1*e0c4386eSCy Schubert# -*- mode: perl; -*- 2*e0c4386eSCy Schubert# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. 3*e0c4386eSCy Schubert# 4*e0c4386eSCy Schubert# Licensed under the Apache License 2.0 (the "License"). You may not use 5*e0c4386eSCy Schubert# this file except in compliance with the License. You can obtain a copy 6*e0c4386eSCy Schubert# in the file LICENSE in the source distribution or at 7*e0c4386eSCy Schubert# https://www.openssl.org/source/license.html 8*e0c4386eSCy Schubert 9*e0c4386eSCy Schubert 10*e0c4386eSCy Schubert## Test DTLS CertStatus messages 11*e0c4386eSCy Schubert 12*e0c4386eSCy Schubertuse strict; 13*e0c4386eSCy Schubertuse warnings; 14*e0c4386eSCy Schubert 15*e0c4386eSCy Schubertpackage ssltests; 16*e0c4386eSCy Schubertuse OpenSSL::Test::Utils; 17*e0c4386eSCy Schubert 18*e0c4386eSCy Schubertour $fips_mode; 19*e0c4386eSCy Schubert 20*e0c4386eSCy Schubertour @tests = (); 21*e0c4386eSCy Schubert 22*e0c4386eSCy Schubertour @tests_standard = ( 23*e0c4386eSCy Schubert { 24*e0c4386eSCy Schubert name => "certstatus-good", 25*e0c4386eSCy Schubert server => { 26*e0c4386eSCy Schubert "CipherString" => "DEFAULT:\@SECLEVEL=0", 27*e0c4386eSCy Schubert extra => { 28*e0c4386eSCy Schubert "CertStatus" => "GoodResponse" 29*e0c4386eSCy Schubert }, 30*e0c4386eSCy Schubert }, 31*e0c4386eSCy Schubert client => { 32*e0c4386eSCy Schubert "CipherString" => "DEFAULT:\@SECLEVEL=0", 33*e0c4386eSCy Schubert }, 34*e0c4386eSCy Schubert test => { 35*e0c4386eSCy Schubert "Method" => "DTLS", 36*e0c4386eSCy Schubert "ExpectedResult" => "Success" 37*e0c4386eSCy Schubert } 38*e0c4386eSCy Schubert }, 39*e0c4386eSCy Schubert { 40*e0c4386eSCy Schubert name => "certstatus-bad", 41*e0c4386eSCy Schubert server => { 42*e0c4386eSCy Schubert "CipherString" => "DEFAULT:\@SECLEVEL=0", 43*e0c4386eSCy Schubert extra => { 44*e0c4386eSCy Schubert "CertStatus" => "BadResponse", 45*e0c4386eSCy Schubert }, 46*e0c4386eSCy Schubert }, 47*e0c4386eSCy Schubert client => { 48*e0c4386eSCy Schubert "CipherString" => "DEFAULT:\@SECLEVEL=0", 49*e0c4386eSCy Schubert }, 50*e0c4386eSCy Schubert test => { 51*e0c4386eSCy Schubert "Method" => "DTLS", 52*e0c4386eSCy Schubert "ExpectedResult" => "ClientFail" 53*e0c4386eSCy Schubert } 54*e0c4386eSCy Schubert } 55*e0c4386eSCy Schubert); 56*e0c4386eSCy Schubert 57*e0c4386eSCy Schubertour @tests_sctp = ( 58*e0c4386eSCy Schubert { 59*e0c4386eSCy Schubert name => "certstatus-good", 60*e0c4386eSCy Schubert server => { 61*e0c4386eSCy Schubert "CipherString" => "DEFAULT:\@SECLEVEL=0", 62*e0c4386eSCy Schubert extra => { 63*e0c4386eSCy Schubert "CertStatus" => "GoodResponse", 64*e0c4386eSCy Schubert }, 65*e0c4386eSCy Schubert }, 66*e0c4386eSCy Schubert client => { 67*e0c4386eSCy Schubert "CipherString" => "DEFAULT:\@SECLEVEL=0", 68*e0c4386eSCy Schubert }, 69*e0c4386eSCy Schubert test => { 70*e0c4386eSCy Schubert "Method" => "DTLS", 71*e0c4386eSCy Schubert "UseSCTP" => "Yes", 72*e0c4386eSCy Schubert "ExpectedResult" => "Success" 73*e0c4386eSCy Schubert } 74*e0c4386eSCy Schubert }, 75*e0c4386eSCy Schubert { 76*e0c4386eSCy Schubert name => "certstatus-bad", 77*e0c4386eSCy Schubert server => { 78*e0c4386eSCy Schubert "CipherString" => "DEFAULT:\@SECLEVEL=0", 79*e0c4386eSCy Schubert extra => { 80*e0c4386eSCy Schubert "CertStatus" => "BadResponse", 81*e0c4386eSCy Schubert }, 82*e0c4386eSCy Schubert }, 83*e0c4386eSCy Schubert client => { 84*e0c4386eSCy Schubert "CipherString" => "DEFAULT:\@SECLEVEL=0", 85*e0c4386eSCy Schubert }, 86*e0c4386eSCy Schubert test => { 87*e0c4386eSCy Schubert "Method" => "DTLS", 88*e0c4386eSCy Schubert "UseSCTP" => "Yes", 89*e0c4386eSCy Schubert "ExpectedResult" => "ClientFail" 90*e0c4386eSCy Schubert } 91*e0c4386eSCy Schubert }, 92*e0c4386eSCy Schubert); 93*e0c4386eSCy Schubert 94*e0c4386eSCy Schubertif (!$fips_mode || !disabled("dtls1_2")) { 95*e0c4386eSCy Schubert push @tests, @tests_standard; 96*e0c4386eSCy Schubert push @tests, @tests_sctp unless disabled("sctp") || disabled("sock"); 97*e0c4386eSCy Schubert} 98