NONE
client authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 w/o (EC)DHE via BIO pair
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with 1024bit DHE via BIO pair
Available compression methods:
NONE
DONE via BIO pair: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with client authentication via BIO pair
Available compression methods:
NONE
client authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication via BIO pair
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
Available compression methods:
NONE
client authentication
server authentication
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x7fffe06ef1e0 a cert? 0x0xa68850
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x7fffe06ef1c0 a cert? 0x0xa6c800
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ciphersuites
Testing ciphersuites for TLSv1.2
Testing AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES256-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 NULL-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
dh
Testing DHE-RSA-AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES256-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
testing connection with weak DH, expecting failure
Available compression methods:
NONE
ERROR in CLIENT
139702087071376:error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small:s3_clnt.c:3635:
TLSv1.2, cipher (NONE) (NONE), 1024 bit RSA
1 handshakes of 256 bytes done
ec
Testing ECDHE-RSA-AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES256-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ciphersuites for SSLv3
Testing AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing CAMELLIA256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 CAMELLIA256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing SEED-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 SEED-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing CAMELLIA128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 CAMELLIA128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing IDEA-CBC-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 IDEA-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing RC4-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 RC4-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing RC4-MD5
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 RC4-MD5, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 NULL-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-MD5
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 NULL-MD5, 1024 bit RSA
1 handshakes of 256 bytes done
dh
Testing DHE-RSA-AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-CAMELLIA256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-SEED-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-SEED-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-CAMELLIA128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing EDH-RSA-DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
testing connection with weak DH, expecting failure
Available compression methods:
NONE
ERROR in CLIENT
139666787894928:error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small:s3_clnt.c:3635:
SSLv3, cipher (NONE) (NONE), 1024 bit RSA
1 handshakes of 256 bytes done
ec
Testing ECDHE-RSA-AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-RC4-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-RC4-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-NULL-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-NULL-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
dh
test tls1 with 1024bit anonymous DH, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
rsa
test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
dh
test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
test tls1 with PSK
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 PSK-AES256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with PSK via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 PSK-AES256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with custom extensions
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with serverinfo
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
srp
test tls1 with SRP
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-RSA-AES-256-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with SRP via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-RSA-AES-256-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with SRP auth
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-AES-256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with SRP auth via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-AES-256-CBC-SHA
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'C' proved invalid
ERROR in CLIENT
139813863089808:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264:
SSLv3, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2 via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv3 via BIO pair
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication via BIO pair
Available compression methods:
NONE
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with client authentication via BIO pair
Available compression methods:
NONE
client authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with both client and server authentication via BIO pair
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 via BIO pair
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1
Available compression methods:
NONE
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2
Available compression methods:
NONE
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 w/o (EC)DHE via BIO pair
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with 1024bit DHE via BIO pair
Available compression methods:
NONE
DONE via BIO pair: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with client authentication via BIO pair
Available compression methods:
NONE
client authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication via BIO pair
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = B
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
Available compression methods:
NONE
client authentication
server authentication
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x7ffe86b94310 a cert? 0x0x89f850
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x7ffe86b942f0 a cert? 0x0x8a37a0
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ciphersuites
Testing ciphersuites for TLSv1.2
Testing AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES256-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 NULL-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
dh
Testing DHE-RSA-AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES256-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
testing connection with weak DH, expecting failure
Available compression methods:
NONE
ERROR in CLIENT
140184939148944:error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small:s3_clnt.c:3635:
TLSv1.2, cipher (NONE) (NONE), 1024 bit RSA
1 handshakes of 256 bytes done
ec
Testing ECDHE-RSA-AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES256-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ciphersuites for SSLv3
Testing AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing CAMELLIA256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 CAMELLIA256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing SEED-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 SEED-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing CAMELLIA128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 CAMELLIA128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing IDEA-CBC-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 IDEA-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing RC4-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 RC4-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing RC4-MD5
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 RC4-MD5, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 NULL-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-MD5
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 NULL-MD5, 1024 bit RSA
1 handshakes of 256 bytes done
dh
Testing DHE-RSA-AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-CAMELLIA256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-SEED-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-SEED-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-CAMELLIA128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing EDH-RSA-DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
testing connection with weak DH, expecting failure
Available compression methods:
NONE
ERROR in CLIENT
140299827857040:error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small:s3_clnt.c:3635:
SSLv3, cipher (NONE) (NONE), 1024 bit RSA
1 handshakes of 256 bytes done
ec
Testing ECDHE-RSA-AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-RC4-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-RC4-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-NULL-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-NULL-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
dh
test tls1 with 1024bit anonymous DH, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
