xref: /freebsd/crypto/openssl/test/ssl-tests/12-ct.cnf (revision 1719886f6d08408b834d270c59ffcfd821c8f63a)
1# Generated with generate_ssl_tests.pl
2
3num_tests = 6
4
5test-0 = 0-ct-permissive-without-scts
6test-1 = 1-ct-permissive-with-scts
7test-2 = 2-ct-strict-without-scts
8test-3 = 3-ct-strict-with-scts
9test-4 = 4-ct-permissive-resumption
10test-5 = 5-ct-strict-resumption
11# ===========================================================
12
13[0-ct-permissive-without-scts]
14ssl_conf = 0-ct-permissive-without-scts-ssl
15
16[0-ct-permissive-without-scts-ssl]
17server = 0-ct-permissive-without-scts-server
18client = 0-ct-permissive-without-scts-client
19
20[0-ct-permissive-without-scts-server]
21Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
22CipherString = DEFAULT
23PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
24
25[0-ct-permissive-without-scts-client]
26CipherString = DEFAULT
27VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
28VerifyMode = Peer
29
30[test-0]
31ExpectedResult = Success
32client = 0-ct-permissive-without-scts-client-extra
33
34[0-ct-permissive-without-scts-client-extra]
35CTValidation = Permissive
36
37
38# ===========================================================
39
40[1-ct-permissive-with-scts]
41ssl_conf = 1-ct-permissive-with-scts-ssl
42
43[1-ct-permissive-with-scts-ssl]
44server = 1-ct-permissive-with-scts-server
45client = 1-ct-permissive-with-scts-client
46
47[1-ct-permissive-with-scts-server]
48Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
49CipherString = DEFAULT
50PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
51
52[1-ct-permissive-with-scts-client]
53CipherString = DEFAULT
54VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
55VerifyMode = Peer
56
57[test-1]
58ExpectedResult = Success
59client = 1-ct-permissive-with-scts-client-extra
60
61[1-ct-permissive-with-scts-client-extra]
62CTValidation = Permissive
63
64
65# ===========================================================
66
67[2-ct-strict-without-scts]
68ssl_conf = 2-ct-strict-without-scts-ssl
69
70[2-ct-strict-without-scts-ssl]
71server = 2-ct-strict-without-scts-server
72client = 2-ct-strict-without-scts-client
73
74[2-ct-strict-without-scts-server]
75Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
76CipherString = DEFAULT
77PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
78
79[2-ct-strict-without-scts-client]
80CipherString = DEFAULT
81VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
82VerifyMode = Peer
83
84[test-2]
85ExpectedClientAlert = HandshakeFailure
86ExpectedResult = ClientFail
87client = 2-ct-strict-without-scts-client-extra
88
89[2-ct-strict-without-scts-client-extra]
90CTValidation = Strict
91
92
93# ===========================================================
94
95[3-ct-strict-with-scts]
96ssl_conf = 3-ct-strict-with-scts-ssl
97
98[3-ct-strict-with-scts-ssl]
99server = 3-ct-strict-with-scts-server
100client = 3-ct-strict-with-scts-client
101
102[3-ct-strict-with-scts-server]
103Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
104CipherString = DEFAULT
105PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
106
107[3-ct-strict-with-scts-client]
108CipherString = DEFAULT
109VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
110VerifyMode = Peer
111
112[test-3]
113ExpectedResult = Success
114client = 3-ct-strict-with-scts-client-extra
115
116[3-ct-strict-with-scts-client-extra]
117CTValidation = Strict
118
119
120# ===========================================================
121
122[4-ct-permissive-resumption]
123ssl_conf = 4-ct-permissive-resumption-ssl
124
125[4-ct-permissive-resumption-ssl]
126server = 4-ct-permissive-resumption-server
127client = 4-ct-permissive-resumption-client
128resume-server = 4-ct-permissive-resumption-server
129resume-client = 4-ct-permissive-resumption-client
130
131[4-ct-permissive-resumption-server]
132Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
133CipherString = DEFAULT
134PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
135
136[4-ct-permissive-resumption-client]
137CipherString = DEFAULT
138VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
139VerifyMode = Peer
140
141[test-4]
142ExpectedResult = Success
143HandshakeMode = Resume
144ResumptionExpected = Yes
145client = 4-ct-permissive-resumption-client-extra
146resume-client = 4-ct-permissive-resumption-client-extra
147
148[4-ct-permissive-resumption-client-extra]
149CTValidation = Permissive
150
151
152# ===========================================================
153
154[5-ct-strict-resumption]
155ssl_conf = 5-ct-strict-resumption-ssl
156
157[5-ct-strict-resumption-ssl]
158server = 5-ct-strict-resumption-server
159client = 5-ct-strict-resumption-client
160resume-server = 5-ct-strict-resumption-server
161resume-client = 5-ct-strict-resumption-resume-client
162
163[5-ct-strict-resumption-server]
164Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
165CipherString = DEFAULT
166PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
167
168[5-ct-strict-resumption-client]
169CipherString = DEFAULT
170VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
171VerifyMode = Peer
172
173[5-ct-strict-resumption-resume-client]
174CipherString = DEFAULT
175VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
176VerifyMode = Peer
177
178[test-5]
179ExpectedResult = Success
180HandshakeMode = Resume
181ResumptionExpected = Yes
182client = 5-ct-strict-resumption-client-extra
183resume-client = 5-ct-strict-resumption-resume-client-extra
184
185[5-ct-strict-resumption-client-extra]
186CTValidation = Strict
187
188[5-ct-strict-resumption-resume-client-extra]
189CTValidation = Strict
190
191
192