12-ct.conf 5.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191
  1. # Generated with generate_ssl_tests.pl
  2. num_tests = 6
  3. test-0 = 0-ct-permissive-without-scts
  4. test-1 = 1-ct-permissive-with-scts
  5. test-2 = 2-ct-strict-without-scts
  6. test-3 = 3-ct-strict-with-scts
  7. test-4 = 4-ct-permissive-resumption
  8. test-5 = 5-ct-strict-resumption
  9. # ===========================================================
  10. [0-ct-permissive-without-scts]
  11. ssl_conf = 0-ct-permissive-without-scts-ssl
  12. [0-ct-permissive-without-scts-ssl]
  13. server = 0-ct-permissive-without-scts-server
  14. client = 0-ct-permissive-without-scts-client
  15. [0-ct-permissive-without-scts-server]
  16. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  17. CipherString = DEFAULT
  18. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  19. [0-ct-permissive-without-scts-client]
  20. CipherString = DEFAULT
  21. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  22. VerifyMode = Peer
  23. [test-0]
  24. ExpectedResult = Success
  25. client = 0-ct-permissive-without-scts-client-extra
  26. [0-ct-permissive-without-scts-client-extra]
  27. CTValidation = Permissive
  28. # ===========================================================
  29. [1-ct-permissive-with-scts]
  30. ssl_conf = 1-ct-permissive-with-scts-ssl
  31. [1-ct-permissive-with-scts-ssl]
  32. server = 1-ct-permissive-with-scts-server
  33. client = 1-ct-permissive-with-scts-client
  34. [1-ct-permissive-with-scts-server]
  35. Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
  36. CipherString = DEFAULT
  37. PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
  38. [1-ct-permissive-with-scts-client]
  39. CipherString = DEFAULT
  40. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
  41. VerifyMode = Peer
  42. [test-1]
  43. ExpectedResult = Success
  44. client = 1-ct-permissive-with-scts-client-extra
  45. [1-ct-permissive-with-scts-client-extra]
  46. CTValidation = Permissive
  47. # ===========================================================
  48. [2-ct-strict-without-scts]
  49. ssl_conf = 2-ct-strict-without-scts-ssl
  50. [2-ct-strict-without-scts-ssl]
  51. server = 2-ct-strict-without-scts-server
  52. client = 2-ct-strict-without-scts-client
  53. [2-ct-strict-without-scts-server]
  54. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  55. CipherString = DEFAULT
  56. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  57. [2-ct-strict-without-scts-client]
  58. CipherString = DEFAULT
  59. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  60. VerifyMode = Peer
  61. [test-2]
  62. ExpectedClientAlert = HandshakeFailure
  63. ExpectedResult = ClientFail
  64. client = 2-ct-strict-without-scts-client-extra
  65. [2-ct-strict-without-scts-client-extra]
  66. CTValidation = Strict
  67. # ===========================================================
  68. [3-ct-strict-with-scts]
  69. ssl_conf = 3-ct-strict-with-scts-ssl
  70. [3-ct-strict-with-scts-ssl]
  71. server = 3-ct-strict-with-scts-server
  72. client = 3-ct-strict-with-scts-client
  73. [3-ct-strict-with-scts-server]
  74. Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
  75. CipherString = DEFAULT
  76. PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
  77. [3-ct-strict-with-scts-client]
  78. CipherString = DEFAULT
  79. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
  80. VerifyMode = Peer
  81. [test-3]
  82. ExpectedResult = Success
  83. client = 3-ct-strict-with-scts-client-extra
  84. [3-ct-strict-with-scts-client-extra]
  85. CTValidation = Strict
  86. # ===========================================================
  87. [4-ct-permissive-resumption]
  88. ssl_conf = 4-ct-permissive-resumption-ssl
  89. [4-ct-permissive-resumption-ssl]
  90. server = 4-ct-permissive-resumption-server
  91. client = 4-ct-permissive-resumption-client
  92. resume-server = 4-ct-permissive-resumption-server
  93. resume-client = 4-ct-permissive-resumption-client
  94. [4-ct-permissive-resumption-server]
  95. Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
  96. CipherString = DEFAULT
  97. PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
  98. [4-ct-permissive-resumption-client]
  99. CipherString = DEFAULT
  100. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
  101. VerifyMode = Peer
  102. [test-4]
  103. ExpectedResult = Success
  104. HandshakeMode = Resume
  105. ResumptionExpected = Yes
  106. client = 4-ct-permissive-resumption-client-extra
  107. resume-client = 4-ct-permissive-resumption-client-extra
  108. [4-ct-permissive-resumption-client-extra]
  109. CTValidation = Permissive
  110. # ===========================================================
  111. [5-ct-strict-resumption]
  112. ssl_conf = 5-ct-strict-resumption-ssl
  113. [5-ct-strict-resumption-ssl]
  114. server = 5-ct-strict-resumption-server
  115. client = 5-ct-strict-resumption-client
  116. resume-server = 5-ct-strict-resumption-server
  117. resume-client = 5-ct-strict-resumption-resume-client
  118. [5-ct-strict-resumption-server]
  119. Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
  120. CipherString = DEFAULT
  121. PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
  122. [5-ct-strict-resumption-client]
  123. CipherString = DEFAULT
  124. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
  125. VerifyMode = Peer
  126. [5-ct-strict-resumption-resume-client]
  127. CipherString = DEFAULT
  128. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  129. VerifyMode = Peer
  130. [test-5]
  131. ExpectedResult = Success
  132. HandshakeMode = Resume
  133. ResumptionExpected = Yes
  134. client = 5-ct-strict-resumption-client-extra
  135. resume-client = 5-ct-strict-resumption-resume-client-extra
  136. [5-ct-strict-resumption-client-extra]
  137. CTValidation = Strict
  138. [5-ct-strict-resumption-resume-client-extra]
  139. CTValidation = Strict