package ssltests;
use OpenSSL::Test::Utils;
+our $fips_mode;
+
our @tests = ();
foreach my $sctp ("No", "Yes")
{
next if disabled("sctp") && $sctp eq "Yes";
+ next if disabled("dtls1_2") && $fips_mode;
my $suffix = ($sctp eq "No") ? "" : "-sctp";
our @tests_basic = (
{
name => "renegotiate-client-no-resume".$suffix,
server => {
+ "CipherString" => 'DEFAULT:@SECLEVEL=0',
"Options" => "NoResumptionOnRenegotiation"
},
- client => {},
+ client => {
+ "CipherString" => 'DEFAULT:@SECLEVEL=0'
+ },
test => {
"Method" => "DTLS",
"UseSCTP" => $sctp,
},
{
name => "renegotiate-client-resume".$suffix,
- server => {},
- client => {},
+ server => {
+ "CipherString" => 'DEFAULT:@SECLEVEL=0'
+ },
+ client => {
+ "CipherString" => 'DEFAULT:@SECLEVEL=0'
+ },
test => {
"Method" => "DTLS",
"UseSCTP" => $sctp,
# and if so, what to?
{
name => "renegotiate-server-resume".$suffix,
- server => {},
- client => {},
+ server => {
+ "CipherString" => 'DEFAULT:@SECLEVEL=0'
+ },
+ client => {
+ "CipherString" => 'DEFAULT:@SECLEVEL=0'
+ },
test => {
"Method" => "DTLS",
"UseSCTP" => $sctp,
server => {
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Require",
+ "CipherString" => 'DEFAULT:@SECLEVEL=0'
},
client => {
"Certificate" => test_pem("ee-client-chain.pem"),
"PrivateKey" => test_pem("ee-key.pem"),
+ "CipherString" => 'DEFAULT:@SECLEVEL=0'
},
test => {
"Method" => "DTLS",
server => {
"VerifyCAFile" => test_pem("root-cert.pem"),
"VerifyMode" => "Once",
+ "CipherString" => 'DEFAULT:@SECLEVEL=0'
},
client => {
"Certificate" => test_pem("ee-client-chain.pem"),
"PrivateKey" => test_pem("ee-key.pem"),
+ "CipherString" => 'DEFAULT:@SECLEVEL=0'
},
test => {
"Method" => "DTLS",