xref: /netbsd-src/crypto/external/bsd/openssl/dist/test/ssl-tests/03-custom_verify.cnf (revision b0d1725196a7921d003d2c66a14f186abda4176b) 
1*b0d17251Schristos# Generated with generate_ssl_tests.pl
2*b0d17251Schristos
3*b0d17251Schristosnum_tests = 10
4*b0d17251Schristos
5*b0d17251Schristostest-0 = 0-verify-success
6*b0d17251Schristostest-1 = 1-verify-custom-reject
7*b0d17251Schristostest-2 = 2-verify-custom-allow
8*b0d17251Schristostest-3 = 3-verify-custom-retry
9*b0d17251Schristostest-4 = 4-noverify-success
10*b0d17251Schristostest-5 = 5-noverify-ignore-custom-reject
11*b0d17251Schristostest-6 = 6-noverify-accept-custom-allow
12*b0d17251Schristostest-7 = 7-verify-fail-no-root
13*b0d17251Schristostest-8 = 8-verify-custom-success-no-root
14*b0d17251Schristostest-9 = 9-verify-custom-fail-no-root
15*b0d17251Schristos# ===========================================================
16*b0d17251Schristos
17*b0d17251Schristos[0-verify-success]
18*b0d17251Schristosssl_conf = 0-verify-success-ssl
19*b0d17251Schristos
20*b0d17251Schristos[0-verify-success-ssl]
21*b0d17251Schristosserver = 0-verify-success-server
22*b0d17251Schristosclient = 0-verify-success-client
23*b0d17251Schristos
24*b0d17251Schristos[0-verify-success-server]
25*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
26*b0d17251SchristosCipherString = DEFAULT
27*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
28*b0d17251Schristos
29*b0d17251Schristos[0-verify-success-client]
30*b0d17251SchristosCipherString = DEFAULT
31*b0d17251SchristosVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
32*b0d17251SchristosVerifyMode = Peer
33*b0d17251Schristos
34*b0d17251Schristos[test-0]
35*b0d17251SchristosExpectedResult = Success
36*b0d17251Schristos
37*b0d17251Schristos
38*b0d17251Schristos# ===========================================================
39*b0d17251Schristos
40*b0d17251Schristos[1-verify-custom-reject]
41*b0d17251Schristosssl_conf = 1-verify-custom-reject-ssl
42*b0d17251Schristos
43*b0d17251Schristos[1-verify-custom-reject-ssl]
44*b0d17251Schristosserver = 1-verify-custom-reject-server
45*b0d17251Schristosclient = 1-verify-custom-reject-client
46*b0d17251Schristos
47*b0d17251Schristos[1-verify-custom-reject-server]
48*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
49*b0d17251SchristosCipherString = DEFAULT
50*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
51*b0d17251Schristos
52*b0d17251Schristos[1-verify-custom-reject-client]
53*b0d17251SchristosCipherString = DEFAULT
54*b0d17251SchristosVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
55*b0d17251SchristosVerifyMode = Peer
56*b0d17251Schristos
57*b0d17251Schristos[test-1]
58*b0d17251SchristosExpectedClientAlert = HandshakeFailure
59*b0d17251SchristosExpectedResult = ClientFail
60*b0d17251Schristosclient = 1-verify-custom-reject-client-extra
61*b0d17251Schristos
62*b0d17251Schristos[1-verify-custom-reject-client-extra]
63*b0d17251SchristosVerifyCallback = RejectAll
64*b0d17251Schristos
65*b0d17251Schristos
66*b0d17251Schristos# ===========================================================
67*b0d17251Schristos
68*b0d17251Schristos[2-verify-custom-allow]
69*b0d17251Schristosssl_conf = 2-verify-custom-allow-ssl
70*b0d17251Schristos
71*b0d17251Schristos[2-verify-custom-allow-ssl]
72*b0d17251Schristosserver = 2-verify-custom-allow-server
73*b0d17251Schristosclient = 2-verify-custom-allow-client
74*b0d17251Schristos
75*b0d17251Schristos[2-verify-custom-allow-server]
76*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
77*b0d17251SchristosCipherString = DEFAULT
78*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
79*b0d17251Schristos
80*b0d17251Schristos[2-verify-custom-allow-client]
81*b0d17251SchristosCipherString = DEFAULT
82*b0d17251SchristosVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
83*b0d17251SchristosVerifyMode = Peer
84*b0d17251Schristos
85*b0d17251Schristos[test-2]
86*b0d17251SchristosExpectedResult = Success
87*b0d17251Schristosclient = 2-verify-custom-allow-client-extra
88*b0d17251Schristos
