1 # Generated with generate_ssl_tests.pl
5 test-0 = 0-ECDSA CipherString Selection
6 test-1 = 1-RSA CipherString Selection
7 test-2 = 2-ECDSA CipherString Selection, no ECDSA certificate
8 test-3 = 3-ECDSA Signature Algorithm Selection
9 test-4 = 4-ECDSA Signature Algorithm Selection SHA384
10 test-5 = 5-ECDSA Signature Algorithm Selection SHA1
11 test-6 = 6-ECDSA Signature Algorithm Selection compressed point
12 test-7 = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate
13 test-8 = 8-RSA Signature Algorithm Selection
14 test-9 = 9-RSA-PSS Signature Algorithm Selection
15 test-10 = 10-Suite B P-256 Hash Algorithm Selection
16 test-11 = 11-Suite B P-384 Hash Algorithm Selection
17 test-12 = 12-TLS 1.2 DSA Certificate Test
18 # ===========================================================
20 [0-ECDSA CipherString Selection]
21 ssl_conf = 0-ECDSA CipherString Selection-ssl
23 [0-ECDSA CipherString Selection-ssl]
24 server = 0-ECDSA CipherString Selection-server
25 client = 0-ECDSA CipherString Selection-client
27 [0-ECDSA CipherString Selection-server]
28 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
29 CipherString = DEFAULT
30 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
31 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
33 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
35 [0-ECDSA CipherString Selection-client]
38 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
39 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
43 ExpectedResult = Success
44 ExpectedServerCANames = empty
45 ExpectedServerCertType = P-256
46 ExpectedServerSignType = EC
49 # ===========================================================
51 [1-RSA CipherString Selection]
52 ssl_conf = 1-RSA CipherString Selection-ssl
54 [1-RSA CipherString Selection-ssl]
55 server = 1-RSA CipherString Selection-server
56 client = 1-RSA CipherString Selection-client
58 [1-RSA CipherString Selection-server]
59 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
60 CipherString = DEFAULT
61 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
62 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
64 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
66 [1-RSA CipherString Selection-client]
69 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
73 ExpectedResult = Success
74 ExpectedServerCertType = RSA
75 ExpectedServerSignType = RSA-PSS
78 # ===========================================================
80 [2-ECDSA CipherString Selection, no ECDSA certificate]
81 ssl_conf = 2-ECDSA CipherString Selection, no ECDSA certificate-ssl
83 [2-ECDSA CipherString Selection, no ECDSA certificate-ssl]
84 server = 2-ECDSA CipherString Selection, no ECDSA certificate-server
85 client = 2-ECDSA CipherString Selection, no ECDSA certificate-client
87 [2-ECDSA CipherString Selection, no ECDSA certificate-server]
88 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
89 CipherString = DEFAULT
91 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
93 [2-ECDSA CipherString Selection, no ECDSA certificate-client]
96 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
100 ExpectedResult = ServerFail
103 # ===========================================================
105 [3-ECDSA Signature Algorithm Selection]
106 ssl_conf = 3-ECDSA Signature Algorithm Selection-ssl
108 [3-ECDSA Signature Algorithm Selection-ssl]
109 server = 3-ECDSA Signature Algorithm Selection-server
110 client = 3-ECDSA Signature Algorithm Selection-client
112 [3-ECDSA Signature Algorithm Selection-server]
113 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
114 CipherString = DEFAULT
115 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
116 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
117 MaxProtocol = TLSv1.2
118 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
120 [3-ECDSA Signature Algorithm Selection-client]
121 CipherString = DEFAULT
122 SignatureAlgorithms = ECDSA+SHA256
123 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
127 ExpectedResult = Success
128 ExpectedServerCertType = P-256
129 ExpectedServerSignHash = SHA256
130 ExpectedServerSignType = EC
133 # ===========================================================
135 [4-ECDSA Signature Algorithm Selection SHA384]
136 ssl_conf = 4-ECDSA Signature Algorithm Selection SHA384-ssl
138 [4-ECDSA Signature Algorithm Selection SHA384-ssl]
139 server = 4-ECDSA Signature Algorithm Selection SHA384-server
140 client = 4-ECDSA Signature Algorithm Selection SHA384-client
142 [4-ECDSA Signature Algorithm Selection SHA384-server]
143 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
144 CipherString = DEFAULT
145 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
146 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
147 MaxProtocol = TLSv1.2
148 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
150 [4-ECDSA Signature Algorithm Selection SHA384-client]
151 CipherString = DEFAULT
152 SignatureAlgorithms = ECDSA+SHA384
153 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
157 ExpectedResult = Success
158 ExpectedServerCertType = P-256
159 ExpectedServerSignHash = SHA384
160 ExpectedServerSignType = EC
163 # ===========================================================
165 [5-ECDSA Signature Algorithm Selection SHA1]
166 ssl_conf = 5-ECDSA Signature Algorithm Selection SHA1-ssl
168 [5-ECDSA Signature Algorithm Selection SHA1-ssl]
169 server = 5-ECDSA Signature Algorithm Selection SHA1-server
170 client = 5-ECDSA Signature Algorithm Selection SHA1-client
172 [5-ECDSA Signature Algorithm Selection SHA1-server]
173 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
174 CipherString = DEFAULT
175 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
176 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
177 MaxProtocol = TLSv1.2
178 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
180 [5-ECDSA Signature Algorithm Selection SHA1-client]
181 CipherString = DEFAULT
182 SignatureAlgorithms = ECDSA+SHA1
183 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
187 ExpectedResult = Success
188 ExpectedServerCertType = P-256
189 ExpectedServerSignHash = SHA1
190 ExpectedServerSignType = EC
193 # ===========================================================
195 [6-ECDSA Signature Algorithm Selection compressed point]
196 ssl_conf = 6-ECDSA Signature Algorithm Selection compressed point-ssl
198 [6-ECDSA Signature Algorithm Selection compressed point-ssl]
199 server = 6-ECDSA Signature Algorithm Selection compressed point-server
