2
0

19-mac-then-encrypt.cnf 7.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244
  1. # Generated with generate_ssl_tests.pl
  2. num_tests = 9
  3. test-0 = 0-disable-encrypt-then-mac-server-sha
  4. test-1 = 1-disable-encrypt-then-mac-client-sha
  5. test-2 = 2-disable-encrypt-then-mac-both-sha
  6. test-3 = 3-disable-encrypt-then-mac-server-sha2
  7. test-4 = 4-disable-encrypt-then-mac-client-sha2
  8. test-5 = 5-disable-encrypt-then-mac-both-sha2
  9. test-6 = 6-disable-encrypt-then-mac-server-sha-tls1
  10. test-7 = 7-disable-encrypt-then-mac-client-sha-tls1
  11. test-8 = 8-disable-encrypt-then-mac-both-sha-tls1
  12. # ===========================================================
  13. [0-disable-encrypt-then-mac-server-sha]
  14. ssl_conf = 0-disable-encrypt-then-mac-server-sha-ssl
  15. [0-disable-encrypt-then-mac-server-sha-ssl]
  16. server = 0-disable-encrypt-then-mac-server-sha-server
  17. client = 0-disable-encrypt-then-mac-server-sha-client
  18. [0-disable-encrypt-then-mac-server-sha-server]
  19. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  20. CipherString = DEFAULT
  21. Options = -EncryptThenMac
  22. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  23. [0-disable-encrypt-then-mac-server-sha-client]
  24. CipherString = AES128-SHA
  25. MaxProtocol = TLSv1.2
  26. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  27. VerifyMode = Peer
  28. [test-0]
  29. ExpectedResult = Success
  30. # ===========================================================
  31. [1-disable-encrypt-then-mac-client-sha]
  32. ssl_conf = 1-disable-encrypt-then-mac-client-sha-ssl
  33. [1-disable-encrypt-then-mac-client-sha-ssl]
  34. server = 1-disable-encrypt-then-mac-client-sha-server
  35. client = 1-disable-encrypt-then-mac-client-sha-client
  36. [1-disable-encrypt-then-mac-client-sha-server]
  37. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  38. CipherString = DEFAULT
  39. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  40. [1-disable-encrypt-then-mac-client-sha-client]
  41. CipherString = AES128-SHA
  42. MaxProtocol = TLSv1.2
  43. Options = -EncryptThenMac
  44. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  45. VerifyMode = Peer
  46. [test-1]
  47. ExpectedResult = Success
  48. # ===========================================================
  49. [2-disable-encrypt-then-mac-both-sha]
  50. ssl_conf = 2-disable-encrypt-then-mac-both-sha-ssl
  51. [2-disable-encrypt-then-mac-both-sha-ssl]
  52. server = 2-disable-encrypt-then-mac-both-sha-server
  53. client = 2-disable-encrypt-then-mac-both-sha-client
  54. [2-disable-encrypt-then-mac-both-sha-server]
  55. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  56. CipherString = DEFAULT
  57. Options = -EncryptThenMac
  58. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  59. [2-disable-encrypt-then-mac-both-sha-client]
  60. CipherString = AES128-SHA
  61. MaxProtocol = TLSv1.2
  62. Options = -EncryptThenMac
  63. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  64. VerifyMode = Peer
  65. [test-2]
  66. ExpectedResult = Success
  67. # ===========================================================
  68. [3-disable-encrypt-then-mac-server-sha2]
  69. ssl_conf = 3-disable-encrypt-then-mac-server-sha2-ssl
  70. [3-disable-encrypt-then-mac-server-sha2-ssl]
  71. server = 3-disable-encrypt-then-mac-server-sha2-server
  72. client = 3-disable-encrypt-then-mac-server-sha2-client
  73. [3-disable-encrypt-then-mac-server-sha2-server]
  74. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  75. CipherString = DEFAULT
  76. Options = -EncryptThenMac
  77. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  78. [3-disable-encrypt-then-mac-server-sha2-client]
  79. CipherString = AES128-SHA256
  80. MaxProtocol = TLSv1.2
  81. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  82. VerifyMode = Peer
  83. [test-3]
  84. ExpectedResult = Success
  85. # ===========================================================
  86. [4-disable-encrypt-then-mac-client-sha2]
  87. ssl_conf = 4-disable-encrypt-then-mac-client-sha2-ssl
  88. [4-disable-encrypt-then-mac-client-sha2-ssl]
  89. server = 4-disable-encrypt-then-mac-client-sha2-server
