mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity
master
openssl/test/ssl-tests/16-dtls-certstatus.cnf
Matt Caswell d77ba503a2 Adjust ssl_test_new for SHA1 security level 
SHA1 is now in security level 0. SHA1 is required for DTLSv1.1. Therefore
ssl_test_new needed some adjustments in the event that DTLSv1.2 is disabled.

There are also adjustments required if using the FIPS module and DTLSv1.2
is disabled. The only DTLS version supported by the FIPS module is
DTLSv1.2.

Fixes  #14956

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15047)
2021-04-29 15:52:49 +01:00

63 lines
1.4 KiB
INI
Raw Permalink Blame History

# Generated with generate_ssl_tests.pl
num_tests = 2
test-0 = 0-certstatus-good
test-1 = 1-certstatus-bad
# ===========================================================
[0-certstatus-good]
ssl_conf = 0-certstatus-good-ssl
[0-certstatus-good-ssl]
server = 0-certstatus-good-server
client = 0-certstatus-good-client
[0-certstatus-good-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT:@SECLEVEL=0
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[0-certstatus-good-client]
CipherString = DEFAULT:@SECLEVEL=0
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-0]
ExpectedResult = Success
Method = DTLS
server = 0-certstatus-good-server-extra
[0-certstatus-good-server-extra]
CertStatus = GoodResponse
# ===========================================================
[1-certstatus-bad]
ssl_conf = 1-certstatus-bad-ssl
[1-certstatus-bad-ssl]
server = 1-certstatus-bad-server
client = 1-certstatus-bad-client
[1-certstatus-bad-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT:@SECLEVEL=0
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[1-certstatus-bad-client]
CipherString = DEFAULT:@SECLEVEL=0
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-1]
ExpectedResult = ClientFail
Method = DTLS
server = 1-certstatus-bad-server-extra
[1-certstatus-bad-server-extra]
CertStatus = BadResponse
Reference in New Issue View Git Blame Copy Permalink