tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

sslauth.txt (9565B)

      1 # This Source Code Form is subject to the terms of the Mozilla Public
      2 # License, v. 2.0. If a copy of the MPL was not distributed with this
      3 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
      4 #
      5 # This file defines the tests for client auth.
      6 #
      7 #        expected
      8 # Enable  return  server     client                         Test Case name
      9 #  ECC     value  params     params
     10 # ------- ------  ------     ------                         ---------------
     11  noECC     0       -r           -V_ssl3:tls1.2_-w_nss_-n_none           TLS Request don't require client auth (client does not provide auth)
     12  noECC     0       -r           -V_ssl3:tls1.2_-w_bogus_-n_TestUser     TLS Request don't require client auth (bad password)
     13  noECC     0       -r           -V_ssl3:tls1.2_-w_nss_-n_TestUser       TLS Request don't require client auth (client auth)
     14  noECC    254      -r_-r        -V_ssl3:tls1.2_-w_nss_-n_none           TLS Require client auth (client does not provide auth)
     15  noECC    254      -r_-r        -V_ssl3:tls1.2_-w_bogus_-n_TestUser     TLS Require client auth (bad password)
     16  noECC     0       -r_-r        -V_ssl3:tls1.2_-w_nss_-n_TestUser_      TLS Require client auth (client auth)
     17  noECC     0       -r           -V_ssl3:ssl3_-w_nss_-n_none        SSL3 Request don't require client auth (client does not provide auth)
     18  noECC     0       -r           -V_ssl3:ssl3_-n_TestUser_-w_bogus  SSL3 Request don't require client auth (bad password)
     19  noECC     0       -r           -V_ssl3:ssl3_-n_TestUser_-w_nss    SSL3 Request don't require client auth (client auth)
     20  noECC    254      -r_-r        -V_ssl3:ssl3_-w_nss_-n_none        SSL3 Require client auth (client does not provide auth)
     21  noECC    254      -r_-r        -V_ssl3:ssl3_-n_TestUser_-w_bogus  SSL3 Require client auth (bad password)
     22  noECC     0       -r_-r        -V_ssl3:ssl3_-n_TestUser_-w_nss    SSL3 Require client auth (client auth)
     23  noECC     0       -r_-r_-r     -V_ssl3:tls1.2_-w_nss_-n_none        TLS Request don't require client auth on 2nd hs (client does not provide auth)
     24  noECC     0       -r_-r_-r     -V_ssl3:tls1.2_-w_bogus_-n_TestUser  TLS Request don't require client auth on 2nd hs (bad password)
     25  noECC     0       -r_-r_-r     -V_ssl3:tls1.2_-w_nss_-n_TestUser    TLS Request don't require client auth on 2nd hs (client auth)
     26  noECC     1       -r_-r_-r_-r  -V_ssl3:tls1.2_-w_nss_-n_none        TLS Require client auth on 2nd hs (client does not provide auth)
     27  noECC     1       -r_-r_-r_-r  -V_ssl3:tls1.2_-w_bogus_-n_TestUser  TLS Require client auth on 2nd hs (bad password)
     28  noECC     0       -r_-r_-r_-r  -V_ssl3:tls1.2_-w_nss_-n_TestUser    TLS Require client auth on 2nd hs (client auth)
     29  noECC     0       -r_-r_-r     -V_ssl3:tls1.0_-w_nss_-n_none        TLS 1.0 Request don't require client auth on 2nd hs (client does not provide auth)
     30  noECC     0       -r_-r_-r     -V_ssl3:tls1.0_-w_bogus_-n_TestUser  TLS 1.0 Request don't require client auth on 2nd hs (bad password)
     31  noECC     0       -r_-r_-r     -V_ssl3:tls1.0_-w_nss_-n_TestUser    TLS 1.0 Request don't require client auth on 2nd hs (client auth)