rsa
test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
dh
test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
test tls1 with PSK
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 PSK-AES256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with PSK via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 PSK-AES256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with custom extensions
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with serverinfo
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
srp
test tls1 with SRP
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-RSA-AES-256-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with SRP via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-RSA-AES-256-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with SRP auth
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-AES-256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with SRP auth via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-AES-256-CBC-SHA
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = C
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = none
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = none
Proxy rights check with condition 'A' proved invalid
ERROR in CLIENT
140305004730000:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264:
SSLv3, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = C
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = none
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = none
Proxy rights check with condition 'B' proved invalid
ERROR in CLIENT
139909619971728:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264:
SSLv3, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = C
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = none
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = none
Proxy rights check with condition 'C' proved invalid
ERROR in CLIENT
140632876340880:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264:
SSLv3, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = C
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = none
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = none
Proxy rights check with condition 'A|B&!C' proved invalid
ERROR in CLIENT
139930835629712:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264:
SSLv3, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A' proved invalid
ERROR in CLIENT
139777494378128:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264:
SSLv3, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2 via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv3 via BIO pair
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication via BIO pair
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with client authentication via BIO pair
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with both client and server authentication via BIO pair
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 via BIO pair
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1
Available compression methods:
NONE
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2
Available compression methods:
NONE
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 w/o (EC)DHE via BIO pair
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with 1024bit DHE via BIO pair
Available compression methods:
NONE
DONE via BIO pair: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with client authentication via BIO pair
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication via BIO pair
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'B' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
Available compression methods:
NONE
client authentication
server authentication
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x7ffc5ece7d90 a cert? 0x0x11d4430
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x7ffc5ece7d70 a cert? 0x0x11d8840
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ciphersuites
Testing ciphersuites for TLSv1.2
Testing AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES256-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 NULL-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
dh
Testing DHE-RSA-AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES256-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
testing connection with weak DH, expecting failure
Available compression methods:
NONE
ERROR in CLIENT
139762280162960:error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small:s3_clnt.c:3635:
TLSv1.2, cipher (NONE) (NONE), 1024 bit RSA
1 handshakes of 256 bytes done
ec
Testing ECDHE-RSA-AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES256-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ciphersuites for SSLv3
Testing AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing CAMELLIA256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 CAMELLIA256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing SEED-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 SEED-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing CAMELLIA128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 CAMELLIA128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing IDEA-CBC-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 IDEA-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing RC4-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 RC4-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing RC4-MD5
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 RC4-MD5, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 NULL-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-MD5
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 NULL-MD5, 1024 bit RSA
1 handshakes of 256 bytes done
dh
Testing DHE-RSA-AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-CAMELLIA256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-SEED-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-SEED-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-CAMELLIA128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing EDH-RSA-DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
testing connection with weak DH, expecting failure
Available compression methods:
NONE
ERROR in CLIENT
139990127826576:error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small:s3_clnt.c:3635:
SSLv3, cipher (NONE) (NONE), 1024 bit RSA
1 handshakes of 256 bytes done
ec
Testing ECDHE-RSA-AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-RC4-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-RC4-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-NULL-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-NULL-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
dh
test tls1 with 1024bit anonymous DH, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
rsa
test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
dh
test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
test tls1 with PSK
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 PSK-AES256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with PSK via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 PSK-AES256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with custom extensions
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with serverinfo
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
srp
test tls1 with SRP
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-RSA-AES-256-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with SRP via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-RSA-AES-256-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with SRP auth
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-AES-256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with SRP auth via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-AES-256-CBC-SHA
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'C' proved invalid
ERROR in CLIENT
140074666882704:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264:
SSLv3, cipher (NONE) (NONE)
1 handshakes of 256 bytes done
test sslv2
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication
Testing was requested for a disabled protocol. Skipping tests.
test sslv3
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2 via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with server authentication via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with client authentication via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv2 with both client and server authentication via BIO pair
Testing was requested for a disabled protocol. Skipping tests.
test sslv3 via BIO pair
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with server authentication via BIO pair
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with client authentication via BIO pair
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv3 with both client and server authentication via BIO pair
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 via BIO pair
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1
Available compression methods:
NONE
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2
Available compression methods:
NONE
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with client authentication
