1 # Generated with generate_ssl_tests.pl 2 3 num_tests = 18 4 5 test-0 = 0-renegotiate-client-no-resume 6 test-1 = 1-renegotiate-client-resume 7 test-2 = 2-renegotiate-server-no-resume 8 test-3 = 3-renegotiate-server-resume 9 test-4 = 4-renegotiate-client-auth-require 10 test-5 = 5-renegotiate-client-auth-once 11 test-6 = 6-renegotiate-client-legacy-connect 12 test-7 = 7-renegotiate-aead-to-non-aead 13 test-8 = 8-renegotiate-non-aead-to-aead 14 test-9 = 9-renegotiate-non-aead-to-non-aead 15 test-10 = 10-renegotiate-aead-to-aead 16 test-11 = 11-no-renegotiation-server-by-client 17 test-12 = 12-no-renegotiation-server-by-server 18 test-13 = 13-no-renegotiation-client-by-server 19 test-14 = 14-no-renegotiation-client-by-client 20 test-15 = 15-no-extms-on-renegotiation 21 test-16 = 16-allow-client-renegotiation 22 test-17 = 17-no-client-renegotiation 23 # =========================================================== 24 25 [0-renegotiate-client-no-resume] 26 ssl_conf = 0-renegotiate-client-no-resume-ssl 27 28 [0-renegotiate-client-no-resume-ssl] 29 server = 0-renegotiate-client-no-resume-server 30 client = 0-renegotiate-client-no-resume-client 31 32 [0-renegotiate-client-no-resume-server] 33 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 34 CipherString = DEFAULT 35 MaxProtocol = TLSv1.2 36 Options = NoResumptionOnRenegotiation 37 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 38 39 [0-renegotiate-client-no-resume-client] 40 CipherString = DEFAULT 41 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 42 VerifyMode = Peer 43 44 [test-0] 45 ExpectedResult = Success 46 HandshakeMode = RenegotiateClient 47 Method = TLS 48 ResumptionExpected = No 49 50 51 # =========================================================== 52 53 [1-renegotiate-client-resume] 54 ssl_conf = 1-renegotiate-client-resume-ssl 55 56 [1-renegotiate-client-resume-ssl] 57 server = 1-renegotiate-client-resume-server 58 client = 1-renegotiate-client-resume-client 59 60 [1-renegotiate-client-resume-server] 61 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 62 CipherString = DEFAULT 63 MaxProtocol = TLSv1.2 64 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 65 66 [1-renegotiate-client-resume-client] 67 CipherString = DEFAULT 68 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 69 VerifyMode = Peer 70 71 [test-1] 72 ExpectedResult = Success 73 HandshakeMode = RenegotiateClient 74 Method = TLS 75 ResumptionExpected = Yes 76 77 78 # =========================================================== 79 80 [2-renegotiate-server-no-resume] 81 ssl_conf = 2-renegotiate-server-no-resume-ssl 82 83 [2-renegotiate-server-no-resume-ssl] 84 server = 2-renegotiate-server-no-resume-server 85 client = 2-renegotiate-server-no-resume-client 86 87 [2-renegotiate-server-no-resume-server] 88 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 89 CipherString = DEFAULT 90 MaxProtocol = TLSv1.2 91 Options = NoResumptionOnRenegotiation 92 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 93 94 [2-renegotiate-server-no-resume-client] 95 CipherString = DEFAULT 96 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 97 VerifyMode = Peer 98 99 [test-2] 100 ExpectedResult = Success 101 HandshakeMode = RenegotiateServer 102 Method = TLS 103 ResumptionExpected = No 104 105 106 # =========================================================== 107 108 [3-renegotiate-server-resume] 109 ssl_conf = 3-renegotiate-server-resume-ssl 110 111 [3-renegotiate-server-resume-ssl] 112 server = 3-renegotiate-server-resume-server 113 client = 3-renegotiate-server-resume-client 114 115 [3-renegotiate-server-resume-server] 116 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 117 CipherString = DEFAULT 118 MaxProtocol = TLSv1.2 119 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 120 121 [3-renegotiate-server-resume-client] 122 CipherString = DEFAULT 123 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 124 VerifyMode = Peer 125 126 [test-3] 127 ExpectedResult = Success 128 HandshakeMode = RenegotiateServer 129 Method = TLS 130 ResumptionExpected = Yes 131 132 133 # =========================================================== 134 135 [4-renegotiate-client-auth-require] 136 ssl_conf = 4-renegotiate-client-auth-require-ssl 137 138 [4-renegotiate-client-auth-require-ssl] 139 server = 4-renegotiate-client-auth-require-server 140 client = 