     32  noECC     1       -r_-r_-r_-r  -V_ssl3:tls1.0_-w_nss_-n_none        TLS 1.0 Require client auth on 2nd hs (client does not provide auth)
     33  noECC     1       -r_-r_-r_-r  -V_ssl3:tls1.0_-w_bogus_-n_TestUser  TLS 1.0 Require client auth on 2nd hs (bad password)
     34  noECC     0       -r_-r_-r_-r  -V_ssl3:tls1.0_-w_nss_-n_TestUser    TLS 1.0 Require client auth on 2nd hs (client auth)
     35  noECC     0       -r_-r_-r     -V_ssl3:ssl3_-w_nss_-n_none     SSL3 Request don't require client auth on 2nd hs (client does not provide auth)
     36  noECC     0       -r_-r_-r     -V_ssl3:ssl3_-n_TestUser_-w_bogus SSL3 Request don't require client auth on 2nd hs (bad password)
     37  noECC     0       -r_-r_-r     -V_ssl3:ssl3_-n_TestUser_-w_nss SSL3 Request don't require client auth on 2nd hs (client auth)
     38  noECC     1       -r_-r_-r_-r  -V_ssl3:ssl3_-w_nss_-n_none     SSL3 Require client auth on 2nd hs (client does not provide auth)
     39  noECC     1       -r_-r_-r_-r  -V_ssl3:ssl3_-n_TestUser_-w_bogus SSL3 Require client auth on 2nd hs (bad password)
     40  noECC     0       -r_-r_-r_-r  -V_ssl3:ssl3_-n_TestUser_-w_nss SSL3 Require client auth on 2nd hs (client auth)
     41  noECC     0       -r_-r_-r_-E  -V_tls1.3:tls1.3_-E_-n_TestUser_-w_nss TLS 1.3 Request don't require client auth on post hs (client auth)
     42  noECC     0       -r_-r_-r_-r_-E  -V_tls1.3:tls1.3_-E_-n_TestUser_-w_nss TLS 1.3 Require client auth on post hs (client auth)
     43  noECC     0       -r_-r_-r_-E  -V_tls1.3:tls1.3_-E_-n_none_-w_nss TLS 1.3 Request don't require client auth on post hs (client does not provide auth)
     44  noECC     1       -r_-r_-r_-r_-E  -V_tls1.3:tls1.3_-E_-n_none_-w_nss TLS 1.3 Require client auth on post hs (client does not provide auth)
     45  noECC     0       -r_-r_-r_-E_-u  -V_tls1.3:tls1.3_-E_-n_TestUser_-w_nss TLS 1.3 Request don't require client auth on post hs with session ticket (client auth)
     46  noECC     0       -r_-r_-J_rsa\\_pkcs1\\_sha256     -V_tls1.2:_-w_nss   TLS 1.2 Require client auth auto select(RSA) (client auth)
     47 #
     48 # Use EC cert for client authentication
     49 #
     50   ECC      0       -r           -V_ssl3:tls1.2_-w_bogus_-n_TestUser-ec  TLS Request don't require client auth (EC) (bad password)
     51   ECC      0       -r           -V_ssl3:tls1.2_-w_nss_-n_TestUser-ec    TLS Request don't require client auth (EC) (client auth)
     52   ECC     254      -r_-r        -V_ssl3:tls1.2_-w_bogus_-n_TestUser-ec  TLS Require client auth (EC) (bad password)
     53   ECC      0       -r_-r        -V_ssl3:tls1.2_-w_nss_-n_TestUser-ec_   TLS Require client auth (EC) (client auth)
     54   ECC      0       -r           -V_ssl3:ssl3_-n_TestUser-ec_-w_bogus    SSL3 Request don't require client auth (EC) (bad password)
     55   ECC      0       -r           -V_ssl3:ssl3_-n_TestUser-ec_-w_nss      SSL3 Request don't require client auth (EC) (client auth)
     56   ECC     254      -r_-r        -V_ssl3:ssl3_-n_TestUser-ec_-w_bogus    SSL3 Require client auth (EC) (bad password)
     57   ECC      0       -r_-r        -V_ssl3:ssl3_-n_TestUser-ec_-w_nss      SSL3 Require client auth (EC) (client auth)
     58   ECC      0       -r_-r_-r     -V_ssl3:tls1.2_-w_bogus_-n_TestUser-ec  TLS Request don't require client auth on 2nd hs (EC) (bad password)
