a92e710b7a
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2301)
204 lines
6.3 KiB
Text
204 lines
6.3 KiB
Text
# Generated with generate_ssl_tests.pl
|
|
|
|
num_tests = 7
|
|
|
|
test-0 = 0-ECDSA CipherString Selection
|
|
test-1 = 1-RSA CipherString Selection
|
|
test-2 = 2-ECDSA CipherString Selection, no ECDSA certificate
|
|
test-3 = 3-ECDSA Signature Algorithm Selection
|
|
test-4 = 4-ECDSA Signature Algorithm Selection, no ECDSA certificate
|
|
test-5 = 5-RSA Signature Algorithm Selection
|
|
test-6 = 6-RSA-PSS Signature Algorithm Selection
|
|
# ===========================================================
|
|
|
|
[0-ECDSA CipherString Selection]
|
|
ssl_conf = 0-ECDSA CipherString Selection-ssl
|
|
|
|
[0-ECDSA CipherString Selection-ssl]
|
|
server = 0-ECDSA CipherString Selection-server
|
|
client = 0-ECDSA CipherString Selection-client
|
|
|
|
[0-ECDSA CipherString Selection-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
MaxProtocol = TLSv1.2
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[0-ECDSA CipherString Selection-client]
|
|
CipherString = aECDSA
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-0]
|
|
ExpectedResult = Success
|
|
ExpectedServerCertType = P-256
|
|
ExpectedServerSignType = EC
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[1-RSA CipherString Selection]
|
|
ssl_conf = 1-RSA CipherString Selection-ssl
|
|
|
|
[1-RSA CipherString Selection-ssl]
|
|
server = 1-RSA CipherString Selection-server
|
|
client = 1-RSA CipherString Selection-client
|
|
|
|
[1-RSA CipherString Selection-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
MaxProtocol = TLSv1.2
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[1-RSA CipherString Selection-client]
|
|
CipherString = aRSA
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-1]
|
|
ExpectedResult = Success
|
|
ExpectedServerCertType = RSA
|
|
ExpectedServerSignType = RSA-PSS
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[2-ECDSA CipherString Selection, no ECDSA certificate]
|
|
ssl_conf = 2-ECDSA CipherString Selection, no ECDSA certificate-ssl
|
|
|
|
[2-ECDSA CipherString Selection, no ECDSA certificate-ssl]
|
|
server = 2-ECDSA CipherString Selection, no ECDSA certificate-server
|
|
client = 2-ECDSA CipherString Selection, no ECDSA certificate-client
|
|
|
|
[2-ECDSA CipherString Selection, no ECDSA certificate-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[2-ECDSA CipherString Selection, no ECDSA certificate-client]
|
|
CipherString = aECDSA
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-2]
|
|
ExpectedResult = ServerFail
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[3-ECDSA Signature Algorithm Selection]
|
|
ssl_conf = 3-ECDSA Signature Algorithm Selection-ssl
|
|
|
|
[3-ECDSA Signature Algorithm Selection-ssl]
|
|
server = 3-ECDSA Signature Algorithm Selection-server
|
|
client = 3-ECDSA Signature Algorithm Selection-client
|
|
|
|
[3-ECDSA Signature Algorithm Selection-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
MaxProtocol = TLSv1.2
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[3-ECDSA Signature Algorithm Selection-client]
|
|
CipherString = DEFAULT
|
|
SignatureAlgorithms = ECDSA+SHA256
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-3]
|
|
ExpectedResult = Success
|
|
ExpectedServerCertType = P-256
|
|
ExpectedServerSignHash = SHA256
|
|
ExpectedServerSignType = EC
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[4-ECDSA Signature Algorithm Selection, no ECDSA certificate]
|
|
ssl_conf = 4-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
|
|
|
|
[4-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
|
|
server = 4-ECDSA Signature Algorithm Selection, no ECDSA certificate-server
|
|
client = 4-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
|
|
|
|
[4-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[4-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
|
|
CipherString = DEFAULT
|
|
SignatureAlgorithms = ECDSA+SHA256
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-4]
|
|
ExpectedResult = ServerFail
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[5-RSA Signature Algorithm Selection]
|
|
ssl_conf = 5-RSA Signature Algorithm Selection-ssl
|
|
|
|
[5-RSA Signature Algorithm Selection-ssl]
|
|
server = 5-RSA Signature Algorithm Selection-server
|
|
client = 5-RSA Signature Algorithm Selection-client
|
|
|
|
[5-RSA Signature Algorithm Selection-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
MaxProtocol = TLSv1.2
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[5-RSA Signature Algorithm Selection-client]
|
|
CipherString = DEFAULT
|
|
SignatureAlgorithms = RSA+SHA256
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-5]
|
|
ExpectedResult = Success
|
|
ExpectedServerCertType = RSA
|
|
ExpectedServerSignHash = SHA256
|
|
ExpectedServerSignType = RSA
|
|
|
|
|
|
# ===========================================================
|
|
|
|
[6-RSA-PSS Signature Algorithm Selection]
|
|
ssl_conf = 6-RSA-PSS Signature Algorithm Selection-ssl
|
|
|
|
[6-RSA-PSS Signature Algorithm Selection-ssl]
|
|
server = 6-RSA-PSS Signature Algorithm Selection-server
|
|
client = 6-RSA-PSS Signature Algorithm Selection-client
|
|
|
|
[6-RSA-PSS Signature Algorithm Selection-server]
|
|
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
CipherString = DEFAULT
|
|
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
MaxProtocol = TLSv1.2
|
|
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
|
|
[6-RSA-PSS Signature Algorithm Selection-client]
|
|
CipherString = DEFAULT
|
|
SignatureAlgorithms = RSA-PSS+SHA256
|
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
VerifyMode = Peer
|
|
|
|
[test-6]
|
|
ExpectedResult = Success
|
|
ExpectedServerCertType = RSA
|
|
ExpectedServerSignHash = SHA256
|
|
ExpectedServerSignType = RSA-PSS
|
|
|
|
|