4-renegotiate-client-auth-require-client 141 142 [4-renegotiate-client-auth-require-server] 143 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 144 CipherString = DEFAULT 145 MaxProtocol = TLSv1.2 146 Options = NoResumptionOnRenegotiation 147 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 148 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 149 VerifyMode = Require 150 151 [4-renegotiate-client-auth-require-client] 152 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 153 CipherString = DEFAULT 154 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 155 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 156 VerifyMode = Peer 157 158 [test-4] 159 ExpectedResult = Success 160 HandshakeMode = RenegotiateServer 161 Method = TLS 162 ResumptionExpected = No 163 164 165 # =========================================================== 166 167 [5-renegotiate-client-auth-once] 168 ssl_conf = 5-renegotiate-client-auth-once-ssl 169 170 [5-renegotiate-client-auth-once-ssl] 171 server = 5-renegotiate-client-auth-once-server 172 client = 5-renegotiate-client-auth-once-client 173 174 [5-renegotiate-client-auth-once-server] 175 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 176 CipherString = DEFAULT 177 MaxProtocol = TLSv1.2 178 Options = NoResumptionOnRenegotiation 179 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 180 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 181 VerifyMode = Once 182 183 [5-renegotiate-client-auth-once-client] 184 Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 185 CipherString = DEFAULT 186 PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 187 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 188 VerifyMode = Peer 189 190 [test-5] 191 ExpectedResult = Success 192 HandshakeMode = RenegotiateServer 193 Method = TLS 194 ResumptionExpected = No 195 196 197 # =========================================================== 198 199 [6-renegotiate-client-legacy-connect] 200 ssl_conf = 6-renegotiate-client-legacy-connect-ssl 201 202 [6-renegotiate-client-legacy-connect-ssl] 203 server = 6-renegotiate-client-legacy-connect-server 204 client = 6-renegotiate-client-legacy-connect-client 205 206 [6-renegotiate-client-legacy-connect-server] 207 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 208 CipherString = DEFAULT 209 MaxProtocol = TLSv1.2 210 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 211 212 [6-renegotiate-client-legacy-connect-client] 213 CipherString = DEFAULT 214 Options = UnsafeLegacyServerConnect 215 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 216 VerifyMode = Peer 217 218 [test-6] 219 ExpectedResult = Success 220 HandshakeMode = RenegotiateClient 221 Method = TLS 222 ResumptionExpected = Yes 223 224 225 # =========================================================== 226 227 [7-renegotiate-aead-to-non-aead] 228 ssl_conf = 7-renegotiate-aead-to-non-aead-ssl 229 230 [7-renegotiate-aead-to-non-aead-ssl] 231 server = 7-renegotiate-aead-to-non-aead-server 232 client = 7-renegotiate-aead-to-non-aead-client 233 234 [7-renegotiate-aead-to-non-aead-server] 235 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 236 CipherString = DEFAULT 237 Options = NoResumptionOnRenegotiation 238 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 239 240 [7-renegotiate-aead-to-non-aead-client] 241 CipherString = AES128-GCM-SHA256 242 MaxProtocol = TLSv1.2 243 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 244 VerifyMode = Peer 245 246 [test-7] 247 ExpectedResult = Success 248 HandshakeMode = RenegotiateClient 249 Method = TLS 250 ResumptionExpected = No 251 client = 7-renegotiate-aead-to-non-aead-client-extra 252 253 [7-renegotiate-aead-to-non-aead-client-extra] 254 RenegotiateCiphers = AES128-SHA 255 256 257 # =========================================================== 258 259 [8-renegotiate-non-aead-to-aead] 260 ssl_conf = 8-renegotiate-non-aead-to-aead-ssl 261 262 [8-renegotiate-non-aead-to-aead-ssl] 263 server = 8-renegotiate-non-aead-to-aead-server 264 client = 8-renegotiate-non-aead-to-aead-client 265 266 [8-renegotiate-non-aead-to-aead-server] 267 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 268 CipherString = DEFAULT 269 Options = NoResumptionOnRenegotiation 270 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 271 272 [8-renegotiate-non-aead-to-aead-client] 273 CipherString = AES128-SHA 274 