Add submodule dependency filesHEAD master

Change-Id: Iaf8d18082d3991dec7c0ebbea540f092188eb4ec
author: Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com> 2023-10-10 14:33:42 +0000
committer: Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com> 2023-10-10 14:33:42 +0000
commit: af1a266670d040d2f4083ff309d732d648afba2a (patch)
tree: 2fc46203448ddcc6f81546d379abfaeb323575e9 /roms/edk2/CryptoPkg/Library/OpensslLib/openssl/test/ssl-tests/03-custom_verify.conf.in
parent: e02cda008591317b1625707ff8e115a4841aa889 (diff)
1 files changed, 145 insertions, 0 deletions
diff --git a/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/test/ssl-tests/03-custom_verify.conf.in b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/test/ssl-tests/03-custom_verify.conf.in
new file mode 100644
index 000000000..287ca9bc8
--- /dev/null
+++ b/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/test/ssl-tests/03-custom_verify.conf.in
@@ -0,0 +1,145 @@
+# -*- mode: perl; -*-
+# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+## SSL test configurations
+
+package ssltests;
+
+our @tests = (
+
+    # Sanity-check that verification indeed succeeds without the
+    # restrictive callback.
+    {
+        name => "verify-success",
+        server => { },
+        client => { },
+        test   => { "ExpectedResult" => "Success" },
+    },
+
+    # Same test as above but with a custom callback that always fails.
+    {
+        name => "verify-custom-reject",
+        server => { },
+        client => {
+            extra => {
+                "VerifyCallback" => "RejectAll",
+            },
+        },
+        test   => {
+            "ExpectedResult" => "ClientFail",
+            "ExpectedClientAlert" => "HandshakeFailure",
+        },
+    },
+
+    # Same test as above but with a custom callback that always succeeds.
+    {
+        name => "verify-custom-allow",
+        server => { },
+        client => {
+            extra => {
+                "VerifyCallback" => "AcceptAll",
+            },
+        },
+        test   => {
+            "ExpectedResult" => "Success",
+        },
+    },
+
+    # Sanity-check that verification indeed succeeds if peer verification
+    # is not requested.
+    {
+        name => "noverify-success",
+        server => { },
+        client => {
+            "VerifyMode" => undef,
+            "VerifyCAFile" => undef,
+        },
+        test   => { "ExpectedResult" => "Success" },
+    },
+
+    # Same test as above but with a custom callback that always fails.
+    # The callback return has no impact on handshake success in this mode.
+    {
+        name => "noverify-ignore-custom-reject",
+        server => { },
+        client => {
+            "VerifyMode" => undef,
+            "VerifyCAFile" => undef,
+            extra => {
+                "VerifyCallback" => "RejectAll",
+            },
+        },
+        test   => {
+            "ExpectedResult" => "Success",
+        },
+    },
+
+    # Same test as above but with a custom callback that always succeeds.
+    # The callback return has no impact on handshake success in this mode.
+    {
+        name => "noverify-accept-custom-allow",
+        server => { },
+        client => {
+            "VerifyMode" => undef,
+            "VerifyCAFile" => undef,
+            extra => {
+                "VerifyCallback" => "AcceptAll",
+            },
+        },
+        test   => {
+            "ExpectedResult" => "Success",
+        },
+    },
+
+    # Sanity-check that verification indeed fails without the
+    # permissive callback.
+    {
+        name => "verify-fail-no-root",
+        server => { },
+        client => {
+            # Don't set up the client root file.
+            "VerifyCAFile" => undef,
+        },
+        test   => {
+          "ExpectedResult" => "ClientFail",
+          "ExpectedClientAlert" => "UnknownCA",
+        },
+    },
+
+    # Same test as above but with a custom callback that always succeeds.
+    {
+        name => "verify-custom-success-no-root",
+        server => { },
+        client => {
+            "VerifyCAFile" => undef,
+            extra => {
+                "VerifyCallback" => "AcceptAll",
+            },
+        },
+        test   => {
+            "ExpectedResult" => "Success"
+        },
+    },
+
+    # Same test as above but with a custom callback that always fails.
+    {
+        name => "verify-custom-fail-no-root",
+        server => { },
+        client => {
+            "VerifyCAFile" => undef,
+            extra => {
+                "VerifyCallback" => "RejectAll",
+            },
+        },
+        test   => {
+            "ExpectedResult" => "ClientFail",
+            "ExpectedClientAlert" => "HandshakeFailure",
+        },
+    },
+);
author	Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com>	2023-10-10 14:33:42 +0000
committer	Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com>	2023-10-10 14:33:42 +0000
commit	af1a266670d040d2f4083ff309d732d648afba2a (patch)
tree	2fc46203448ddcc6f81546d379abfaeb323575e9 /roms/edk2/CryptoPkg/Library/OpensslLib/openssl/test/ssl-tests/03-custom_verify.conf.in
parent	e02cda008591317b1625707ff8e115a4841aa889 (diff)