2 # Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
10 ## Test version negotiation
20 name => "ct-permissive-without-scts",
22 "CipherString" => 'DEFAULT@SECLEVEL=1',
25 "CipherString" => 'DEFAULT@SECLEVEL=1',
27 "CTValidation" => "Permissive",
31 "ExpectedResult" => "Success",
35 name => "ct-permissive-with-scts",
37 "CipherString" => 'DEFAULT@SECLEVEL=1',
38 "Certificate" => test_pem("embeddedSCTs1.pem"),
39 "PrivateKey" => test_pem("embeddedSCTs1-key.pem"),
42 "CipherString" => 'DEFAULT@SECLEVEL=1',
43 "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
45 "CTValidation" => "Permissive",
49 "ExpectedResult" => "Success",
53 name => "ct-strict-without-scts",
55 "CipherString" => 'DEFAULT@SECLEVEL=1',
58 "CipherString" => 'DEFAULT@SECLEVEL=1',
60 "CTValidation" => "Strict",
64 "ExpectedResult" => "ClientFail",
65 "ExpectedClientAlert" => "HandshakeFailure",
69 name => "ct-strict-with-scts",
71 "CipherString" => 'DEFAULT@SECLEVEL=1',
72 "Certificate" => test_pem("embeddedSCTs1.pem"),
73 "PrivateKey" => test_pem("embeddedSCTs1-key.pem"),
76 "CipherString" => 'DEFAULT@SECLEVEL=1',
77 "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
79 "CTValidation" => "Strict",
83 "ExpectedResult" => "Success",
87 name => "ct-permissive-resumption",
89 "CipherString" => 'DEFAULT@SECLEVEL=1',
90 "Certificate" => test_pem("embeddedSCTs1.pem"),
91 "PrivateKey" => test_pem("embeddedSCTs1-key.pem"),
94 "CipherString" => 'DEFAULT@SECLEVEL=1',
95 "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
97 "CTValidation" => "Permissive",
101 "HandshakeMode" => "Resume",
102 "ResumptionExpected" => "Yes",
103 "ExpectedResult" => "Success",
107 name => "ct-strict-resumption",
109 "CipherString" => 'DEFAULT@SECLEVEL=1',
110 "Certificate" => test_pem("embeddedSCTs1.pem"),
111 "PrivateKey" => test_pem("embeddedSCTs1-key.pem"),
114 "CipherString" => 'DEFAULT@SECLEVEL=1',
115 "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
117 "CTValidation" => "Strict",
120 # SCTs are not present during resumption, so the resumption
124 "CTValidation" => "Strict",
128 "HandshakeMode" => "Resume",
129 "ResumptionExpected" => "Yes",
130 "ExpectedResult" => "Success",