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test dtlsv1.2 with both client and server authentication
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
DTLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 w/o (EC)DHE via BIO pair
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with 1024bit DHE via BIO pair
Available compression methods:
NONE
DONE via BIO pair: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with server authentication
Available compression methods:
NONE
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with client authentication via BIO pair
Available compression methods:
NONE
client authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication via BIO pair
Available compression methods:
NONE
client authentication
server authentication
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
Initial proxy rights = BC
depth=3 /C=AU/O=Dodgy Brothers/CN=Dodgy CA
depth=2 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2
depth=1 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1
Certificate proxy rights = AB, resulting proxy rights = B
depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
Certificate proxy rights = BC, resulting proxy rights = B
Proxy rights check with condition 'A|B&!C' proved valid
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
Available compression methods:
NONE
client authentication
server authentication
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x7ffd628bac50 a cert? 0x0x19ffb10
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
In app_verify_callback, allowing cert. Arg is: Test Callback Argument
Finished printing do we have a context? 0x0x7ffd628bac30 a cert? 0x0x1a03800
cert depth=0 /C=AU/O=Dodgy Brothers/CN=Brother 1/CN=Brother 2/CN=Proxy 1/CN=Proxy 2
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ciphersuites
Testing ciphersuites for TLSv1.2
Testing AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES256-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES256-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 NULL-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
dh
Testing DHE-RSA-AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES256-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
testing connection with weak DH, expecting failure
Available compression methods:
NONE
ERROR in CLIENT
139821467616912:error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small:s3_clnt.c:3635:
TLSv1.2, cipher (NONE) (NONE), 1024 bit RSA
1 handshakes of 256 bytes done
ec
Testing ECDHE-RSA-AES256-GCM-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES256-SHA384
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-GCM-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-GCM-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-SHA256
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-SHA256, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ciphersuites for SSLv3
Testing AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing CAMELLIA256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 CAMELLIA256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing SEED-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 SEED-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing CAMELLIA128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 CAMELLIA128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing IDEA-CBC-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 IDEA-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing RC4-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 RC4-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing RC4-MD5
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 RC4-MD5, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 NULL-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing NULL-MD5
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 NULL-MD5, 1024 bit RSA
1 handshakes of 256 bytes done
dh
Testing DHE-RSA-AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-CAMELLIA256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-SEED-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-SEED-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing DHE-RSA-CAMELLIA128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing EDH-RSA-DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 EDH-RSA-DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
testing connection with weak DH, expecting failure
Available compression methods:
NONE
ERROR in CLIENT
139890060613264:error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small:s3_clnt.c:3635:
SSLv3, cipher (NONE) (NONE), 1024 bit RSA
1 handshakes of 256 bytes done
ec
Testing ECDHE-RSA-AES256-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-AES128-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-AES128-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-RC4-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-RC4-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-DES-CBC3-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-DES-CBC3-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Testing ECDHE-RSA-NULL-SHA
Available compression methods:
NONE
SSLv3, cipher TLSv1/SSLv3 ECDHE-RSA-NULL-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
dh
test tls1 with 1024bit anonymous DH, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ADH-AES256-SHA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
rsa
test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
dh
test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
Available compression methods:
NONE
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
DONE via BIO pair: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
10 handshakes of 256 bytes done
Approximate total server time: 0.01 s
Approximate total client time: 0.01 s
test tls1 with PSK
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 PSK-AES256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with PSK via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 PSK-AES256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with custom extensions
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with serverinfo
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Servername 2 is NULL
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
Available compression methods:
NONE
Switching server context.
TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
1 handshakes of 256 bytes done
srp
test tls1 with SRP
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-RSA-AES-256-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with SRP via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-RSA-AES-256-CBC-SHA, 1024 bit RSA
1 handshakes of 256 bytes done
test tls1 with SRP auth
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-AES-256-CBC-SHA
1 handshakes of 256 bytes done
test tls1 with SRP auth via BIO pair
Available compression methods:
NONE
TLSv1, cipher TLSv1/SSLv3 SRP-AES-256-CBC-SHA
1 handshakes of 256 bytes done
rsa
Setting up TSA test directory...
Creating CA for TSA tests...
Creating a new CA for the TSA tests...
Generating a 1024 bit RSA private key
..........................++++++
...++++++
writing new private key to 'tsacakey.pem'
-----
Creating tsa_cert1.pem TSA server cert...
Generating a 1024 bit RSA private key
......................................++++++
....................................................++++++
writing new private key to 'tsa_key1.pem'
-----
Using extension tsa_cert
Signature ok
subject=/C=HU/ST=Budapest/L=Buda/O=Hun-TSA Ltd./CN=tsa1
Getting CA Private Key
Creating tsa_cert2.pem non-TSA server cert...
Generating a 1024 bit RSA private key
............................................++++++
..++++++
writing new private key to 'tsa_key2.pem'
-----
Using extension non_tsa_cert
Signature ok
subject=/C=HU/ST=Budapest/L=Buda/O=Hun-TSA Ltd./CN=tsa2
Getting CA Private Key
Creating req1.req time stamp request for file testtsa...
Using configuration from ../CAtsa.cnf
Printing req1.req...
Using configuration from ../CAtsa.cnf
Version: 1
Hash Algorithm: sha1
Message data:
0000 - 48 44 c4 76 26 9d e5 5d-9c 67 1e 3b 0c ec b3 cd HD.v&..].g.;....
0010 - c5 b8 6e 67 ..ng
Policy OID: tsa_policy1
Nonce: 0x9541E39D517E25F2
Certificate required: yes
Extensions:
Generating valid response for req1.req...
Using configuration from ../CAtsa.cnf
Warning: could not open file ./tsa_serial for reading, using serial number: 1
Response has been generated.
Printing response...
Using configuration from ../CAtsa.cnf
Status info:
Status: Granted.
Status description: unspecified
Failure info: unspecified
TST info:
Version: 1
Policy OID: tsa_policy1
Hash Algorithm: sha1
Message data:
0000 - 48 44 c4 76 26 9d e5 5d-9c 67 1e 3b 0c ec b3 cd HD.v&..].g.;....
0010 - c5 b8 6e 67 ..ng
Serial number: 0x01
Time stamp: Apr 13 11:43:51 2017 GMT
Accuracy: 0x01 seconds, 0x01F4 millis, 0x64 micros
Ordering: yes
Nonce: 0x9541E39D517E25F2
TSA: DirName:/C=HU/ST=Budapest/L=Buda/O=Hun-TSA Ltd./CN=tsa1
Extensions:
Verifying valid response...
Verification: OK
Verification: OK
Verifying valid token...
Using configuration from ../CAtsa.cnf
Verification: OK
Verification: OK
Creating req2.req time stamp request for file testtsa...
Using configuration from ../CAtsa.cnf
Printing req2.req...
