* HandshakeMode - which handshake flavour to test:
- Simple - plain handshake (default)
- Resume - test resumption
- - Renegotiate - test renegotiation
+ - RenegotiateServer - test server initiated renegotiation
+ - RenegotiateClient - test client initiated renegotiation
When HandshakeMode is Resume or Renegotiate, the original handshake is expected
to succeed. All configured test expectations are verified against the second
* ExpectedNPNProtocol, ExpectedALPNProtocol - NPN and ALPN expectations.
+* ExpectedTmpKeyType - the expected algorithm or curve of server temp key
+
+* ExpectedServerCertType, ExpectedClientCertType - the expected algorithm or
+ curve of server or client certificate
+
+* ExpectedServerSignHash, ExpectedClientSignHash - the expected
+ signing hash used by server or client certificate
+
+* ExpectedServerSignType, ExpectedClientSignType - the expected
+ signature type used by server or client when signing messages
+
+* ExpectedClientCANames - for client auth list of CA names the server must
+ send. If this is "empty" the list is expected to be empty otherwise it
+ is a file of certificates whose subject names form the list.
+
+* ExpectedServerCANames - list of CA names the client must send, TLS 1.3 only.
+ If this is "empty" the list is expected to be empty otherwise it is a file
+ of certificates whose subject names form the list.
+
## Configuring the client and server
The client and server configurations can be any valid `SSL_CTX`
protocols can be specified as a comma-separated list, and a callback with the
recommended behaviour will be installed automatically.
+* SRPUser, SRPPassword - SRP settings. For client, this is the SRP user to
+ connect as; for server, this is a known SRP user.
+
### Default server and client configurations
The default server certificate and CA files are added to the configurations
projects / openssl.git / blobdiff