xref: /freebsd/crypto/openssl/test/ssl-tests/01-simple.cnf.in (revision 7fdf597e96a02165cfe22ff357b857d5fa15ed8a)
1# -*- mode: perl; -*-
2# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9
10## SSL test configurations
11
12package ssltests;
13
14our @tests = (
15    {
16        name => "default",
17        server => { },
18        client => { },
19        test   => { "ExpectedResult" => "Success" },
20    },
21
22    {
23        name => "Server signature algorithms bug",
24        # Should have no effect as we aren't doing client auth
25        server => { "ClientSignatureAlgorithms" => "PSS+SHA512:RSA+SHA512" },
26        client => { "SignatureAlgorithms" => "PSS+SHA256:RSA+SHA256" },
27        test   => { "ExpectedResult" => "Success" },
28    },
29
30    {
31        name => "verify-cert",
32        server => { },
33        client => {
34            # Don't set up the client root file.
35            "VerifyCAFile" => undef,
36        },
37        test   => {
38          "ExpectedResult" => "ClientFail",
39          "ExpectedClientAlert" => "UnknownCA",
40        },
41    },
42
43    {
44        name => "name-constraints-no-san-in-ee",
45        server => {
46            "Certificate" => test_pem("goodcn2-chain.pem"),
47            "PrivateKey"  => test_pem("goodcn2-key.pem"),
48        },
49        client => {
50            "VerifyCAFile" => test_pem("root-cert.pem"),
51        },
52        test   => { "ExpectedResult" => "Success" },
53    },
54);
55