Using configuration from ../CAtsa.cnf
Version: 1
Hash Algorithm: sha1
Message data:
0000 - 48 44 c4 76 26 9d e5 5d-9c 67 1e 3b 0c ec b3 cd HD.v&..].g.;....
0010 - c5 b8 6e 67 ..ng
Policy OID: tsa_policy2
Nonce: unspecified
Certificate required: no
Extensions:
Generating valid response for req2.req...
Using configuration from ../CAtsa.cnf
Response has been generated.
Checking '-token_in' and '-token_out' options with '-reply'...
Using configuration from ../CAtsa.cnf
Using configuration from ../CAtsa.cnf
Using configuration from ../CAtsa.cnf
Version: 1
Policy OID: tsa_policy2
Hash Algorithm: sha1
Message data:
0000 - 48 44 c4 76 26 9d e5 5d-9c 67 1e 3b 0c ec b3 cd HD.v&..].g.;....
0010 - c5 b8 6e 67 ..ng
Serial number: 0x02
Time stamp: Apr 13 11:43:51 2017 GMT
Accuracy: 0x01 seconds, 0x01F4 millis, 0x64 micros
Ordering: yes
Nonce: unspecified
TSA: DirName:/C=HU/ST=Budapest/L=Buda/O=Hun-TSA Ltd./CN=tsa1
Extensions:
Using configuration from ../CAtsa.cnf
Version: 1
Policy OID: tsa_policy2
Hash Algorithm: sha1
Message data:
0000 - 48 44 c4 76 26 9d e5 5d-9c 67 1e 3b 0c ec b3 cd HD.v&..].g.;....
0010 - c5 b8 6e 67 ..ng
Serial number: 0x02
Time stamp: Apr 13 11:43:51 2017 GMT
Accuracy: 0x01 seconds, 0x01F4 millis, 0x64 micros
Ordering: yes
Nonce: unspecified
TSA: DirName:/C=HU/ST=Budapest/L=Buda/O=Hun-TSA Ltd./CN=tsa1
Extensions:
Using configuration from ../CAtsa.cnf
Response has been generated.
Version: 1
Policy OID: tsa_policy2
Hash Algorithm: sha1
Message data:
0000 - 48 44 c4 76 26 9d e5 5d-9c 67 1e 3b 0c ec b3 cd HD.v&..].g.;....
0010 - c5 b8 6e 67 ..ng
Serial number: 0x03
Time stamp: Apr 13 11:43:51 2017 GMT
Accuracy: 0x01 seconds, 0x01F4 millis, 0x64 micros
Ordering: yes
Nonce: unspecified
TSA: DirName:/C=HU/ST=Budapest/L=Buda/O=Hun-TSA Ltd./CN=tsa1
Extensions:
Printing response...
Using configuration from ../CAtsa.cnf
Status info:
Status: Granted.
Status description: unspecified
Failure info: unspecified
TST info:
Version: 1
Policy OID: tsa_policy2
Hash Algorithm: sha1
Message data:
0000 - 48 44 c4 76 26 9d e5 5d-9c 67 1e 3b 0c ec b3 cd HD.v&..].g.;....
0010 - c5 b8 6e 67 ..ng
Serial number: 0x02
Time stamp: Apr 13 11:43:51 2017 GMT
Accuracy: 0x01 seconds, 0x01F4 millis, 0x64 micros
Ordering: yes
Nonce: unspecified
TSA: DirName:/C=HU/ST=Budapest/L=Buda/O=Hun-TSA Ltd./CN=tsa1
Extensions:
Verifying valid response...
Verification: OK
Verification: OK
Verifying response against wrong request, it should fail...
140220458178192:error:2F06606C:time stamp routines:TS_CHECK_POLICY:policy mismatch:ts_rsp_verify.c:595:
Verification: FAILED
Ok
Verifying response against wrong request, it should fail...
140212357273232:error:2F06606C:time stamp routines:TS_CHECK_POLICY:policy mismatch:ts_rsp_verify.c:595:
Verification: FAILED
Ok
Creating req3.req time stamp request for file CAtsa.cnf...
Using configuration from ../CAtsa.cnf
Printing req3.req...
Using configuration from ../CAtsa.cnf
Version: 1
Hash Algorithm: sha1
Message data:
0000 - 1c b9 52 2b 5c 27 b0 ae-83 b8 b2 c1 6d 82 1a 7f ..R+\'......m...
0010 - db 63 45 e7 .cE.
Policy OID: unspecified
Nonce: unspecified
Certificate required: no
Extensions:
Verifying response against wrong request, it should fail...
139723209717392:error:2F064067:time stamp routines:TS_CHECK_IMPRINTS:message imprint mismatch:ts_rsp_verify.c:681:
Verification: FAILED
Ok
Cleaning up...
