X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=tcl_tests%2Fssl.try;h=1c5f9e97c02136b4718157683080c2d3e7ba98e6;hb=27245fdabff573bb85d6aeb2e228a854170296ee;hp=2333707dc7ba55dbd99f03115e97db8157f4b5ed;hpb=194fd485db2627afe07bb92e0e12dc3363675d64;p=openssl-gost%2Fengine.git

diff --git a/tcl_tests/ssl.try b/tcl_tests/ssl.try
index 2333707..1c5f9e9 100644
--- a/tcl_tests/ssl.try
+++ b/tcl_tests/ssl.try
@@ -42,37 +42,37 @@ if {[info exists env(ALG_LIST)]} {
 }
 
 array set suites {
-rsa:1024 {ECDHE-RSA-AES256-SHA}
-gost2001:XA {GOST2001-GOST89-GOST89 GOST2001-NULL-GOST94@SECLEVEL=0 LEGACY-GOST2012-GOST8912-GOST8912 IANA-GOST2012-GOST8912-GOST8912 GOST2012-NULL-GOST12@SECLEVEL=0}
-gost2012_256:XA {LEGACY-GOST2012-GOST8912-GOST8912 GOST2012-NULL-GOST12@SECLEVEL=0}
-gost2012_512:A {LEGACY-GOST2012-GOST8912-GOST8912 GOST2012-NULL-GOST12@SECLEVEL=0}
+rsa:1024 {ECDHE-RSA-AES256-SHA@SECLEVEL=0}
+gost2001:XA {GOST2001-GOST89-GOST89@SECLEVEL=0 GOST2001-NULL-GOST94@SECLEVEL=0 LEGACY-GOST2012-GOST8912-GOST8912@SECLEVEL=0 IANA-GOST2012-GOST8912-GOST8912@SECLEVEL=0 GOST2012-NULL-GOST12@SECLEVEL=0}
+gost2012_256:XA {LEGACY-GOST2012-GOST8912-GOST8912@SECLEVEL=0 GOST2012-NULL-GOST12@SECLEVEL=0}
+gost2012_512:A {LEGACY-GOST2012-GOST8912-GOST8912@SECLEVEL=0 GOST2012-NULL-GOST12@SECLEVEL=0}
 }
 
 #
 # Incompatible cipher suites
 #
 array set badsuites {
-gost2012_256:XA {GOST2001-GOST89-GOST89 GOST2001-NULL-GOST94@SECLEVEL=0} 
-gost2012_512:A {GOST2001-GOST89-GOST89 GOST2001-NULL-GOST94@SECLEVEL=0}
+gost2012_256:XA {GOST2001-GOST89-GOST89@SECLEVEL=0 GOST2001-NULL-GOST94@SECLEVEL=0} 
+gost2012_512:A {GOST2001-GOST89-GOST89@SECLEVEL=0 GOST2001-NULL-GOST94@SECLEVEL=0}
 }
 
 #
 # Default cipher suite negotiated for algorithm
 #
 array set defsuite {
-rsa:1024 ECDHE-RSA-AES256-SHA
+rsa:1024 ECDHE-RSA-AES256-SHA@SECLEVEL=0
 #gost94:XA GOST94-GOST89-GOST89
-gost2001:XA GOST2012-GOST8912-GOST8912
-gost2012_256:XA LEGACY-GOST2012-GOST8912-GOST8912
-gost2012_512:A LEGACY-GOST2012-GOST8912-GOST8912
+gost2001:XA GOST2012-GOST8912-GOST8912@SECLEVEL=0
+gost2012_256:XA LEGACY-GOST2012-GOST8912-GOST8912@SECLEVEL=0
+gost2012_512:A LEGACY-GOST2012-GOST8912-GOST8912@SECLEVEL=0
 }
 
