From aa4d426b4d3527d7e166df1a05058c9a4a0f6683 Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Fri, 30 Apr 2021 00:33:56 +0200 Subject: initial/final commit --- openssl-1.1.0h/test/ssl-tests/12-ct.conf.in | 119 ++++++++++++++++++++++++++++ 1 file changed, 119 insertions(+) create mode 100644 openssl-1.1.0h/test/ssl-tests/12-ct.conf.in (limited to 'openssl-1.1.0h/test/ssl-tests/12-ct.conf.in') diff --git a/openssl-1.1.0h/test/ssl-tests/12-ct.conf.in b/openssl-1.1.0h/test/ssl-tests/12-ct.conf.in new file mode 100644 index 0000000..d412dfd --- /dev/null +++ b/openssl-1.1.0h/test/ssl-tests/12-ct.conf.in @@ -0,0 +1,119 @@ +# -*- mode: perl; -*- +# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## Test CT support + +use strict; +use warnings; + +package ssltests; + + +our @tests = ( + { + name => "ct-permissive-without-scts", + server => { }, + client => { + extra => { + "CTValidation" => "Permissive", + }, + }, + test => { + "ExpectedResult" => "Success", + }, + }, + { + name => "ct-permissive-with-scts", + server => { + "Certificate" => test_pem("embeddedSCTs1.pem"), + "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), + }, + client => { + "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), + extra => { + "CTValidation" => "Permissive", + }, + }, + test => { + "ExpectedResult" => "Success", + }, + }, + { + name => "ct-strict-without-scts", + server => { }, + client => { + extra => { + "CTValidation" => "Strict", + }, + }, + test => { + "ExpectedResult" => "ClientFail", + "ExpectedClientAlert" => "HandshakeFailure", + }, + }, + { + name => "ct-strict-with-scts", + server => { + "Certificate" => test_pem("embeddedSCTs1.pem"), + "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), + }, + client => { + "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), + extra => { + "CTValidation" => "Strict", + }, + }, + test => { + "ExpectedResult" => "Success", + }, + }, + { + name => "ct-permissive-resumption", + server => { + "Certificate" => test_pem("embeddedSCTs1.pem"), + "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), + }, + client => { + "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), + extra => { + "CTValidation" => "Permissive", + }, + }, + test => { + "HandshakeMode" => "Resume", + "ResumptionExpected" => "Yes", + "ExpectedResult" => "Success", + }, + }, + { + name => "ct-strict-resumption", + server => { + "Certificate" => test_pem("embeddedSCTs1.pem"), + "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), + }, + client => { + "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), + extra => { + "CTValidation" => "Strict", + }, + }, + # SCTs are not present during resumption, so the resumption + # should succeed. + resume_client => { + extra => { + "CTValidation" => "Strict", + }, + }, + test => { + "HandshakeMode" => "Resume", + "ResumptionExpected" => "Yes", + "ExpectedResult" => "Success", + }, + }, +); -- cgit v1.2.3