Test IGE mode
../util/shlib_wrap.sh ./igetest
Test JPAKE
../util/shlib_wrap.sh ./jpaketest
No JPAKE support
Test SRP
../util/shlib_wrap.sh ./srptest
Keys mismatch
N = EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3
g = 2
Salt = D96282BB49CAEF2E04144DE199CE6A7AD0444230
Verifier = BC3637ED76CDC52762BAD9576FB0F0602A200CA6908CC0AF0A106FF944B40D8D305BBC975CF1D2F0F4656DBBB5ABC4105BCC7EEB4F36C87B7EE83047ACF71C475D11D38316CFBD9A0146366C0CD608A7B08B9444905B963E7DA4B3408B72049B2A3DD0997963DAD8D9D9772D61193B46D9ADAAFEF984ACA18722139E9F51C27F
b = 81430F6AFED472D8AC419C3A6F99668DFB1A9B9679216A5A74049147F3F56D37
B = CD08DAFE90D8FE9A79F610E32EC87C17A577FA01A31036B1A06CF7C91DC3F54AEEBFA6B03D2D0C4BDB733AA68799A934943E06201AB86706184A0F1BDB1B0E98BF711369F50E81464C4C7A11AE970D36A45D7727B58920600958C86A68F550CAFD8F63155B4EF977D52F5523A281EAFECBC832D3FA08C8A84B3B8A932B03B77C
a = 5D3178730025051CB8E725D54129BD37860D4762D7EE3A04067915B45F80C872
A = 12CF0E20DBAF993001F196D7340AF753CF7E5F5C9D333CD2F7B18280EA8E767A5C2CA861F198C762E098BB18E114B3D4F90959A5E1B38B64F04143D5B2823D94B9E0BB8238C93858038466BBE065E18452937851D09AF455F97F5825CF1A966AD7AB6F7DCE41AFACB579B324FBBAC6F85DEB28EA56018096BD66B306946D1C3D
Client's key = 9B3918C0C32A26941A463C4E8AB0AC7B05783E65EDDA739F0265FA5F36F1AD6C8CE6BB1AE9A11999BD7B00E45F32B7751DBA6FE4435600DA6133FE0D6436A72B69A43B465552A01AE76D515D669D88709D3884C9F78453C7318EBD21926A1566A2CD9FFC23CA976621DD9BC5D405BC270B2F8DF3E416B208D0B7B38C3BEC002E
Server's key = 57F7DDFC29B1D38AABC5A3290CB5343C9544E1C0151046E0FD1E740F02E618D66550E7B9D382D8DC9F5E76F77BE20F7C9EEB31F8186E3472CA4C3C0799076B205099AB51A0AD6EA69482B356B758EB2E246E293B82347730CABC1FA3E4CD3E17550DDD08C673EA1FEBA6C6BA913C2E706372B7391C3A139599DFBCE97B717F55
N = EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE48E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B297BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9AFD5138FE8376435B9FC61D2FC0EB06E3
g = 2
Salt = B0A27B6C9837D2ECB32C4A6E3785877BD9C8A2D9
Verifier = BDE0C76FDDFA776EC2A799111831B7E06FDC40D7808CE7DDBC23BD30F926ABD736001CFFB8BB7D8BF17D1CEAC73FA4B357A89FA4BC8D40478FCBFBDC1EF5F461DD8EE9CAC2E5A6F61372F7715D51C005BF81A5EC6ADF80990A04B2D83CE307A1AF38DBAD33FD478B6CE059A0B8F364E928F08E8408808BE37D76823700870FC1
b = B25DD212B9EDE1145E4E41D434C22A45A4581E53BA48775854BED95B7C2EB5DC
B = 792D8E4937EE5FBFD258EBFBE883839C06A883A98AE284F6499C7152F0791F70E0E5ED445D81A1A022E14EB692E7E6DA58AC90DE0766C4D10CCD4E1895F0A136BC9676D4E68B546C1E36BEB03B0D2D28DC0F57B7A06A5C3B74D4B0552FA46CEACBBAD70498A4572A97FF4DC8EFE780F80BA2CDD47B60815C4FBF88EC725FABA7
a = 41CEF2A41E11DC8539278BB50344AD06C34A6BDF01E3FD5FE8B322977220BB41
A = 46AABD72D819EC20399160716FA1E47CB6C8D948801753E3626D66482E2EECF2105B3C0EEE3A0EFE53BEC67B807CA7C9A64C6149FB230C472257E87142FD64C1CBDAD00B2D839CD4F526F4530226C90C06D00A3E505A378F96A9C3E23F974A3FB15CBE6D8667BE540641E9EA88BAF1DB249C42FC85624230BBEE89F2334BD6FC
Client's key = 868000FFB8B597F192BA7901D7A0EBD8CAEA063EF51FCE1419FEC5D4BB2D35C27D1F684A0C6CE28D59F928D97C23C520D7C2B6879C3A05E6310D2F7ECD6CE0B0B0B7B3F08FE709BC01913B85AFBE431361F4CB12537B1810E7C34E9DE82349F77CB9DE4263E009AA17B675E7F106327DBEAD868F8F402C7991F3EEF71260242E
Server's key = 868000FFB8B597F192BA7901D7A0EBD8CAEA063EF51FCE1419FEC5D4BB2D35C27D1F684A0C6CE28D59F928D97C23C520D7C2B6879C3A05E6310D2F7ECD6CE0B0B0B7B3F08FE709BC01913B85AFBE431361F4CB12537B1810E7C34E9DE82349F77CB9DE4263E009AA17B675E7F106327DBEAD868F8F402C7991F3EEF71260242E
CMS consistency test
/usr/bin/perl cms-test.pl
CMS => PKCS#7 compatibility tests
signed content DER format, RSA key: OK
signed detached content DER format, RSA key: OK
signed content test streaming BER format, RSA: OK
signed content DER format, DSA key: OK
signed detached content DER format, DSA key: OK
signed detached content DER format, add RSA signer: OK
signed content test streaming BER format, DSA key: OK
signed content test streaming BER format, 2 DSA and 2 RSA keys: OK
signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK
signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: OK
signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys: OK
enveloped content test streaming S/MIME format, 3 recipients: OK
enveloped content test streaming S/MIME format, 3 recipients, 3rd used: OK
enveloped content test streaming S/MIME format, 3 recipients, key only used: OK
enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients: OK
CMS <= PKCS#7 compatibility tests
signed content DER format, RSA key: OK
signed detached content DER format, RSA key: OK
signed content test streaming BER format, RSA: OK
signed content DER format, DSA key: OK
signed detached content DER format, DSA key: OK
signed detached content DER format, add RSA signer: OK
signed content test streaming BER format, DSA key: OK
signed content test streaming BER format, 2 DSA and 2 RSA keys: OK
signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK
signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: OK
signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys: OK
enveloped content test streaming S/MIME format, 3 recipients: OK
enveloped content test streaming S/MIME format, 3 recipients, 3rd used: OK
enveloped content test streaming S/MIME format, 3 recipients, key only used: OK
enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients: OK
CMS <=> CMS consistency tests
signed content DER format, RSA key: OK
signed detached content DER format, RSA key: OK
signed content test streaming BER format, RSA: OK
signed content DER format, DSA key: OK
signed detached content DER format, DSA key: OK
signed detached content DER format, add RSA signer: OK
signed content test streaming BER format, DSA key: OK
signed content test streaming BER format, 2 DSA and 2 RSA keys: OK
signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes: OK
signed content test streaming S/MIME format, 2 DSA and 2 RSA keys: OK
signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys: OK
enveloped content test streaming S/MIME format, 3 recipients: OK
enveloped content test streaming S/MIME format, 3 recipients, 3rd used: OK
enveloped content test streaming S/MIME format, 3 recipients, key only used: OK
enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients: OK
signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid: OK
signed content test streaming PEM format, 2 DSA and 2 RSA keys: OK