MaxProtocol = TLSv1.2 275 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 276 VerifyMode = Peer 277 278 [test-8] 279 ExpectedResult = Success 280 HandshakeMode = RenegotiateClient 281 Method = TLS 282 ResumptionExpected = No 283 client = 8-renegotiate-non-aead-to-aead-client-extra 284 285 [8-renegotiate-non-aead-to-aead-client-extra] 286 RenegotiateCiphers = AES128-GCM-SHA256 287 288 289 # =========================================================== 290 291 [9-renegotiate-non-aead-to-non-aead] 292 ssl_conf = 9-renegotiate-non-aead-to-non-aead-ssl 293 294 [9-renegotiate-non-aead-to-non-aead-ssl] 295 server = 9-renegotiate-non-aead-to-non-aead-server 296 client = 9-renegotiate-non-aead-to-non-aead-client 297 298 [9-renegotiate-non-aead-to-non-aead-server] 299 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 300 CipherString = DEFAULT 301 Options = NoResumptionOnRenegotiation 302 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 303 304 [9-renegotiate-non-aead-to-non-aead-client] 305 CipherString = AES128-SHA 306 MaxProtocol = TLSv1.2 307 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 308 VerifyMode = Peer 309 310 [test-9] 311 ExpectedResult = Success 312 HandshakeMode = RenegotiateClient 313 Method = TLS 314 ResumptionExpected = No 315 client = 9-renegotiate-non-aead-to-non-aead-client-extra 316 317 [9-renegotiate-non-aead-to-non-aead-client-extra] 318 RenegotiateCiphers = AES256-SHA 319 320 321 # =========================================================== 322 323 [10-renegotiate-aead-to-aead] 324 ssl_conf = 10-renegotiate-aead-to-aead-ssl 325 326 [10-renegotiate-aead-to-aead-ssl] 327 server = 10-renegotiate-aead-to-aead-server 328 client = 10-renegotiate-aead-to-aead-client 329 330 [10-renegotiate-aead-to-aead-server] 331 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 332 CipherString = DEFAULT 333 Options = NoResumptionOnRenegotiation 334 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 335 336 [10-renegotiate-aead-to-aead-client] 337 CipherString = AES128-GCM-SHA256 338 MaxProtocol = TLSv1.2 339 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 340 VerifyMode = Peer 341 342 [test-10] 343 ExpectedResult = Success 344 HandshakeMode = RenegotiateClient 345 Method = TLS 346 ResumptionExpected = No 347 client = 10-renegotiate-aead-to-aead-client-extra 348 349 [10-renegotiate-aead-to-aead-client-extra] 350 RenegotiateCiphers = AES256-GCM-SHA384 351 352 353 # =========================================================== 354 355 [11-no-renegotiation-server-by-client] 356 ssl_conf = 11-no-renegotiation-server-by-client-ssl 357 358 [11-no-renegotiation-server-by-client-ssl] 359 server = 11-no-renegotiation-server-by-client-server 360 client = 11-no-renegotiation-server-by-client-client 361 362 [11-no-renegotiation-server-by-client-server] 363 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 364 CipherString = DEFAULT 365 MaxProtocol = TLSv1.2 366 Options = NoRenegotiation 367 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 368 369 [11-no-renegotiation-server-by-client-client] 370 CipherString = DEFAULT 371 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 372 VerifyMode = Peer 373 374 [test-11] 375 ExpectedResult = ClientFail 376 HandshakeMode = RenegotiateClient 377 Method = TLS 378 ResumptionExpected = No 379 380 381 # =========================================================== 382 383 [12-no-renegotiation-server-by-server] 384 ssl_conf = 12-no-renegotiation-server-by-server-ssl 385 386 [12-no-renegotiation-server-by-server-ssl] 387 server = 12-no-renegotiation-server-by-server-server 388 client = 12-no-renegotiation-server-by-server-client 389 390 [12-no-renegotiation-server-by-server-server] 391 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 392 CipherString = DEFAULT 393 MaxProtocol = TLSv1.2 394 Options = NoRenegotiation 395 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 396 397 [12-no-renegotiation-server-by-server-client] 398 CipherString = DEFAULT 399 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 400 VerifyMode = Peer 401 402 [test-12] 403 ExpectedResult = ServerFail 404 HandshakeMode = RenegotiateServer 405 Method = TLS 406 ResumptionExpected = No 407 408 409 # =========================================================== 410 411 [13-no-renegotiation-client-by-server] 412 ssl_conf = 13-no-renegotiation-client-by-server-ssl 