     59   ECC      0       -r_-r_-r     -V_ssl3:tls1.2_-w_nss_-n_TestUser-ec    TLS Request don't require client auth on 2nd hs (EC) (client auth)
     60   ECC      1       -r_-r_-r_-r  -V_ssl3:tls1.2_-w_bogus_-n_TestUser-ec  TLS Require client auth on 2nd hs (EC) (bad password)
     61   ECC      0       -r_-r_-r_-r  -V_ssl3:tls1.2_-w_nss_-n_TestUser-ec_   TLS Require client auth on 2nd hs (EC) (client auth)
     62   ECC      0       -r_-r_-r     -V_ssl3:tls1.0_-w_bogus_-n_TestUser-ec  TLS 1.0 Request don't require client auth on 2nd hs (EC) (bad password)
     63   ECC      0       -r_-r_-r     -V_ssl3:tls1.0_-w_nss_-n_TestUser-ec    TLS 1.0 Request don't require client auth on 2nd hs (EC) (client auth)
     64   ECC      1       -r_-r_-r_-r  -V_ssl3:tls1.0_-w_bogus_-n_TestUser-ec  TLS 1.0 Require client auth on 2nd hs (EC) (bad password)
     65   ECC      0       -r_-r_-r_-r  -V_ssl3:tls1.0_-w_nss_-n_TestUser-ec_   TLS 1.0 Require client auth on 2nd hs (EC) (client auth)
     66   ECC      0       -r_-r_-r     -V_ssl3:ssl3_-n_TestUser-ec_-w_bogus    SSL3 Request don't require client auth on 2nd hs (EC) (bad password)
     67   ECC      0       -r_-r_-r     -V_ssl3:ssl3_-n_TestUser-ec_-w_nss      SSL3 Request don't require client auth on 2nd hs (EC) (client auth)
     68   ECC      1       -r_-r_-r_-r  -V_ssl3:ssl3_-n_TestUser-ec_-w_bogus    SSL3 Require client auth on 2nd hs (EC) (bad password)
     69   ECC      0       -r_-r_-r_-r  -V_ssl3:ssl3_-n_TestUser-ec_-w_nss      SSL3 Require client auth on 2nd hs (EC) (client auth)
     70   ECC      0       -r_-r_-J_ecdsa\\_secp256r1\\_sha256    -V_tls1.2:_-w_nss   TLS 1.2 Require client auth auto select(EC) (client auth)
     71   ECC      0       -r_-r_-J_ecdsa\\_secp256r1\\_sha256,ecdsa\\_secp384r1\\_sha384 -V_tls1.3:_-w_nss   TLS 1.3 Require client auth auto select (EC) (client auth)
     72 #
     73 # SNI Tests
     74 #
     75  SNI     0       -r_-a_Host-sni.Dom       -V_ssl3:tls1.2_-w_nss_-n_TestUser                          TLS Server hello response without SNI
     76  SNI     0       -r_-a_Host-sni.Dom       -V_ssl3:tls1.2_-c_v_-w_nss_-n_TestUser_-a_Host-sni.Dom     TLS Server hello response with SNI
     77  SNI     1       -r_-a_Host-sni.Dom       -V_ssl3:tls1.2_-c_v_-w_nss_-n_TestUser_-a_Host-sni1.Dom    TLS Server response with alert
     78  SNI     0       -r_-a_Host-sni.Dom       -V_ssl3:ssl3_-w_nss_-n_TestUser                  SSL3 Server hello response without SNI
     79  SNI     1       -r_-a_Host-sni.Dom       -V_ssl3:ssl3_-c_v_-w_nss_-n_TestUser_-a_Host-sni.Dom  SSL3 Server hello response with SNI: SSL don't have SH extensions
     80  SNI     0       -r_-r_-r_-a_Host-sni.Dom -V_ssl3:tls1.2_-w_nss_-n_TestUser                          TLS Server hello response without SNI
     81  SNI     0       -r_-r_-r_-a_Host-sni.Dom -V_ssl3:tls1.2_-c_v_-w_nss_-n_TestUser_-a_Host-sni.Dom     TLS Server hello response with SNI
     82  SNI     1       -r_-r_-r_-a_Host-sni.Dom -V_ssl3:tls1.2_-w_nss_-n_TestUser_-a_Host-sni.Dom_-a_Host.Dom TLS Server hello response with SNI: Change name on 2d HS
     83  SNI     1       -r_-r_-r_-a_Host-sni.Dom -V_ssl3:tls1.2_-c_v_-w_nss_-n_TestUser_-a_Host-sni.Dom_-a_Host-sni1.Dom TLS Server hello response with SNI: Change name to invalid 2d HS
     84  SNI     1       -r_-r_-r_-a_Host-sni.Dom -V_ssl3:tls1.2_-c_v_-w_nss_-n_TestUser_-a_Host-sni1.Dom    TLS Server response with alert