89*b0d17251Schristos[2-verify-custom-allow-client-extra]
90*b0d17251SchristosVerifyCallback = AcceptAll
91*b0d17251Schristos
92*b0d17251Schristos
93*b0d17251Schristos# ===========================================================
94*b0d17251Schristos
95*b0d17251Schristos[3-verify-custom-retry]
96*b0d17251Schristosssl_conf = 3-verify-custom-retry-ssl
97*b0d17251Schristos
98*b0d17251Schristos[3-verify-custom-retry-ssl]
99*b0d17251Schristosserver = 3-verify-custom-retry-server
100*b0d17251Schristosclient = 3-verify-custom-retry-client
101*b0d17251Schristos
102*b0d17251Schristos[3-verify-custom-retry-server]
103*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
104*b0d17251SchristosCipherString = DEFAULT
105*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
106*b0d17251Schristos
107*b0d17251Schristos[3-verify-custom-retry-client]
108*b0d17251SchristosCipherString = DEFAULT
109*b0d17251SchristosVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
110*b0d17251SchristosVerifyMode = Peer
111*b0d17251Schristos
112*b0d17251Schristos[test-3]
113*b0d17251SchristosExpectedResult = Success
114*b0d17251Schristosclient = 3-verify-custom-retry-client-extra
115*b0d17251Schristos
116*b0d17251Schristos[3-verify-custom-retry-client-extra]
117*b0d17251SchristosVerifyCallback = RetryOnce
118*b0d17251Schristos
119*b0d17251Schristos
120*b0d17251Schristos# ===========================================================
121*b0d17251Schristos
122*b0d17251Schristos[4-noverify-success]
123*b0d17251Schristosssl_conf = 4-noverify-success-ssl
124*b0d17251Schristos
125*b0d17251Schristos[4-noverify-success-ssl]
126*b0d17251Schristosserver = 4-noverify-success-server
127*b0d17251Schristosclient = 4-noverify-success-client
128*b0d17251Schristos
129*b0d17251Schristos[4-noverify-success-server]
130*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
131*b0d17251SchristosCipherString = DEFAULT
132*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
133*b0d17251Schristos
134*b0d17251Schristos[4-noverify-success-client]
135*b0d17251SchristosCipherString = DEFAULT
136*b0d17251Schristos
137*b0d17251Schristos[test-4]
138*b0d17251SchristosExpectedResult = Success
139*b0d17251Schristos
140*b0d17251Schristos
141*b0d17251Schristos# ===========================================================
142*b0d17251Schristos
143*b0d17251Schristos[5-noverify-ignore-custom-reject]
144*b0d17251Schristosssl_conf = 5-noverify-ignore-custom-reject-ssl
145*b0d17251Schristos
146*b0d17251Schristos[5-noverify-ignore-custom-reject-ssl]
147*b0d17251Schristosserver = 5-noverify-ignore-custom-reject-server
148*b0d17251Schristosclient = 5-noverify-ignore-custom-reject-client
149*b0d17251Schristos
150*b0d17251Schristos[5-noverify-ignore-custom-reject-server]
151*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
152*b0d17251SchristosCipherString = DEFAULT
153*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
154*b0d17251Schristos
155*b0d17251Schristos[5-noverify-ignore-custom-reject-client]
156*b0d17251SchristosCipherString = DEFAULT
157*b0d17251Schristos
158*b0d17251Schristos[test-5]
159*b0d17251SchristosExpectedResult = Success
160*b0d17251Schristosclient = 5-noverify-ignore-custom-reject-client-extra
161*b0d17251Schristos
162*b0d17251Schristos[5-noverify-ignore-custom-reject-client-extra]
163*b0d17251SchristosVerifyCallback = RejectAll
164*b0d17251Schristos
165*b0d17251Schristos
166*b0d17251Schristos# ===========================================================
167*b0d17251Schristos
168*b0d17251Schristos[6-noverify-accept-custom-allow]
169*b0d17251Schristosssl_conf = 6-noverify-accept-custom-allow-ssl
170*b0d17251Schristos
171*b0d17251Schristos[6-noverify-accept-custom-allow-ssl]
172*b0d17251Schristosserver = 6-noverify-accept-custom-allow-server
173*b0d17251Schristosclient = 6-noverify-accept-custom-allow-client
174*b0d17251Schristos
175*b0d17251Schristos[6-noverify-accept-custom-allow-server]
176*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
177*b0d17251SchristosCipherString = DEFAULT
