Add certificate selection tests.
[openssl.git] / test / ssl-tests / 20-cert-select.conf.in
1 # -*- mode: perl; -*-
2
3 ## SSL test configurations
4
5 package ssltests;
6
7 use strict;
8 use warnings;
9
10 use OpenSSL::Test;
11 use OpenSSL::Test::Utils qw(anydisabled);
12
13 my $dir_sep = $^O ne "VMS" ? "/" : "";
14
15 my $server = {
16     "ECDSA.Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem",
17     "ECDSA.PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem",
18     # TODO: add test cases for TLSv1.3
19     "MaxProtocol" => "TLSv1.2"
20 };
21
22 our @tests = (
23     {
24         name => "ECDSA CipherString Selection",
25         server => $server,
26         client => {
27             "CipherString" => "aECDSA",
28         },
29         test   => {
30             "ExpectedServerCertType" =>, "P-256",
31             "ExpectedResult" => "Success"
32         },
33     },
34     {
35         name => "RSA CipherString Selection",
36         server => $server,
37         client => {
38             "CipherString" => "aRSA",
39         },
40         test   => {
41             "ExpectedServerCertType" =>, "RSA",
42             "ExpectedResult" => "Success"
43         },
44     },
45     {
46         name => "ECDSA CipherString Selection, no ECDSA certificate",
47         server => { },
48         client => {
49             "CipherString" => "aECDSA"
50         },
51         test   => {
52             "ExpectedResult" => "ServerFail"
53         },
54     },
55     {
56         name => "ECDSA Signature Algorithm Selection",
57         server => $server,
58         client => {
59             "SignatureAlgorithms" => "ECDSA+SHA256",
60         },
61         test   => {
62             "ExpectedServerCertType" =>, "P-256",
63             "ExpectedResult" => "Success"
64         },
65     },
66     {
67         name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
68         server => { },
69         client => {
70             "SignatureAlgorithms" => "ECDSA+SHA256",
71         },
72         test   => {
73             "ExpectedResult" => "ServerFail"
74         },
75     },
76     {
77         name => "RSA Signature Algorithm Selection",
78         server => $server,
79         client => {
80             "SignatureAlgorithms" => "RSA+SHA256",
81         },
82         test   => {
83             "ExpectedServerCertType" =>, "RSA",
84             "ExpectedResult" => "Success"
85         },
86     }
87 );