413 414 [13-no-renegotiation-client-by-server-ssl] 415 server = 13-no-renegotiation-client-by-server-server 416 client = 13-no-renegotiation-client-by-server-client 417 418 [13-no-renegotiation-client-by-server-server] 419 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 420 CipherString = DEFAULT 421 MaxProtocol = TLSv1.2 422 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 423 424 [13-no-renegotiation-client-by-server-client] 425 CipherString = DEFAULT 426 Options = NoRenegotiation 427 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 428 VerifyMode = Peer 429 430 [test-13] 431 ExpectedResult = ServerFail 432 HandshakeMode = RenegotiateServer 433 Method = TLS 434 ResumptionExpected = No 435 436 437 # =========================================================== 438 439 [14-no-renegotiation-client-by-client] 440 ssl_conf = 14-no-renegotiation-client-by-client-ssl 441 442 [14-no-renegotiation-client-by-client-ssl] 443 server = 14-no-renegotiation-client-by-client-server 444 client = 14-no-renegotiation-client-by-client-client 445 446 [14-no-renegotiation-client-by-client-server] 447 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 448 CipherString = DEFAULT 449 MaxProtocol = TLSv1.2 450 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 451 452 [14-no-renegotiation-client-by-client-client] 453 CipherString = DEFAULT 454 Options = NoRenegotiation 455 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 456 VerifyMode = Peer 457 458 [test-14] 459 ExpectedResult = ClientFail 460 HandshakeMode = RenegotiateClient 461 Method = TLS 462 ResumptionExpected = No 463 464 465 # =========================================================== 466 467 [15-no-extms-on-renegotiation] 468 ssl_conf = 15-no-extms-on-renegotiation-ssl 469 470 [15-no-extms-on-renegotiation-ssl] 471 server = 15-no-extms-on-renegotiation-server 472 client = 15-no-extms-on-renegotiation-client 473 474 [15-no-extms-on-renegotiation-server] 475 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 476 CipherString = DEFAULT 477 MaxProtocol = TLSv1.2 478 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 479 480 [15-no-extms-on-renegotiation-client] 481 CipherString = DEFAULT 482 MaxProtocol = TLSv1.2 483 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 484 VerifyMode = Peer 485 486 [test-15] 487 ExpectedResult = ServerFail 488 HandshakeMode = RenegotiateClient 489 Method = TLS 490 ResumptionExpected = No 491 client = 15-no-extms-on-renegotiation-client-extra 492 493 [15-no-extms-on-renegotiation-client-extra] 494 RenegotiateNoExtms = Yes 495 496 497 # =========================================================== 498 499 [16-allow-client-renegotiation] 500 ssl_conf = 16-allow-client-renegotiation-ssl 501 502 [16-allow-client-renegotiation-ssl] 503 server = 16-allow-client-renegotiation-server 504 client = 16-allow-client-renegotiation-client 505 506 [16-allow-client-renegotiation-server] 507 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 508 CipherString = DEFAULT 509 MaxProtocol = TLSv1.2 510 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 511 512 [16-allow-client-renegotiation-client] 513 CipherString = DEFAULT 514 MaxProtocol = TLSv1.2 515 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 516 VerifyMode = Peer 517 518 [test-16] 519 ExpectedResult = Success 520 HandshakeMode = RenegotiateClient 521 Method = TLS 522 ResumptionExpected = Yes 523 524 525 # =========================================================== 526 527 [17-no-client-renegotiation] 528 ssl_conf = 17-no-client-renegotiation-ssl 529 530 [17-no-client-renegotiation-ssl] 531 server = 17-no-client-renegotiation-server 532 client = 17-no-client-renegotiation-client 533 534 [17-no-client-renegotiation-server] 535 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 536 CipherString = DEFAULT 537 MaxProtocol = TLSv1.2 538 Options = -ClientRenegotiation 539 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 540 541 [17-no-client-renegotiation-client] 542 CipherString = DEFAULT 543 MaxProtocol = TLSv1.2 544 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 545 VerifyMode = Peer 546 547 [test-17] 548 ExpectedResult = ClientFail 549 ExpectedServerAlert = NoRenegotiation 550 HandshakeMode = RenegotiateClient 551 Method = TLS 552 ResumptionExpected = No 553 554 555
Indexes created Sat Apr 25 00:22:52 UTC 2026