-renegotiate-client-resume-client
  55
  56 [1-renegotiate-client-resume-server]
  57 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  58 CipherString = DEFAULT
  59 MaxProtocol = TLSv1.2
  60 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  61
  62 [1-renegotiate-client-resume-client]
  63 CipherString = DEFAULT
  64 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  65 VerifyMode = Peer
  66
  67 [test-1]
  68 ExpectedResult = Success
  69 HandshakeMode = RenegotiateClient
  70 Method = TLS
  71 ResumptionExpected = Yes
  72
  73
  74 # ===========================================================
  75
  76 [2-renegotiate-server-no-resume]
  77 ssl_conf = 2-renegotiate-server-no-resume-ssl
  78
  79 [2-renegotiate-server-no-resume-ssl]
  80 server = 2-renegotiate-server-no-resume-server
  81 client = 2-renegotiate-server-no-resume-client
  82
  83 [2-renegotiate-server-no-resume-server]
  84 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  85 CipherString = DEFAULT
  86 MaxProtocol = TLSv1.2
  87 Options = NoResumptionOnRenegotiation
  88 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  89
  90 [2-renegotiate-server-no-resume-client]
  91 CipherString = DEFAULT
  92 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  93 VerifyMode = Peer
  94
  95 [test-2]
  96 ExpectedResult = Success
  97 HandshakeMode = RenegotiateServer
  98 Method = TLS
  99 ResumptionExpected = No
 100
 101
 102 # ===========================================================
 103
 104 [3-renegotiate-server-resume]
 105 ssl_conf = 3-renegotiate-server-resume-ssl
 106
 107 [3-renegotiate-server-resume-ssl]
 108 server = 3-renegotiate-server-resume-server
 109 client = 3-renegotiate-server-resume-client
 110
 111 [3-renegotiate-server-resume-server]
 112 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 113 CipherString = DEFAULT
 114 MaxProtocol = TLSv1.2
 115 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 116
 117 [3-renegotiate-server-resume-client]
 118 CipherString = DEFAULT
 119 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 120 VerifyMode = Peer
 121
 122 [test-3]
 123 ExpectedResult = Success
 124 HandshakeMode = RenegotiateServer
 125 Method = TLS
 126 ResumptionExpected = Yes
 127
 128
 129 # ===========================================================
 130
 131 [4-renegotiate-client-auth-require]
 132 ssl_conf = 4-renegotiate-client-auth-require-ssl
 133
 134 [4-renegotiate-client-auth-require-ssl]
 135 server = 4-renegotiate-client-auth-require-server
 136 client = 4-renegotiate-client-auth-require-client
 137
 138 [4-renegotiate-client-auth-require-server]
 139 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 140 CipherString = DEFAULT
 141 MaxProtocol = TLSv1.2
 142 Options = NoResumptionOnRenegotiation
 143 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 144 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 145 VerifyMode = Require
 146
 147 [4-renegotiate-client-auth-require-client]
 148 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
 149 CipherString = DEFAULT
 150 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 151 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 152 VerifyMode = Peer
 153
 154 [test-4]
 155 ExpectedResult = Success
 156 HandshakeMode = RenegotiateServer
 157 Method = TLS
 158 ResumptionExpected = No
 159
 160
 161 # ===========================================================
 162
 163 [5-renegotiate-client-auth-once]
 164 ssl_conf = 5-renegotiate-client-auth-once-ssl
 165
 166 [5-renegotiate-client-auth-once-ssl]
 167 server = 5-renegotiate-client-auth-once-server
 168 client = 5-renegotiate-client-auth-once-client
 169
 170 [5-renegotiate-client-auth-once-server]
 171 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 172 CipherString = DEFAULT
 173 MaxProtocol = TLSv1.2
 174 Options = NoResumptionOnRenegotiation
 175 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 176 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 177 VerifyMode = Once
 178
 179 [5-renegotiate-client-auth-once-client]