signed content MIME format, RSA key, signed receipt request: OK
signed receipt MIME format, RSA key: OK
enveloped content test streaming S/MIME format, 3 recipients, keyid: OK
enveloped content test streaming PEM format, KEK: OK
enveloped content test streaming PEM format, KEK, key only: OK
data content test streaming PEM format: OK
encrypted content test streaming PEM format, 128 bit RC2 key: OK
encrypted content test streaming PEM format, 40 bit RC2 key: OK
encrypted content test streaming PEM format, triple DES key: OK
encrypted content test streaming PEM format, 128 bit AES key: OK
CMS <=> CMS consistency tests, modified key parameters
signed content test streaming PEM format, RSA keys, PSS signature: OK
signed content test streaming PEM format, RSA keys, PSS signature, no attributes: OK
signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1: OK
enveloped content test streaming S/MIME format, OAEP default parameters: OK
enveloped content test streaming S/MIME format, OAEP SHA256: OK
enveloped content test streaming S/MIME format, ECDH: OK
enveloped content test streaming S/MIME format, ECDH, key identifier: OK
enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF: OK
enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH: skipped, EC2M disabled
enveloped content test streaming S/MIME format, X9.42 DH: OK
Zlib not supported: compression tests skipped
ALL TESTS SUCCESSFUL.
Test OCSP
=== VALID OCSP RESPONSES ===
NON-DELEGATED; Intermediate CA -> EE
Response verify OK
NON-DELEGATED; Root CA -> Intermediate CA
Response verify OK
NON-DELEGATED; Root CA -> EE
Response verify OK
DELEGATED; Intermediate CA -> EE
Response verify OK
DELEGATED; Root CA -> Intermediate CA
Response verify OK
DELEGATED; Root CA -> EE
Response verify OK
=== INVALID SIGNATURE on the OCSP RESPONSE ===
NON-DELEGATED; Intermediate CA -> EE
Response Verify Failure
140402205910672:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
140402205910672:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
140402205910672:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140402205910672:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
NON-DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
139979387782800:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
139979387782800:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
139979387782800:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
139979387782800:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
NON-DELEGATED; Root CA -> EE
Response Verify Failure
139780260255376:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
139780260255376:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
139780260255376:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
139780260255376:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
DELEGATED; Intermediate CA -> EE
Response Verify Failure
140157996684944:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
140157996684944:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
140157996684944:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140157996684944:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
139869467866768:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
139869467866768:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
139869467866768:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
139869467866768:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
DELEGATED; Root CA -> EE
Response Verify Failure
140271318173328:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
140271318173328:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
140271318173328:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140271318173328:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
=== WRONG RESPONDERID in the OCSP RESPONSE ===
NON-DELEGATED; Intermediate CA -> EE
Response Verify Failure
140717471815312:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
NON-DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140307309950608:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
NON-DELEGATED; Root CA -> EE
Response Verify Failure
139754137347728:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
DELEGATED; Intermediate CA -> EE
Response Verify Failure
140184840042128:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140654868235920:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
DELEGATED; Root CA -> EE
Response Verify Failure
139693487785616:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
=== WRONG ISSUERNAMEHASH in the OCSP RESPONSE ===
NON-DELEGATED; Intermediate CA -> EE
Response Verify Failure
140568803202704:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140568803202704:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140568803202704:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
NON-DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140644133021328:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140644133021328:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140644133021328:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
NON-DELEGATED; Root CA -> EE
Response Verify Failure
140184434034320:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140184434034320:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140184434034320:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
DELEGATED; Intermediate CA -> EE
Response Verify Failure
140674048439952:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140674048439952:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140674048439952:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140492184704656:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140492184704656:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140492184704656:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
DELEGATED; Root CA -> EE
Response Verify Failure
140025810949776:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140025810949776:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140025810949776:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
=== WRONG ISSUERKEYHASH in the OCSP RESPONSE ===
NON-DELEGATED; Intermediate CA -> EE
Response Verify Failure
139994073527952:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
139994073527952:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
139994073527952:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
