# Generated with generate_ssl_tests.pl num_tests = 6 test-0 = 0-ct-permissive-without-scts test-1 = 1-ct-permissive-with-scts test-2 = 2-ct-strict-without-scts test-3 = 3-ct-strict-with-scts test-4 = 4-ct-permissive-resumption test-5 = 5-ct-strict-resumption # =========================================================== [0-ct-permissive-without-scts] ssl_conf = 0-ct-permissive-without-scts-ssl [0-ct-permissive-without-scts-ssl] server = 0-ct-permissive-without-scts-server client = 0-ct-permissive-without-scts-client [0-ct-permissive-without-scts-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-ct-permissive-without-scts-client] CipherString = DEFAULT@SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-0] ExpectedResult = Success client = 0-ct-permissive-without-scts-client-extra [0-ct-permissive-without-scts-client-extra] CTValidation = Permissive # =========================================================== [1-ct-permissive-with-scts] ssl_conf = 1-ct-permissive-with-scts-ssl [1-ct-permissive-with-scts-ssl] server = 1-ct-permissive-with-scts-server client = 1-ct-permissive-with-scts-client [1-ct-permissive-with-scts-server] Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem CipherString = DEFAULT@SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem [1-ct-permissive-with-scts-client] CipherString = DEFAULT@SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem VerifyMode = Peer [test-1] ExpectedResult = Success client = 1-ct-permissive-with-scts-client-extra [1-ct-permissive-with-scts-client-extra] CTValidation = Permissive # =========================================================== [2-ct-strict-without-scts] ssl_conf = 2-ct-strict-without-scts-ssl [2-ct-strict-without-scts-ssl] server = 2-ct-strict-without-scts-server client = 2-ct-strict-without-scts-client [2-ct-strict-without-scts-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-ct-strict-without-scts-client] CipherString = DEFAULT@SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-2] ExpectedClientAlert = HandshakeFailure ExpectedResult = ClientFail client = 2-ct-strict-without-scts-client-extra [2-ct-strict-without-scts-client-extra] CTValidation = Strict # =========================================================== [3-ct-strict-with-scts] ssl_conf = 3-ct-strict-with-scts-ssl [3-ct-strict-with-scts-ssl] server = 3-ct-strict-with-scts-server client = 3-ct-strict-with-scts-client [3-ct-strict-with-scts-server] Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem CipherString = DEFAULT@SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem [3-ct-strict-with-scts-client] CipherString = DEFAULT@SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem VerifyMode = Peer [test-3] ExpectedResult = Success client = 3-ct-strict-with-scts-client-extra [3-ct-strict-with-scts-client-extra] CTValidation = Strict # =========================================================== [4-ct-permissive-resumption] ssl_conf = 4-ct-permissive-resumption-ssl [4-ct-permissive-resumption-ssl] server = 4-ct-permissive-resumption-server client = 4-ct-permissive-resumption-client resume-server = 4-ct-permissive-resumption-server resume-client = 4-ct-permissive-resumption-client [4-ct-permissive-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem CipherString = DEFAULT@SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem [4-ct-permissive-resumption-client] CipherString = DEFAULT@SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem VerifyMode = Peer [test-4] ExpectedResult = Success HandshakeMode = Resume ResumptionExpected = Yes client = 4-ct-permissive-resumption-client-extra resume-client = 4-ct-permissive-resumption-client-extra [4-ct-permissive-resumption-client-extra] CTValidation = Permissive # =========================================================== [5-ct-strict-resumption] ssl_conf = 5-ct-strict-resumption-ssl [5-ct-strict-resumption-ssl] server = 5-ct-strict-resumption-server client = 5-ct-strict-resumption-client resume-server = 5-ct-strict-resumption-server resume-client = 5-ct-strict-resumption-resume-client [5-ct-strict-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem CipherString = DEFAULT@SECLEVEL=1 PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem [5-ct-strict-resumption-client] CipherString = DEFAULT@SECLEVEL=1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem VerifyMode = Peer [5-ct-strict-resumption-resume-client] CipherString = DEFAULT VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-5] ExpectedResult = Success HandshakeMode = Resume ResumptionExpected = Yes client = 5-ct-strict-resumption-client-extra resume-client = 5-ct-strict-resumption-resume-client-extra [5-ct-strict-resumption-client-extra] CTValidation = Strict [5-ct-strict-resumption-resume-client-extra] CTValidation = Strict