 180 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
 181 CipherString = DEFAULT
 182 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 183 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 184 VerifyMode = Peer
 185
 186 [test-5]
 187 ExpectedResult = Success
 188 HandshakeMode = RenegotiateServer
 189 Method = TLS
 190 ResumptionExpected = No
 191
 192
 193 # ===========================================================
 194
 195 [6-renegotiate-aead-to-non-aead]
 196 ssl_conf = 6-renegotiate-aead-to-non-aead-ssl
 197
 198 [6-renegotiate-aead-to-non-aead-ssl]
 199 server = 6-renegotiate-aead-to-non-aead-server
 200 client = 6-renegotiate-aead-to-non-aead-client
 201
 202 [6-renegotiate-aead-to-non-aead-server]
 203 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 204 CipherString = DEFAULT
 205 Options = NoResumptionOnRenegotiation
 206 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 207
 208 [6-renegotiate-aead-to-non-aead-client]
 209 CipherString = AES128-GCM-SHA256
 210 MaxProtocol = TLSv1.2
 211 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 212 VerifyMode = Peer
 213
 214 [test-6]
 215 ExpectedResult = Success
 216 HandshakeMode = RenegotiateClient
 217 Method = TLS
 218 ResumptionExpected = No
 219 client = 6-renegotiate-aead-to-non-aead-client-extra
 220
 221 [6-renegotiate-aead-to-non-aead-client-extra]
 222 RenegotiateCiphers = AES128-SHA
 223
 224
 225 # ===========================================================
 226
 227 [7-renegotiate-non-aead-to-aead]
 228 ssl_conf = 7-renegotiate-non-aead-to-aead-ssl
 229
 230 [7-renegotiate-non-aead-to-aead-ssl]
 231 server = 7-renegotiate-non-aead-to-aead-server
 232 client = 7-renegotiate-non-aead-to-aead-client
 233
 234 [7-renegotiate-non-aead-to-aead-server]
 235 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 236 CipherString = DEFAULT
 237 Options = NoResumptionOnRenegotiation
 238 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 239
 240 [7-renegotiate-non-aead-to-aead-client]
 241 CipherString = AES128-SHA
 242 MaxProtocol = TLSv1.2
 243 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 244 VerifyMode = Peer
 245
 246 [test-7]
 247 ExpectedResult = Success
 248 HandshakeMode = RenegotiateClient
 249 Method = TLS
 250 ResumptionExpected = No
 251 client = 7-renegotiate-non-aead-to-aead-client-extra
 252
 253 [7-renegotiate-non-aead-to-aead-client-extra]
 254 RenegotiateCiphers = AES128-GCM-SHA256
 255
 256
 257 # ===========================================================
 258
 259 [8-renegotiate-non-aead-to-non-aead]
 260 ssl_conf = 8-renegotiate-non-aead-to-non-aead-ssl
 261
 262 [8-renegotiate-non-aead-to-non-aead-ssl]
 263 server = 8-renegotiate-non-aead-to-non-aead-server
 264 client = 8-renegotiate-non-aead-to-non-aead-client
 265
 266 [8-renegotiate-non-aead-to-non-aead-server]
 267 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 268 CipherString = DEFAULT
 269 Options = NoResumptionOnRenegotiation
 270 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 271
 272 [8-renegotiate-non-aead-to-non-aead-client]
 273 CipherString = AES128-SHA
 274 MaxProtocol = TLSv1.2
 275 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 276 VerifyMode = Peer
 277
 278 [test-8]
 279 ExpectedResult = Success
 280 HandshakeMode = RenegotiateClient
 281 Method = TLS
 282 ResumptionExpected = No
 283 client = 8-renegotiate-non-aead-to-non-aead-client-extra
 284
 285 [8-renegotiate-non-aead-to-non-aead-client-extra]
 286 RenegotiateCiphers = AES256-SHA
 287
 288
 289 # ===========================================================
 290
 291 [9-renegotiate-aead-to-aead]
 292 ssl_conf = 9-renegotiate-aead-to-aead-ssl
 293
 294 [9-renegotiate-aead-to-aead-ssl]
 295 server = 9-renegotiate-aead-to-aead-server
 296 client = 9-renegotiate-aead-to-aead-client
 297
 298 [9-renegotiate-aead-to-aead-server]
 299 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 300 CipherString = DEFAULT
 301 Options = NoResumptionOnRenegotiation
 302 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 303
 304 [9-renegotiate-aead-to-aead-client]
