xref: /freebsd/crypto/openssl/test/ssl-tests/03-custom_verify.cnf (revision 6580f5c38dd5b01aeeaed16b370f1a12423437f0)
1# Generated with generate_ssl_tests.pl
2
3num_tests = 10
4
5test-0 = 0-verify-success
6test-1 = 1-verify-custom-reject
7test-2 = 2-verify-custom-allow
8test-3 = 3-verify-custom-retry
9test-4 = 4-noverify-success
10test-5 = 5-noverify-ignore-custom-reject
11test-6 = 6-noverify-accept-custom-allow
12test-7 = 7-verify-fail-no-root
13test-8 = 8-verify-custom-success-no-root
14test-9 = 9-verify-custom-fail-no-root
15# ===========================================================
16
17[0-verify-success]
18ssl_conf = 0-verify-success-ssl
19
20[0-verify-success-ssl]
21server = 0-verify-success-server
22client = 0-verify-success-client
23
24[0-verify-success-server]
25Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
26CipherString = DEFAULT
27PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
28
29[0-verify-success-client]
30CipherString = DEFAULT
31VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
32VerifyMode = Peer
33
34[test-0]
35ExpectedResult = Success
36
37
38# ===========================================================
39
40[1-verify-custom-reject]
41ssl_conf = 1-verify-custom-reject-ssl
42
43[1-verify-custom-reject-ssl]
44server = 1-verify-custom-reject-server
45client = 1-verify-custom-reject-client
46
47[1-verify-custom-reject-server]
48Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
49CipherString = DEFAULT
50PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
51
52[1-verify-custom-reject-client]
53CipherString = DEFAULT
54VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
55VerifyMode = Peer
56
57[test-1]
58ExpectedClientAlert = HandshakeFailure
59ExpectedResult = ClientFail
60client = 1-verify-custom-reject-client-extra
61
62[1-verify-custom-reject-client-extra]
63VerifyCallback = RejectAll
64
65
66# ===========================================================
67
68[2-verify-custom-allow]
69ssl_conf = 2-verify-custom-allow-ssl
70
71[2-verify-custom-allow-ssl]
72server = 2-verify-custom-allow-server
73client = 2-verify-custom-allow-client
74
75[2-verify-custom-allow-server]
76Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
77CipherString = DEFAULT
78PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
79
80[2-verify-custom-allow-client]
81CipherString = DEFAULT
82VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
83VerifyMode = Peer
84
85[test-2]
86ExpectedResult = Success
87client = 2-verify-custom-allow-client-extra
88
89[2-verify-custom-allow-client-extra]
90VerifyCallback = AcceptAll
91
92
93# ===========================================================
94
95[3-verify-custom-retry]
96ssl_conf = 3-verify-custom-retry-ssl
97
98[3-verify-custom-retry-ssl]
99server = 3-verify-custom-retry-server
100client = 3-verify-custom-retry-client
101
102[3-verify-custom-retry-server]
103Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
104CipherString = DEFAULT
105PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
106
107[3-verify-custom-retry-client]
108CipherString = DEFAULT
109VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
110VerifyMode = Peer
111
112[test-3]
113ExpectedResult = Success
114client = 3-verify-custom-retry-client-extra
115
116[3-verify-custom-retry-client-extra]
117VerifyCallback = RetryOnce
118
119
120# ===========================================================
121
122[4-noverify-success]
123ssl_conf = 4-noverify-success-ssl
124
125[4-noverify-success-ssl]
126server = 4-noverify-success-server
127client = 4-noverify-success-client
128
129[4-noverify-success-server]
130Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
131CipherString = DEFAULT
132PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
133
134[4-noverify-success-client]
135CipherString = DEFAULT
136
137[test-4]
138ExpectedResult = Success
139
140
141# ===========================================================
142
143[5-noverify-ignore-custom-reject]
144ssl_conf = 5-noverify-ignore-custom-reject-ssl
145
146[5-noverify-ignore-custom-reject-ssl]
147server = 5-noverify-ignore-custom-reject-server
148client = 5-noverify-ignore-custom-reject-client
149
150[5-noverify-ignore-custom-reject-server]
151Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
152CipherString = DEFAULT
153PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
154
155[5-noverify-ignore-custom-reject-client]
156CipherString = DEFAULT
157
158[test-5]
159ExpectedResult = Success
160client = 5-noverify-ignore-custom-reject-client-extra
161
162[5-noverify-ignore-custom-reject-client-extra]
163VerifyCallback = RejectAll
164
165
166# ===========================================================
167
168[6-noverify-accept-custom-allow]
169ssl_conf = 6-noverify-accept-custom-allow-ssl
170
171[6-noverify-accept-custom-allow-ssl]
172server = 6-noverify-accept-custom-allow-server
173client = 6-noverify-accept-custom-allow-client
174
175[6-noverify-accept-custom-allow-server]
176Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
177CipherString = DEFAULT
178PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
179
180[6-noverify-accept-custom-allow-client]
181CipherString = DEFAULT
182
183[test-6]
184ExpectedResult = Success
185client = 6-noverify-accept-custom-allow-client-extra
186
187[6-noverify-accept-custom-allow-client-extra]
188VerifyCallback = AcceptAll
189
190
191# ===========================================================
192
193[7-verify-fail-no-root]
194ssl_conf = 7-verify-fail-no-root-ssl
195
196[7-verify-fail-no-root-ssl]
197server = 7-verify-fail-no-root-server
198client = 7-verify-fail-no-root-client
199
200[7-verify-fail-no-root-server]
201Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
202CipherString = DEFAULT
203PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
204
205[7-verify-fail-no-root-client]
206CipherString = DEFAULT
207VerifyMode = Peer
208
209[test-7]
210ExpectedClientAlert = UnknownCA
211ExpectedResult = ClientFail
212
213
214# ===========================================================
215
216[8-verify-custom-success-no-root]
217ssl_conf = 8-verify-custom-success-no-root-ssl
218
219[8-verify-custom-success-no-root-ssl]
220server = 8-verify-custom-success-no-root-server
221client = 8-verify-custom-success-no-root-client
222
223[8-verify-custom-success-no-root-server]
224Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
225CipherString = DEFAULT
226PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
227
228[8-verify-custom-success-no-root-client]
229CipherString = DEFAULT
230VerifyMode = Peer
231
232[test-8]
233ExpectedResult = Success
234client = 8-verify-custom-success-no-root-client-extra
235
236[8-verify-custom-success-no-root-client-extra]
237VerifyCallback = AcceptAll
238
239
240# ===========================================================
241
242[9-verify-custom-fail-no-root]
243ssl_conf = 9-verify-custom-fail-no-root-ssl
244
245[9-verify-custom-fail-no-root-ssl]
246server = 9-verify-custom-fail-no-root-server
247client = 9-verify-custom-fail-no-root-client
248
249[9-verify-custom-fail-no-root-server]
250Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
251CipherString = DEFAULT
252PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
253
254[9-verify-custom-fail-no-root-client]
255CipherString = DEFAULT
256VerifyMode = Peer
257
258[test-9]
259ExpectedClientAlert = HandshakeFailure
260ExpectedResult = ClientFail
261client = 9-verify-custom-fail-no-root-client-extra
262
263[9-verify-custom-fail-no-root-client-extra]
264VerifyCallback = RejectAll
265
266
267