test/ssl-tests/20-cert-select.conf.in

   1 # -*- mode: perl; -*-
   2
   3 ## SSL test configurations
   4
   5 package ssltests;
   6
   7 use strict;
   8 use warnings;
   9
  10 use OpenSSL::Test;
  11 use OpenSSL::Test::Utils qw(anydisabled);
  12
  13 my $dir_sep = $^O ne "VMS" ? "/" : "";
  14
  15 my $server = {
  16     "ECDSA.Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem",
  17     "ECDSA.PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem",
  18     # TODO: add test cases for TLSv1.3
  19     "MaxProtocol" => "TLSv1.2"
  20 };
  21
  22 our @tests = (
  23     {
  24         name => "ECDSA CipherString Selection",
  25         server => $server,
  26         client => {
  27             "CipherString" => "aECDSA",
  28         },
  29         test   => {
  30             "ExpectedServerCertType" =>, "P-256",
  31             "ExpectedResult" => "Success"
  32         },
  33     },
  34     {
  35         name => "RSA CipherString Selection",
  36         server => $server,
  37         client => {
  38             "CipherString" => "aRSA",
  39         },
  40         test   => {
  41             "ExpectedServerCertType" =>, "RSA",
  42             "ExpectedResult" => "Success"
  43         },
  44     },
  45     {
  46         name => "ECDSA CipherString Selection, no ECDSA certificate",
  47         server => { },
  48         client => {
  49             "CipherString" => "aECDSA"
  50         },
  51         test   => {
  52             "ExpectedResult" => "ServerFail"
  53         },
  54     },
  55     {
  56         name => "ECDSA Signature Algorithm Selection",
  57         server => $server,
  58         client => {
  59             "SignatureAlgorithms" => "ECDSA+SHA256",
  60         },
  61         test   => {
  62             "ExpectedServerCertType" => "P-256",
  63             "ExpectedServerSignHash" => "SHA256",
  64             "ExpectedResult" => "Success"
  65         },
  66     },
  67     {
  68         name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
  69         server => { },
  70         client => {
  71             "SignatureAlgorithms" => "ECDSA+SHA256",
  72         },
  73         test   => {
  74             "ExpectedResult" => "ServerFail"
  75         },
  76     },
  77     {
  78         name => "RSA Signature Algorithm Selection",
  79         server => $server,
  80         client => {
  81             "SignatureAlgorithms" => "RSA+SHA256",
  82         },
  83         test   => {
  84             "ExpectedServerCertType" => "RSA",
  85             "ExpectedServerSignHash" => "SHA256",
  86             "ExpectedResult" => "Success"
  87         },
  88     }
  89 );