 305 CipherString = AES128-GCM-SHA256
 306 MaxProtocol = TLSv1.2
 307 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 308 VerifyMode = Peer
 309
 310 [test-9]
 311 ExpectedResult = Success
 312 HandshakeMode = RenegotiateClient
 313 Method = TLS
 314 ResumptionExpected = No
 315 client = 9-renegotiate-aead-to-aead-client-extra
 316
 317 [9-renegotiate-aead-to-aead-client-extra]
 318 RenegotiateCiphers = AES256-GCM-SHA384
 319
 320
 321 # ===========================================================
 322
 323 [10-no-renegotiation-server-by-client]
 324 ssl_conf = 10-no-renegotiation-server-by-client-ssl
 325
 326 [10-no-renegotiation-server-by-client-ssl]
 327 server = 10-no-renegotiation-server-by-client-server
 328 client = 10-no-renegotiation-server-by-client-client
 329
 330 [10-no-renegotiation-server-by-client-server]
 331 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 332 CipherString = DEFAULT
 333 MaxProtocol = TLSv1.2
 334 Options = NoRenegotiation
 335 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 336
 337 [10-no-renegotiation-server-by-client-client]
 338 CipherString = DEFAULT
 339 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 340 VerifyMode = Peer
 341
 342 [test-10]
 343 ExpectedResult = ClientFail
 344 HandshakeMode = RenegotiateClient
 345 Method = TLS
 346 ResumptionExpected = No
 347
 348
 349 # ===========================================================
 350
 351 [11-no-renegotiation-server-by-server]
 352 ssl_conf = 11-no-renegotiation-server-by-server-ssl
 353
 354 [11-no-renegotiation-server-by-server-ssl]
 355 server = 11-no-renegotiation-server-by-server-server
 356 client = 11-no-renegotiation-server-by-server-client
 357
 358 [11-no-renegotiation-server-by-server-server]
 359 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 360 CipherString = DEFAULT
 361 MaxProtocol = TLSv1.2
 362 Options = NoRenegotiation
 363 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 364
 365 [11-no-renegotiation-server-by-server-client]
 366 CipherString = DEFAULT
 367 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 368 VerifyMode = Peer
 369
 370 [test-11]
 371 ExpectedResult = ServerFail
 372 HandshakeMode = RenegotiateServer
 373 Method = TLS
 374 ResumptionExpected = No
 375
 376
 377 # ===========================================================
 378
 379 [12-no-renegotiation-client-by-server]
 380 ssl_conf = 12-no-renegotiation-client-by-server-ssl
 381
 382 [12-no-renegotiation-client-by-server-ssl]
 383 server = 12-no-renegotiation-client-by-server-server
 384 client = 12-no-renegotiation-client-by-server-client
 385
 386 [12-no-renegotiation-client-by-server-server]
 387 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 388 CipherString = DEFAULT
 389 MaxProtocol = TLSv1.2
 390 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 391
 392 [12-no-renegotiation-client-by-server-client]
 393 CipherString = DEFAULT
 394 Options = NoRenegotiation
 395 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 396 VerifyMode = Peer
 397
 398 [test-12]
 399 ExpectedResult = ServerFail
 400 HandshakeMode = RenegotiateServer
 401 Method = TLS
 402 ResumptionExpected = No
 403
 404
 405 # ===========================================================
 406
 407 [13-no-renegotiation-client-by-client]
 408 ssl_conf = 13-no-renegotiation-client-by-client-ssl
 409
 410 [13-no-renegotiation-client-by-client-ssl]
 411 server = 13-no-renegotiation-client-by-client-server
 412 client = 13-no-renegotiation-client-by-client-client
 413
 414 [13-no-renegotiation-client-by-client-server]
 415 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 416 CipherString = DEFAULT
 417 MaxProtocol = TLSv1.2
 418 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 419
 420 [13-no-renegotiation-client-by-client-client]
 421 CipherString = DEFAULT
 422 Options = NoRenegotiation
 423 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 424 VerifyMode = Peer
 425
 426 [test-13]
 427 ExpectedResult = ClientFail
 428 HandshakeMode = RenegotiateClient
 429 Method = TLS
 430 ResumptionExpected = No
 431
 432