2 "commandFile" : "../build/brssl",
3 "commandArgs" : "twrch {0}",
4 "chainRSA" : "conf/rsacert.pem",
5 "skeyRSA" : "conf/rsakey.pem",
6 "chainEC" : "conf/eccert.pem",
7 "skeyEC" : "conf/eckey.pem",
8 "noCloseNotify" : false,
10 "TLS10", "TLS11", "TLS12"
13 "ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
14 "ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
15 "ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
16 "ECDHE_RSA_WITH_AES_128_GCM_SHA256",
17 "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
18 "ECDHE_RSA_WITH_AES_256_GCM_SHA384",
19 "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
20 "ECDHE_RSA_WITH_AES_128_CBC_SHA256",
21 "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
22 "ECDHE_RSA_WITH_AES_256_CBC_SHA384",
23 "ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
24 "ECDHE_RSA_WITH_AES_128_CBC_SHA",
25 "ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
26 "ECDHE_RSA_WITH_AES_256_CBC_SHA",
28 "ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
29 "ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
30 "ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
31 "ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
32 "ECDH_ECDSA_WITH_AES_128_CBC_SHA",
33 "ECDH_ECDSA_WITH_AES_256_CBC_SHA",
35 "RSA_WITH_AES_128_GCM_SHA256",
36 "RSA_WITH_AES_256_GCM_SHA384",
37 "RSA_WITH_AES_128_CBC_SHA256",
38 "RSA_WITH_AES_256_CBC_SHA256",
39 "RSA_WITH_AES_128_CBC_SHA",
40 "RSA_WITH_AES_256_CBC_SHA",
41 "RSA_WITH_3DES_EDE_CBC_SHA",
43 "ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
44 "ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
45 "ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
68 "comment" : "The peer should initiate a clean close",
72 "name" : "renegotiateNormal",
73 "comment" : "Normal renegotiation triggered from our side",
74 "renegotiate" : "true"
77 "name" : "peerRenegotiateNormal",
78 "comment" : "Normal renegotiation triggered by the peer",
79 "askRenegotiate" : "true"
82 "name" : "noSecureReneg",
83 "comment" : "Not sending secure renegotiation; renegotiation attempts should be rejected by the peer.",
84 "renegotiate" : "false",
86 "noSecureReneg" : "true"
90 "name" : "forceEmptySecureReneg",
91 "comment" : "Forcing empty Secure Renegotiation extension. This should be OK for first handshake, then fail during renegotiation.",
92 "renegotiate" : "true",
93 "expectedExitCode" : 1,
94 "expectedFailure" : "Unexpected transport closure",
96 "forceEmptySecureReneg" : "true"
100 "name" : "forceNonEmptySecureReneg",
101 "comment" : "A non-empty Secure Renegotiation extension is sent during the first handshake. The peer should call foul play and abort.",
102 "expectedExitCode" : 1,
103 "expectedFailure" : "Unexpected transport closure",
105 "forceNonEmptySecureReneg" : "true"
109 "name" : "alterNonEmptySecureReneg",
110 "comment" : "The Secure Renegotiation extension contents are altered during second handshake (but the length is preserved). The peer should abort.",
111 "renegotiate" : "true",
112 "expectedExitCode" : 1,
113 "expectedFailure" : "Unexpected transport closure",
115 "alterNonEmptySecureReneg" : "true"
119 "name" : "oversizedSecureReneg",
120 "comment" : "The Secure Renegotiation extension contents are much bigger than normal. The peer should abort.",
121 "expectedExitCode" : 1,
122 "expectedFailure" : "Unexpected transport closure",
124 "oversizedSecureReneg" : "true"
128 "name" : "recordSplitHalf",
129 "comment" : "All records of length 2 or more are split into two halves.",
131 "recordSplitMode" : "half:20,21,22,23"
135 "name" : "recordSplitZeroBefore",
136 "comment" : "All records are preceded with a zero-length record.",
138 "recordSplitMode" : "zero_before:20,21,22,23"
142 "name" : "recordSplitZeroHalf",
143 "comment" : "All records of length 2 or more are split into two halves, and a zero-length record is inserted between the two halves..",
145 "recordSplitMode" : "zero_half:20,21,22,23"
149 "name" : "recordSplitOneStart",
150 "comment" : "The first byte of each record of length 2 or more is separated into its own record.",
152 "recordSplitMode" : "one_start:20,21,22,23"
156 "name" : "recordSplitOneEnd",
157 "comment" : "The last byte of each record of length 2 or more is separated into its own record.",
159 "recordSplitMode" : "one_end:20,21,22,23"
163 "name" : "recordSplitMultiOne",
164 "comment" : "All records are split into individual records of length 1.",
166 "recordSplitMode" : "multi_one:20,21,22,23"
170 "name" : "emptyHandshake1",
171 "comment" : "An extra empty handshake message is inserted before the first application data record.",
173 "thresholdZeroHandshake" : 1
177 "name" : "emptyHandshake2",
178 "comment" : "An extra empty handshake message is inserted before the second application data record.",
180 "thresholdZeroHandshake" : 2
184 "name" : "emptyAppData1",
185 "comment" : "An extra empty handshake message is inserted before the first handshake record.",
187 "thresholdZeroAppData" : 1
191 "name" : "emptyAppData2",
192 "comment" : "An extra empty handshake message is inserted before the second handshake record.",
194 "thresholdZeroAppData" : 2
198 "name" : "extraServerExtension",
199 "comment" : "An extra extension is added in the ServerHello. Client should reject it. BearSSL closes the connection, so the server gets an unexpected transport closure.",
200 "clientOnly" : "true",
201 "expectedExitCode" : 1,
202 "expectedFailure" : "Unexpected transport closure",
204 "sendExtraExtension" : "0xA7C0"
208 "name" : "extraClientExtension",
209 "comment" : "An extra extension is added in the ClientHello. Server should ignore it.",
210 "serverOnly" : "true",
212 "sendExtraExtension" : "0xA7C0"
216 "name" : "reconnectSelf",
217 "comment" : "Connection is closed and reconnection is performed; the session should be resumed.",
221 "name" : "reconnectPeer",
222 "comment" : "Peer is tasked with closing then reconnecting; the session should be resumed.",
226 "name" : "reconnectSelfForgetSelf",
227 "comment" : "Connection is closed and reconnection is performed. Previous session if forgotten on our part.",
228 "reconnect" : "self",
232 "name" : "reconnectSelfForgetPeer",
233 "comment" : "Peer should forget session. Then we close and reconnect.",
234 "reconnect" : "self",
238 "name" : "reconnectPeerForgetSelf",
239 "comment" : "We forget the session. Peer should close and reconnect.",
240 "reconnect" : "peer",
244 "name" : "reconnectPeerForgetPeer",
245 "comment" : "Peer should forget session. Peer should close and reconnect.",
246 "reconnect" : "peer",