200 client = 6-ECDSA Signature Algorithm Selection compressed point-client
202 [6-ECDSA Signature Algorithm Selection compressed point-server]
203 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
204 CipherString = DEFAULT
205 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
206 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem
207 MaxProtocol = TLSv1.2
208 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
210 [6-ECDSA Signature Algorithm Selection compressed point-client]
211 CipherString = DEFAULT
212 SignatureAlgorithms = ECDSA+SHA256
213 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
217 ExpectedResult = Success
218 ExpectedServerCertType = P-256
219 ExpectedServerSignHash = SHA256
220 ExpectedServerSignType = EC
223 # ===========================================================
225 [7-ECDSA Signature Algorithm Selection, no ECDSA certificate]
226 ssl_conf = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
228 [7-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
229 server = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate-server
230 client = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
232 [7-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
233 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
234 CipherString = DEFAULT
235 MaxProtocol = TLSv1.2
236 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
238 [7-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
239 CipherString = DEFAULT
240 SignatureAlgorithms = ECDSA+SHA256
241 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
245 ExpectedResult = ServerFail
248 # ===========================================================
250 [8-RSA Signature Algorithm Selection]
251 ssl_conf = 8-RSA Signature Algorithm Selection-ssl
253 [8-RSA Signature Algorithm Selection-ssl]
254 server = 8-RSA Signature Algorithm Selection-server
255 client = 8-RSA Signature Algorithm Selection-client
257 [8-RSA Signature Algorithm Selection-server]
258 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
259 CipherString = DEFAULT
260 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
261 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
262 MaxProtocol = TLSv1.2
263 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
265 [8-RSA Signature Algorithm Selection-client]
266 CipherString = DEFAULT
267 SignatureAlgorithms = RSA+SHA256
268 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
272 ExpectedResult = Success
273 ExpectedServerCertType = RSA
274 ExpectedServerSignHash = SHA256
275 ExpectedServerSignType = RSA
278 # ===========================================================
280 [9-RSA-PSS Signature Algorithm Selection]
281 ssl_conf = 9-RSA-PSS Signature Algorithm Selection-ssl
283 [9-RSA-PSS Signature Algorithm Selection-ssl]
284 server = 9-RSA-PSS Signature Algorithm Selection-server
285 client = 9-RSA-PSS Signature Algorithm Selection-client
287 [9-RSA-PSS Signature Algorithm Selection-server]
288 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
289 CipherString = DEFAULT
290 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
291 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
292 MaxProtocol = TLSv1.2
293 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
295 [9-RSA-PSS Signature Algorithm Selection-client]
296 CipherString = DEFAULT
297 SignatureAlgorithms = RSA-PSS+SHA256
298 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
302 ExpectedResult = Success
303 ExpectedServerCertType = RSA
304 ExpectedServerSignHash = SHA256
305 ExpectedServerSignType = RSA-PSS
308 # ===========================================================
310 [10-Suite B P-256 Hash Algorithm Selection]
311 ssl_conf = 10-Suite B P-256 Hash Algorithm Selection-ssl
313 [10-Suite B P-256 Hash Algorithm Selection-ssl]
314 server = 10-Suite B P-256 Hash Algorithm Selection-server
315 client = 10-Suite B P-256 Hash Algorithm Selection-client
317 [10-Suite B P-256 Hash Algorithm Selection-server]
318 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
319 CipherString = SUITEB128
320 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem
321 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p256-server-key.pem
322 MaxProtocol = TLSv1.2
323 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
325 [10-Suite B P-256 Hash Algorithm Selection-client]
326 CipherString = DEFAULT
327 SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256
328 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
332 ExpectedResult = Success
333 ExpectedServerCertType = P-256
334 ExpectedServerSignHash = SHA256
335 ExpectedServerSignType = EC
338 # ===========================================================
340 [11-Suite B P-384 Hash Algorithm Selection]
341 ssl_conf = 11-Suite B P-384 Hash Algorithm Selection-ssl
343 [11-Suite B P-384 Hash Algorithm Selection-ssl]
344 server = 11-Suite B P-384 Hash Algorithm Selection-server
345 client = 11-Suite B P-384 Hash Algorithm Selection-client
347 [11-Suite B P-384 Hash Algorithm Selection-server]
348 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
349 CipherString = SUITEB128
350 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
351 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem
352 MaxProtocol = TLSv1.2
353 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
355 [11-Suite B P-384 Hash Algorithm Selection-client]
356 CipherString = DEFAULT
357 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384
358 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
362 ExpectedResult = Success
363 ExpectedServerCertType = P-384
364 ExpectedServerSignHash = SHA384
365 ExpectedServerSignType = EC
368 # ===========================================================
370 [12-TLS 1.2 DSA Certificate Test]
371 ssl_conf = 12-TLS 1.2 DSA Certificate Test-ssl
373 [12-TLS 1.2 DSA Certificate Test-ssl]
374 server = 12-TLS 1.2 DSA Certificate Test-server
375 client = 12-TLS 1.2 DSA Certificate Test-client
377 [12-TLS 1.2 DSA Certificate Test-server]
378 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
380 DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem
381 DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
382 DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem
383 MaxProtocol = TLSv1.2
384 MinProtocol = TLSv1.2
385 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
387 [12-TLS 1.2 DSA Certificate Test-client]
389 SignatureAlgorithms = DSA+SHA256:DSA+SHA1
390 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
394 ExpectedResult = Success