# Generated with generate_ssl_tests.pl num_tests = 15 test-0 = 0-ECDSA CipherString Selection test-1 = 1-Ed25519 CipherString and Signature Algorithm Selection test-2 = 2-RSA CipherString Selection test-3 = 3-ECDSA CipherString Selection, no ECDSA certificate test-4 = 4-ECDSA Signature Algorithm Selection test-5 = 5-ECDSA Signature Algorithm Selection SHA384 test-6 = 6-ECDSA Signature Algorithm Selection SHA1 test-7 = 7-ECDSA Signature Algorithm Selection compressed point test-8 = 8-ECDSA Signature Algorithm Selection, no ECDSA certificate test-9 = 9-RSA Signature Algorithm Selection test-10 = 10-RSA-PSS Signature Algorithm Selection test-11 = 11-Suite B P-256 Hash Algorithm Selection test-12 = 12-Suite B P-384 Hash Algorithm Selection test-13 = 13-TLS 1.2 Ed25519 Client Auth test-14 = 14-TLS 1.2 DSA Certificate Test # =========================================================== [0-ECDSA CipherString Selection] ssl_conf = 0-ECDSA CipherString Selection-ssl [0-ECDSA CipherString Selection-ssl] server = 0-ECDSA CipherString Selection-server client = 0-ECDSA CipherString Selection-client [0-ECDSA CipherString Selection-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-ECDSA CipherString Selection-client] CipherString = aECDSA MaxProtocol = TLSv1.2 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-0] ExpectedResult = Success ExpectedServerCANames = empty ExpectedServerCertType = P-256 ExpectedServerSignType = EC # =========================================================== [1-Ed25519 CipherString and Signature Algorithm Selection] ssl_conf = 1-Ed25519 CipherString and Signature Algorithm Selection-ssl [1-Ed25519 CipherString and Signature Algorithm Selection-ssl] server = 1-Ed25519 CipherString and Signature Algorithm Selection-server client = 1-Ed25519 CipherString and Signature Algorithm Selection-client [1-Ed25519 CipherString and Signature Algorithm Selection-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-Ed25519 CipherString and Signature Algorithm Selection-client] CipherString = aECDSA MaxProtocol = TLSv1.2 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem SignatureAlgorithms = ed25519:ECDSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-1] ExpectedResult = Success ExpectedServerCANames = empty ExpectedServerCertType = Ed25519 ExpectedServerSignType = Ed25519 # =========================================================== [2-RSA CipherString Selection] ssl_conf = 2-RSA CipherString Selection-ssl [2-RSA CipherString Selection-ssl] server = 2-RSA CipherString Selection-server client = 2-RSA CipherString Selection-client [2-RSA CipherString Selection-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-RSA CipherString Selection-client] CipherString = aRSA MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-2] ExpectedResult = Success ExpectedServerCertType = RSA ExpectedServerSignType = RSA-PSS # =========================================================== [3-ECDSA CipherString Selection, no ECDSA certificate] ssl_conf = 3-ECDSA CipherString Selection, no ECDSA certificate-ssl [3-ECDSA CipherString Selection, no ECDSA certificate-ssl] server = 3-ECDSA CipherString Selection, no ECDSA certificate-server client = 3-ECDSA CipherString Selection, no ECDSA certificate-client [3-ECDSA CipherString Selection, no ECDSA certificate-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-ECDSA CipherString Selection, no ECDSA certificate-client] CipherString = aECDSA MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-3] ExpectedResult = ServerFail # =========================================================== [4-ECDSA Signature Algorithm Selection] ssl_conf = 4-ECDSA Signature Algorithm Selection-ssl [4-ECDSA Signature Algorithm Selection-ssl] server = 4-ECDSA Signature Algorithm Selection-server client = 4-ECDSA Signature Algorithm Selection-client [4-ECDSA Signature Algorithm Selection-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-ECDSA Signature Algorithm Selection-client] CipherString = DEFAULT SignatureAlgorithms = ECDSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-4] ExpectedResult = Success ExpectedServerCertType = P-256 ExpectedServerSignHash = SHA256 ExpectedServerSignType = EC # =========================================================== [5-ECDSA Signature Algorithm Selection SHA384] ssl_conf = 5-ECDSA Signature Algorithm Selection SHA384-ssl [5-ECDSA Signature Algorithm Selection SHA384-ssl] server = 5-ECDSA Signature Algorithm Selection SHA384-server client = 5-ECDSA Signature Algorithm Selection SHA384-client [5-ECDSA Signature Algorithm Selection SHA384-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-ECDSA Signature Algorithm Selection SHA384-client] CipherString = DEFAULT SignatureAlgorithms = ECDSA+SHA384 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-5] ExpectedResult = Success ExpectedServerCertType = P-256 ExpectedServerSignHash = SHA384 ExpectedServerSignType = EC # =========================================================== [6-ECDSA Signature Algorithm Selection SHA1] ssl_conf = 6-ECDSA Signature Algorithm Selection SHA1-ssl [6-ECDSA Signature Algorithm Selection SHA1-ssl] server = 6-ECDSA Signature Algorithm Selection SHA1-server client = 6-ECDSA Signature Algorithm Selection SHA1-client [6-ECDSA Signature Algorithm Selection SHA1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-ECDSA Signature Algorithm Selection SHA1-client] CipherString = DEFAULT SignatureAlgorithms = ECDSA+SHA1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-6] ExpectedResult = Success ExpectedServerCertType = P-256 ExpectedServerSignHash = SHA1 ExpectedServerSignType = EC # =========================================================== [7-ECDSA Signature Algorithm Selection compressed point] ssl_conf = 7-ECDSA Signature Algorithm Selection compressed point-ssl [7-ECDSA Signature Algorithm Selection compressed point-ssl] server = 7-ECDSA Signature Algorithm Selection compressed point-server client = 7-ECDSA Signature Algorithm Selection compressed point-client [7-ECDSA Signature Algorithm Selection compressed point-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-ECDSA Signature Algorithm Selection compressed point-client] CipherString = DEFAULT SignatureAlgorithms = ECDSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-7] ExpectedResult = Success ExpectedServerCertType = P-256 ExpectedServerSignHash = SHA256 ExpectedServerSignType = EC # =========================================================== [8-ECDSA Signature Algorithm Selection, no ECDSA certificate] ssl_conf = 8-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl [8-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl] server = 8-ECDSA Signature Algorithm Selection, no ECDSA certificate-server client = 8-ECDSA Signature Algorithm Selection, no ECDSA certificate-client [8-ECDSA Signature Algorithm Selection, no ECDSA certificate-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-ECDSA Signature Algorithm Selection, no ECDSA certificate-client] CipherString = DEFAULT SignatureAlgorithms = ECDSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-8] ExpectedResult = ServerFail # =========================================================== [9-RSA Signature Algorithm Selection] ssl_conf = 9-RSA Signature Algorithm Selection-ssl [9-RSA Signature Algorithm Selection-ssl] server = 9-RSA Signature Algorithm Selection-server client = 9-RSA Signature Algorithm Selection-client [9-RSA Signature Algorithm Selection-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-RSA Signature Algorithm Selection-client] CipherString = DEFAULT SignatureAlgorithms = RSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-9] ExpectedResult = Success ExpectedServerCertType = RSA ExpectedServerSignHash = SHA256 ExpectedServerSignType = RSA # =========================================================== [10-RSA-PSS Signature Algorithm Selection] ssl_conf = 10-RSA-PSS Signature Algorithm Selection-ssl [10-RSA-PSS Signature Algorithm Selection-ssl] server = 10-RSA-PSS Signature Algorithm Selection-server client = 10-RSA-PSS Signature Algorithm Selection-client [10-RSA-PSS Signature Algorithm Selection-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-RSA-PSS Signature Algorithm Selection-client] CipherString = DEFAULT SignatureAlgorithms = RSA-PSS+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-10] ExpectedResult = Success ExpectedServerCertType = RSA ExpectedServerSignHash = SHA256 ExpectedServerSignType = RSA-PSS # =========================================================== [11-Suite B P-256 Hash Algorithm Selection] ssl_conf = 11-Suite B P-256 Hash Algorithm Selection-ssl [11-Suite B P-256 Hash Algorithm Selection-ssl] server = 11-Suite B P-256 Hash Algorithm Selection-server client = 11-Suite B P-256 Hash Algorithm Selection-client [11-Suite B P-256 Hash Algorithm Selection-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = SUITEB128 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p256-server-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-Suite B P-256 Hash Algorithm Selection-client] CipherString = DEFAULT SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem VerifyMode = Peer [test-11] ExpectedResult = Success ExpectedServerCertType = P-256 ExpectedServerSignHash = SHA256 ExpectedServerSignType = EC # =========================================================== [12-Suite B P-384 Hash Algorithm Selection] ssl_conf = 12-Suite B P-384 Hash Algorithm Selection-ssl [12-Suite B P-384 Hash Algorithm Selection-ssl] server = 12-Suite B P-384 Hash Algorithm Selection-server client = 12-Suite B P-384 Hash Algorithm Selection-client [12-Suite B P-384 Hash Algorithm Selection-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = SUITEB128 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-Suite B P-384 Hash Algorithm Selection-client] CipherString = DEFAULT SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem VerifyMode = Peer [test-12] ExpectedResult = Success ExpectedServerCertType = P-384 ExpectedServerSignHash = SHA384 ExpectedServerSignType = EC # =========================================================== [13-TLS 1.2 Ed25519 Client Auth] ssl_conf = 13-TLS 1.2 Ed25519 Client Auth-ssl [13-TLS 1.2 Ed25519 Client Auth-ssl] server = 13-TLS 1.2 Ed25519 Client Auth-server client = 13-TLS 1.2 Ed25519 Client Auth-client [13-TLS 1.2 Ed25519 Client Auth-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require [13-TLS 1.2 Ed25519 Client Auth-client] CipherString = DEFAULT EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-13] ExpectedClientCertType = Ed25519 ExpectedClientSignType = Ed25519 ExpectedResult = Success # =========================================================== [14-TLS 1.2 DSA Certificate Test] ssl_conf = 14-TLS 1.2 DSA Certificate Test-ssl [14-TLS 1.2 DSA Certificate Test-ssl] server = 14-TLS 1.2 DSA Certificate Test-server client = 14-TLS 1.2 DSA Certificate Test-client [14-TLS 1.2 DSA Certificate Test-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = ALL DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-TLS 1.2 DSA Certificate Test-client] CipherString = ALL SignatureAlgorithms = DSA+SHA256:DSA+SHA1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-14] ExpectedResult = Success