1# -*- mode: perl; -*- 2# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. 3# 4# Licensed under the OpenSSL license (the "License"). You may not use 5# this file except in compliance with the License. You can obtain a copy 6# in the file LICENSE in the source distribution or at 7# https://www.openssl.org/source/license.html 8 9 10## Test version negotiation 11 12use strict; 13use warnings; 14 15package ssltests; 16 17 18our @tests = ( 19 { 20 name => "ct-permissive-without-scts", 21 server => { }, 22 client => { 23 extra => { 24 "CTValidation" => "Permissive", 25 }, 26 }, 27 test => { 28 "ExpectedResult" => "Success", 29 }, 30 }, 31 { 32 name => "ct-permissive-with-scts", 33 server => { 34 "Certificate" => test_pem("embeddedSCTs1.pem"), 35 "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), 36 }, 37 client => { 38 "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), 39 extra => { 40 "CTValidation" => "Permissive", 41 }, 42 }, 43 test => { 44 "ExpectedResult" => "Success", 45 }, 46 }, 47 { 48 name => "ct-strict-without-scts", 49 server => { }, 50 client => { 51 extra => { 52 "CTValidation" => "Strict", 53 }, 54 }, 55 test => { 56 "ExpectedResult" => "ClientFail", 57 "ExpectedClientAlert" => "HandshakeFailure", 58 }, 59 }, 60 { 61 name => "ct-strict-with-scts", 62 server => { 63 "Certificate" => test_pem("embeddedSCTs1.pem"), 64 "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), 65 }, 66 client => { 67 "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), 68 extra => { 69 "CTValidation" => "Strict", 70 }, 71 }, 72 test => { 73 "ExpectedResult" => "Success", 74 }, 75 }, 76 { 77 name => "ct-permissive-resumption", 78 server => { 79 "Certificate" => test_pem("embeddedSCTs1.pem"), 80 "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), 81 }, 82 client => { 83 "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), 84 extra => { 85 "CTValidation" => "Permissive", 86 }, 87 }, 88 test => { 89 "HandshakeMode" => "Resume", 90 "ResumptionExpected" => "Yes", 91 "ExpectedResult" => "Success", 92 }, 93 }, 94 { 95 name => "ct-strict-resumption", 96 server => { 97 "Certificate" => test_pem("embeddedSCTs1.pem"), 98 "PrivateKey" => test_pem("embeddedSCTs1-key.pem"), 99 }, 100 client => { 101 "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"), 102 extra => { 103 "CTValidation" => "Strict", 104 }, 105 }, 106 # SCTs are not present during resumption, so the resumption 107 # should succeed. 108 resume_client => { 109 extra => { 110 "CTValidation" => "Strict", 111 }, 112 }, 113 test => { 114 "HandshakeMode" => "Resume", 115 "ResumptionExpected" => "Yes", 116 "ExpectedResult" => "Success", 117 }, 118 }, 119); 120