test/ssl-tests/20-cert-select.conf.in

   1 # -*- mode: perl; -*-
   2
   3 ## SSL test configurations
   4
   5 package ssltests;
   6
   7 use strict;
   8 use warnings;
   9
  10 use OpenSSL::Test;
  11 use OpenSSL::Test::Utils qw(anydisabled);
  12
  13 my $dir_sep = $^O ne "VMS" ? "/" : "";
  14
  15 my $server = {
  16     "ECDSA.Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem",
  17     "ECDSA.PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem",
  18     # TODO(TLS1.3): add test cases for TLSv1.3
  19     "MaxProtocol" => "TLSv1.2"
  20 };
  21
  22 our @tests = (
  23     {
  24         name => "ECDSA CipherString Selection",
  25         server => $server,
  26         client => {
  27             "CipherString" => "aECDSA",
  28         },
  29         test   => {
  30             "ExpectedServerCertType" =>, "P-256",
  31             "ExpectedServerSignType" =>, "EC",
  32             "ExpectedResult" => "Success"
  33         },
  34     },
  35     {
  36         name => "RSA CipherString Selection",
  37         server => $server,
  38         client => {
  39             "CipherString" => "aRSA",
  40         },
  41         test   => {
  42             "ExpectedServerCertType" =>, "RSA",
  43             "ExpectedServerSignType" =>, "RSA-PSS",
  44             "ExpectedResult" => "Success"
  45         },
  46     },
  47     {
  48         name => "ECDSA CipherString Selection, no ECDSA certificate",
  49         server => { },
  50         client => {
  51             "CipherString" => "aECDSA"
  52         },
  53         test   => {
  54             "ExpectedResult" => "ServerFail"
  55         },
  56     },
  57     {
  58         name => "ECDSA Signature Algorithm Selection",
  59         server => $server,
  60         client => {
  61             "SignatureAlgorithms" => "ECDSA+SHA256",
  62         },
  63         test   => {
  64             "ExpectedServerCertType" => "P-256",
  65             "ExpectedServerSignHash" => "SHA256",
  66             "ExpectedServerSignType" => "EC",
  67             "ExpectedResult" => "Success"
  68         },
  69     },
  70     {
  71         name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
  72         server => { },
  73         client => {
  74             "SignatureAlgorithms" => "ECDSA+SHA256",
  75         },
  76         test   => {
  77             "ExpectedResult" => "ServerFail"
  78         },
  79     },
  80     {
  81         name => "RSA Signature Algorithm Selection",
  82         server => $server,
  83         client => {
  84             "SignatureAlgorithms" => "RSA+SHA256",
  85         },
  86         test   => {
  87             "ExpectedServerCertType" => "RSA",
  88             "ExpectedServerSignHash" => "SHA256",
  89             "ExpectedServerSignType" => "RSA",
  90             "ExpectedResult" => "Success"
  91         },
  92     },
  93     {
  94         name => "RSA-PSS Signature Algorithm Selection",
  95         server => $server,
  96         client => {
  97             "SignatureAlgorithms" => "RSA-PSS+SHA256",
  98         },
  99         test   => {
 100             "ExpectedServerCertType" => "RSA",
 101             "ExpectedServerSignHash" => "SHA256",
 102             "ExpectedServerSignType" => "RSA-PSS",
 103             "ExpectedResult" => "Success"
 104         },
 105     }
 106 );