 array set defsuite_12 {
-rsa:1024 ECDHE-RSA-AES256-GCM-SHA384
+rsa:1024 ECDHE-RSA-AES256-GCM-SHA384@SECLEVEL=0
 #gost94:XA GOST94-GOST89-GOST89
-gost2001:XA LEGACY-GOST2012-GOST8912-GOST8912
-gost2012_256:XA GOST2012-MAGMA-MAGMAOMAC
-gost2012_512:A GOST2012-MAGMA-MAGMAOMAC
+gost2001:XA LEGACY-GOST2012-GOST8912-GOST8912@SECLEVEL=0
+gost2012_256:XA GOST2012-MAGMA-MAGMAOMAC@SECLEVEL=0
+gost2012_512:A GOST2012-MAGMA-MAGMAOMAC@SECLEVEL=0
 }
 
 set proto_list {"TLSv1" "TLSv1.1" "TLSv1.2"}
@@ -180,7 +180,7 @@ foreach proto $proto_list {
 					-verify 1 -state -cipher $suite] \
 					[list -www -cert localhost_$alg_fn/cert.pem \
 					-key localhost_$alg_fn/seckey.pem \
-					-cipher DHE-RSA-AES256-SHA $protos($proto)] {}] 
+					-cipher DHE-RSA-AES256-SHA@SECLEVEL=0 $protos($proto)] {}] 
 				list [lindex $list 2] [grep ":fatal:" [lindex $list 1]]
 			} 0 [list 1 "SSL3 alert read:fatal:handshake failure
 "]
@@ -202,7 +202,7 @@ foreach proto $proto_list {
 						-CAfile $::test::ca/cacert.pem -verify_return_error \
 						-verify 1 -state -cipher $suite] \
 						[list -www -cert localhost_$alg_fn/cert.pem \
-						-key localhost_$alg_fn/seckey.pem $protos($proto)] {}] 
+						-key localhost_$alg_fn/seckey.pem $protos($proto) -cipher ALL@SECLEVEL=0] {}] 
 					if {[regexp -lineanchor \
 					{^\s*Protocol\s*:\s*(\S*)\s*$.*^\s*Cipher\s*:\s*(\S*)\s*$} \
 					[lindex $list 0] -> result_proto result_cipher]} {
@@ -210,7 +210,7 @@ foreach proto $proto_list {
 					} else {
 						lindex $list 1
 					}	
-				} 0 [list 0 $proto $suite]
+				} 0 [list 0 $proto $raw_name]
 
 
 				test "Сервер c несколькими алгоритмами, клиент $suite $proto" {
@@ -220,7 +220,7 @@ foreach proto $proto_list {
 						[list -www -cert localhost_rsa/cert.pem \
 						-key localhost_rsa/seckey.pem \
 						-dcert localhost_$alg_fn/cert.pem \
-						-dkey localhost_$alg_fn/seckey.pem $protos($proto)] {}] 
+						-dkey localhost_$alg_fn/seckey.pem $protos($proto) -cipher ALL@SECLEVEL=0] {}] 
 					if {[regexp -lineanchor \
 					{^\s*Protocol\s*:\s*(\S*)\s*$.*^\s*Cipher\s*:\s*(\S*)\s*$} \
 					[lindex $list 0] -> result_proto result_cipher]} {
@@ -228,18 +228,18 @@ foreach proto $proto_list {
 					} else {
 						lindex $list 1
 					}	
-				} 0 [list 0 $proto $suite]
+				} 0 [list 0 $proto $raw_name]
 
 			}
 
 			test "Сервер c несколькими алгоритмами, клиент AES256-SHA $proto" {
 				set list [client_server [list -connect localhost:4433 \
 					-CAfile $::test::ca/cacert.pem -verify_return_error \
-					-verify 1 -state -cipher AES256-SHA] \
+					-verify 1 -state -cipher AES256-SHA@SECLEVEL=0] \
 					[list -www -cert localhost_rsa/cert.pem \
 					-key localhost_rsa/seckey.pem \
 					-dcert localhost_$alg_fn/cert.pem \
-					-dkey localhost_$alg_fn/seckey.pem $protos($proto)] {}] 
+					-dkey localhost_$alg_fn/seckey.pem $protos($proto) -cipher ALL@SECLEVEL=0] {}] 
 				if {[regexp -lineanchor \
 				{^\s*Protocol\s*:\s*(\S*)\s*$.*^\s*Cipher\s*:\s*(\S*)\s*$} \
 				[lindex $list 0] -> result_proto result_cipher]} {