NON-DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140030368138896:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140030368138896:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140030368138896:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
NON-DELEGATED; Root CA -> EE
Response Verify Failure
140089068246672:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140089068246672:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140089068246672:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
DELEGATED; Intermediate CA -> EE
Response Verify Failure
140177792251536:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140177792251536:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140177792251536:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140483284739728:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140483284739728:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140483284739728:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
DELEGATED; Root CA -> EE
Response Verify Failure
140069714556560:error:04091068:rsa routines:INT_RSA_VERIFY:bad signature:rsa_sign.c:278:
140069714556560:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140069714556560:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
=== WRONG KEY in the DELEGATED OCSP SIGNING CERTIFICATE ===
DELEGATED; Intermediate CA -> EE
Response Verify Failure
140340952266384:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
139912558790288:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
DELEGATED; Root CA -> EE
Response Verify Failure
140637724984976:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
140637724984976:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
140637724984976:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140637724984976:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:ocsp_vfy.c:105:
=== INVALID SIGNATURE on the DELEGATED OCSP SIGNING CERTIFICATE ===
DELEGATED; Intermediate CA -> EE
Response Verify Failure
140382372742800:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
140382372742800:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
140382372742800:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140382372742800:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:138:Verify error:certificate signature failure
DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140317081573008:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
140317081573008:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
140317081573008:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140317081573008:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:138:Verify error:certificate signature failure
DELEGATED; Root CA -> EE
Response Verify Failure
139661168019088:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
139661168019088:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
139661168019088:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
139661168019088:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:138:Verify error:certificate signature failure
=== WRONG SUBJECT NAME in the ISSUER CERTIFICATE ===
NON-DELEGATED; Intermediate CA -> EE
Response Verify Failure
139687531677328:error:27069070:OCSP routines:OCSP_basic_verify:root ca not trusted:ocsp_vfy.c:166:
NON-DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140200352708240:error:27069070:OCSP routines:OCSP_basic_verify:root ca not trusted:ocsp_vfy.c:166:
NON-DELEGATED; Root CA -> EE
Response Verify Failure
139803926242960:error:27069070:OCSP routines:OCSP_basic_verify:root ca not trusted:ocsp_vfy.c:166:
DELEGATED; Intermediate CA -> EE
Response Verify Failure
140668542969488:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:138:Verify error:unable to get local issuer certificate
DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
139946237634192:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:138:Verify error:unable to get local issuer certificate
DELEGATED; Root CA -> EE
Response Verify Failure
140515077867152:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:138:Verify error:unable to get local issuer certificate
=== WRONG KEY in the ISSUER CERTIFICATE ===
NON-DELEGATED; Intermediate CA -> EE
Response Verify Failure
140230596740752:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
NON-DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140705256601232:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
NON-DELEGATED; Root CA -> EE
Response Verify Failure
140294478743184:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:92:
DELEGATED; Intermediate CA -> EE
Response Verify Failure
139867048208016:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
139867048208016:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
139867048208016:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
139867048208016:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:138:Verify error:certificate signature failure
DELEGATED; Root CA -> Intermediate CA
Response Verify Failure
140539710613136:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
140539710613136:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
140539710613136:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140539710613136:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:138:Verify error:certificate signature failure
DELEGATED; Root CA -> EE
Response Verify Failure
140157258413712:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:103:
140157258413712:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:705:
140157258413712:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:a_verify.c:218:
140157258413712:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:ocsp_vfy.c:138:Verify error:certificate signature failure
=== INVALID SIGNATURE on the ISSUER CERTIFICATE ===
NON-DELEGATED; Intermediate CA -> EE
Response verify OK
NON-DELEGATED; Root CA -> Intermediate CA
Response verify OK
NON-DELEGATED; Root CA -> EE
Response verify OK
DELEGATED; Intermediate CA -> EE
Response verify OK
DELEGATED; Root CA -> Intermediate CA
Response verify OK
DELEGATED; Root CA -> EE
Response verify OK
ALL OCSP TESTS SUCCESSFUL
Test X509v3_check_*
../util/shlib_wrap.sh ./v3nametest
../util/shlib_wrap.sh ./heartbeat_test
Test constant time utilites
../util/shlib_wrap.sh ./constant_time_test
Testing constant time operations...
