X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=test%2FREADME.ssltest.md;h=288dffa7ac8d3074efd33cf7aaf208c7185e2fd5;hb=dd94c37a5c2f783102b125c620000b9719c662d3;hp=ca6edf54d67b5dfdeaa0f69ead1a64e130b0318d;hpb=1329b952a675c3c445b73b34bf9f09483fbc759c;p=openssl.git diff --git a/test/README.ssltest.md b/test/README.ssltest.md index ca6edf54d6..288dffa7ac 100644 --- a/test/README.ssltest.md +++ b/test/README.ssltest.md @@ -38,7 +38,8 @@ The test section supports the following options * HandshakeMode - which handshake flavour to test: - Simple - plain handshake (default) - Resume - test resumption - - Renegotiate - test renegotiation + - RenegotiateServer - test server initiated renegotiation + - RenegotiateClient - test client initiated renegotiation When HandshakeMode is Resume or Renegotiate, the original handshake is expected to succeed. All configured test expectations are verified against the second @@ -86,6 +87,25 @@ handshake. * ExpectedNPNProtocol, ExpectedALPNProtocol - NPN and ALPN expectations. +* ExpectedTmpKeyType - the expected algorithm or curve of server temp key + +* ExpectedServerCertType, ExpectedClientCertType - the expected algorithm or + curve of server or client certificate + +* ExpectedServerSignHash, ExpectedClientSignHash - the expected + signing hash used by server or client certificate + +* ExpectedServerSignType, ExpectedClientSignType - the expected + signature type used by server or client when signing messages + +* ExpectedClientCANames - for client auth list of CA names the server must + send. If this is "empty" the list is expected to be empty otherwise it + is a file of certificates whose subject names form the list. + +* ExpectedServerCANames - list of CA names the client must send, TLS 1.3 only. + If this is "empty" the list is expected to be empty otherwise it is a file + of certificates whose subject names form the list. + ## Configuring the client and server The client and server configurations can be any valid `SSL_CTX` @@ -167,6 +187,9 @@ client => { protocols can be specified as a comma-separated list, and a callback with the recommended behaviour will be installed automatically. +* SRPUser, SRPPassword - SRP settings. For client, this is the SRP user to + connect as; for server, this is a known SRP user. + ### Default server and client configurations The default server certificate and CA files are added to the configurations