178*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
179*b0d17251Schristos
180*b0d17251Schristos[6-noverify-accept-custom-allow-client]
181*b0d17251SchristosCipherString = DEFAULT
182*b0d17251Schristos
183*b0d17251Schristos[test-6]
184*b0d17251SchristosExpectedResult = Success
185*b0d17251Schristosclient = 6-noverify-accept-custom-allow-client-extra
186*b0d17251Schristos
187*b0d17251Schristos[6-noverify-accept-custom-allow-client-extra]
188*b0d17251SchristosVerifyCallback = AcceptAll
189*b0d17251Schristos
190*b0d17251Schristos
191*b0d17251Schristos# ===========================================================
192*b0d17251Schristos
193*b0d17251Schristos[7-verify-fail-no-root]
194*b0d17251Schristosssl_conf = 7-verify-fail-no-root-ssl
195*b0d17251Schristos
196*b0d17251Schristos[7-verify-fail-no-root-ssl]
197*b0d17251Schristosserver = 7-verify-fail-no-root-server
198*b0d17251Schristosclient = 7-verify-fail-no-root-client
199*b0d17251Schristos
200*b0d17251Schristos[7-verify-fail-no-root-server]
201*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
202*b0d17251SchristosCipherString = DEFAULT
203*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
204*b0d17251Schristos
205*b0d17251Schristos[7-verify-fail-no-root-client]
206*b0d17251SchristosCipherString = DEFAULT
207*b0d17251SchristosVerifyMode = Peer
208*b0d17251Schristos
209*b0d17251Schristos[test-7]
210*b0d17251SchristosExpectedClientAlert = UnknownCA
211*b0d17251SchristosExpectedResult = ClientFail
212*b0d17251Schristos
213*b0d17251Schristos
214*b0d17251Schristos# ===========================================================
215*b0d17251Schristos
216*b0d17251Schristos[8-verify-custom-success-no-root]
217*b0d17251Schristosssl_conf = 8-verify-custom-success-no-root-ssl
218*b0d17251Schristos
219*b0d17251Schristos[8-verify-custom-success-no-root-ssl]
220*b0d17251Schristosserver = 8-verify-custom-success-no-root-server
221*b0d17251Schristosclient = 8-verify-custom-success-no-root-client
222*b0d17251Schristos
223*b0d17251Schristos[8-verify-custom-success-no-root-server]
224*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
225*b0d17251SchristosCipherString = DEFAULT
226*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
227*b0d17251Schristos
228*b0d17251Schristos[8-verify-custom-success-no-root-client]
229*b0d17251SchristosCipherString = DEFAULT
230*b0d17251SchristosVerifyMode = Peer
231*b0d17251Schristos
232*b0d17251Schristos[test-8]
233*b0d17251SchristosExpectedResult = Success
234*b0d17251Schristosclient = 8-verify-custom-success-no-root-client-extra
235*b0d17251Schristos
236*b0d17251Schristos[8-verify-custom-success-no-root-client-extra]
237*b0d17251SchristosVerifyCallback = AcceptAll
238*b0d17251Schristos
239*b0d17251Schristos
240*b0d17251Schristos# ===========================================================
241*b0d17251Schristos
242*b0d17251Schristos[9-verify-custom-fail-no-root]
243*b0d17251Schristosssl_conf = 9-verify-custom-fail-no-root-ssl
244*b0d17251Schristos
245*b0d17251Schristos[9-verify-custom-fail-no-root-ssl]
246*b0d17251Schristosserver = 9-verify-custom-fail-no-root-server
247*b0d17251Schristosclient = 9-verify-custom-fail-no-root-client
248*b0d17251Schristos
249*b0d17251Schristos[9-verify-custom-fail-no-root-server]
250*b0d17251SchristosCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
251*b0d17251SchristosCipherString = DEFAULT
252*b0d17251SchristosPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
253*b0d17251Schristos
254*b0d17251Schristos[9-verify-custom-fail-no-root-client]
255*b0d17251SchristosCipherString = DEFAULT
256*b0d17251SchristosVerifyMode = Peer
257*b0d17251Schristos
258*b0d17251Schristos[test-9]
259*b0d17251SchristosExpectedClientAlert = HandshakeFailure
260*b0d17251SchristosExpectedResult = ClientFail
261*b0d17251Schristosclient = 9-verify-custom-fail-no-root-client-extra
262*b0d17251Schristos
263*b0d17251Schristos[9-verify-custom-fail-no-root-client-extra]
264*b0d17251SchristosVerifyCallback = RejectAll
265*b0d17251Schristos
266*b0d17251Schristos
267