  90. client = 4-disable-encrypt-then-mac-client-sha2-client
  91. [4-disable-encrypt-then-mac-client-sha2-server]
  92. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  93. CipherString = DEFAULT
  94. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  95. [4-disable-encrypt-then-mac-client-sha2-client]
  96. CipherString = AES128-SHA256
  97. MaxProtocol = TLSv1.2
  98. Options = -EncryptThenMac
  99. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  100. VerifyMode = Peer
  101. [test-4]
  102. ExpectedResult = Success
  103. # ===========================================================
  104. [5-disable-encrypt-then-mac-both-sha2]
  105. ssl_conf = 5-disable-encrypt-then-mac-both-sha2-ssl
  106. [5-disable-encrypt-then-mac-both-sha2-ssl]
  107. server = 5-disable-encrypt-then-mac-both-sha2-server
  108. client = 5-disable-encrypt-then-mac-both-sha2-client
  109. [5-disable-encrypt-then-mac-both-sha2-server]
  110. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  111. CipherString = DEFAULT
  112. Options = -EncryptThenMac
  113. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  114. [5-disable-encrypt-then-mac-both-sha2-client]
  115. CipherString = AES128-SHA256
  116. MaxProtocol = TLSv1.2
  117. Options = -EncryptThenMac
  118. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  119. VerifyMode = Peer
  120. [test-5]
  121. ExpectedResult = Success
  122. # ===========================================================
  123. [6-disable-encrypt-then-mac-server-sha-tls1]
  124. ssl_conf = 6-disable-encrypt-then-mac-server-sha-tls1-ssl
  125. [6-disable-encrypt-then-mac-server-sha-tls1-ssl]
  126. server = 6-disable-encrypt-then-mac-server-sha-tls1-server
  127. client = 6-disable-encrypt-then-mac-server-sha-tls1-client
  128. [6-disable-encrypt-then-mac-server-sha-tls1-server]
  129. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  130. CipherString = DEFAULT:@SECLEVEL=0
  131. Options = -EncryptThenMac
  132. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  133. [6-disable-encrypt-then-mac-server-sha-tls1-client]
  134. CipherString = AES128-SHA@SECLEVEL=0
  135. MaxProtocol = TLSv1
  136. MinProtocol = TLSv1
  137. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  138. VerifyMode = Peer
  139. [test-6]
  140. ExpectedResult = Success
  141. # ===========================================================
  142. [7-disable-encrypt-then-mac-client-sha-tls1]
  143. ssl_conf = 7-disable-encrypt-then-mac-client-sha-tls1-ssl
  144. [7-disable-encrypt-then-mac-client-sha-tls1-ssl]
  145. server = 7-disable-encrypt-then-mac-client-sha-tls1-server
  146. client = 7-disable-encrypt-then-mac-client-sha-tls1-client
  147. [7-disable-encrypt-then-mac-client-sha-tls1-server]
  148. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  149. CipherString = DEFAULT:@SECLEVEL=0
  150. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  151. [7-disable-encrypt-then-mac-client-sha-tls1-client]
  152. CipherString = AES128-SHA@SECLEVEL=0
  153. MaxProtocol = TLSv1
  154. MinProtocol = TLSv1
  155. Options = -EncryptThenMac
  156. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  157. VerifyMode = Peer
  158. [test-7]
  159. ExpectedResult = Success
  160. # ===========================================================
  161. [8-disable-encrypt-then-mac-both-sha-tls1]
  162. ssl_conf = 8-disable-encrypt-then-mac-both-sha-tls1-ssl
  163. [8-disable-encrypt-then-mac-both-sha-tls1-ssl]
  164. server = 8-disable-encrypt-then-mac-both-sha-tls1-server
  165. client = 8-disable-encrypt-then-mac-both-sha-tls1-client
  166. [8-disable-encrypt-then-mac-both-sha-tls1-server]
  167. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  168. CipherString = DEFAULT:@SECLEVEL=0
  169. Options = -EncryptThenMac
  170. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  171. [8-disable-encrypt-then-mac-both-sha-tls1-client]
  172. CipherString = AES128-SHA@SECLEVEL=0
  173. MaxProtocol = TLSv1
  174. MinProtocol = TLSv1
  175. Options = -EncryptThenMac
  176. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  177. VerifyMode = Peer
  178. [test-8]
  179. ExpectedResult = Success