ok (ran 1908 tests)
test_verify_extra
../util/shlib_wrap.sh ./verify_extra_test
PASS
test_clienthello
../util/shlib_wrap.sh ./clienthellotest
test_sslv2conftest
../util/shlib_wrap.sh ./sslv2conftest
SSLv2 CONF Test number 0
SSLv2 CONF Test number 1
SSLv2 CONF test: PASSED
test_dtls
../util/shlib_wrap.sh ./dtlstest ../apps/server.pem ../apps/server.pem
Starting Test 0
---- START OF PACKET ----
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: feff
** Record Epoch: 0
** Record Sequence: 000000000000
** Record Length: 103
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
*** Message Type: 1
*** Message Length: 91
*** Message sequence: 0
*** Message Fragment offset: 0
*** Message Fragment len: 91
**---- END OF HANDSHAKE MESSAGE FRAGMENT ----
*---- END OF RECORD ----
---- END OF PACKET ----
---- START OF PACKET ----
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: fefd
** Record Epoch: 1
** Record Sequence: 00000000000f
** Record Length: 22
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
**---- HANDSHAKE MESSAGE FRAGMENT ENCRYPTED ----
*---- END OF RECORD ----
---- END OF PACKET ----
---- START OF PACKET ----
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: fefd
** Record Epoch: 0
** Record Sequence: 000000000001
** Record Length: 243
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
*** Message Type: 16
*** Message Length: 258
*** Message sequence: 1
*** Message Fragment offset: 0
*** Message Fragment len: 231
**---- END OF HANDSHAKE MESSAGE FRAGMENT ----
*---- END OF RECORD ----
---- END OF PACKET ----
---- START OF PACKET ----
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: fefd
** Record Epoch: 0
** Record Sequence: 000000000002
** Record Length: 39
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
*** Message Type: 16
*** Message Length: 258
*** Message sequence: 1
*** Message Fragment offset: 231
*** Message Fragment len: 27
**---- END OF HANDSHAKE MESSAGE FRAGMENT ----
*---- END OF RECORD ----
*
*---- START OF RECORD ----
** Record Content-type: 20
** Record Version: fefd
** Record Epoch: 0
** Record Sequence: 000000000003
** Record Length: 1
*---- END OF RECORD ----
*
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: fefd
** Record Epoch: 1
** Record Sequence: 000000000000
** Record Length: 64
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
**---- HANDSHAKE MESSAGE FRAGMENT ENCRYPTED ----
*---- END OF RECORD ----
---- END OF PACKET ----
Starting Test 1
---- START OF PACKET ----
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: feff
** Record Epoch: 0
** Record Sequence: 000000000000
** Record Length: 103
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
*** Message Type: 1
*** Message Length: 91
*** Message sequence: 0
*** Message Fragment offset: 0
*** Message Fragment len: 91
**---- END OF HANDSHAKE MESSAGE FRAGMENT ----
*---- END OF RECORD ----
---- END OF PACKET ----
---- START OF PACKET ----
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: fefd
** Record Epoch: 1
** Record Sequence: 0000000000ff
** Record Length: 22
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
**---- HANDSHAKE MESSAGE FRAGMENT ENCRYPTED ----
*---- END OF RECORD ----
---- END OF PACKET ----
---- START OF PACKET ----
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: fefd
** Record Epoch: 0
** Record Sequence: 000000000001
** Record Length: 243
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
*** Message Type: 16
*** Message Length: 258
*** Message sequence: 1
*** Message Fragment offset: 0
*** Message Fragment len: 231
**---- END OF HANDSHAKE MESSAGE FRAGMENT ----
*---- END OF RECORD ----
---- END OF PACKET ----
---- START OF PACKET ----
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: fefd
** Record Epoch: 0
** Record Sequence: 000000000002
** Record Length: 39
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
*** Message Type: 16
*** Message Length: 258
*** Message sequence: 1
*** Message Fragment offset: 231
*** Message Fragment len: 27
**---- END OF HANDSHAKE MESSAGE FRAGMENT ----
*---- END OF RECORD ----
*
*---- START OF RECORD ----
** Record Content-type: 20
** Record Version: fefd
** Record Epoch: 0
** Record Sequence: 000000000003
** Record Length: 1
*---- END OF RECORD ----
*
*---- START OF RECORD ----
** Record Content-type: 22
** Record Version: fefd
** Record Epoch: 1
** Record Sequence: 000000000000
** Record Length: 64
**---- START OF HANDSHAKE MESSAGE FRAGMENT ----
**---- HANDSHAKE MESSAGE FRAGMENT ENCRYPTED ----
*---- END OF RECORD ----
---- END OF PACKET ----
PASS
test_bad_dtls
../util/shlib_wrap.sh ./bad_dtls_test
make[1]: Leaving directory '/jobs/genie.pdt/openssl-linux/workspace/openssl-1.0.2k/test'
OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
OpenSSL 1.0.2k 26 Jan 2017
built on: reproducible build, date unspecified
platform: linux-x86_64
options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) idea(int) blowfish(idx)
compiler: gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
OPENSSLDIR: "/home/hudson/genie.pdt/.hudson/jobs/openssl-linux/workspace/openssl"
+ make install# Download the source code package
make: *** No rule to make target 'install#'. Stop.
Archiving artifacts
Finished: FAILURE
![[Jenkins]](/pdt/static/efd6a289/images/svgs/logo.svg){kind=logo}
