+ {
+ name => "RSA key exchange with all RSA certificate types",
+ server => $server_rsa_all,
+ client => {
+ "CipherString" => "kRSA",
+ "MaxProtocol" => "TLSv1.2",
+ },
+ test => {
+ "ExpectedServerCertType" =>, "RSA",
+ "ExpectedResult" => "Success"
+ },
+ },
+ {
+ name => "Suite B P-256 Hash Algorithm Selection",
+ server => {
+ "ECDSA.Certificate" => test_pem("p256-server-cert.pem"),
+ "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"),
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "SUITEB128"
+ },
+ client => {
+ "VerifyCAFile" => test_pem("p384-root.pem"),
+ "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256"
+ },
+ test => {
+ "ExpectedServerCertType" => "P-256",
+ "ExpectedServerSignHash" => "SHA256",
+ "ExpectedServerSignType" => "EC",
+ "ExpectedResult" => "Success"
+ },
+ },
+ {
+ name => "Suite B P-384 Hash Algorithm Selection",
+ server => {
+ "ECDSA.Certificate" => test_pem("p384-server-cert.pem"),
+ "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"),
+ "MaxProtocol" => "TLSv1.2",
+ "CipherString" => "SUITEB128"
+ },
+ client => {
+ "VerifyCAFile" => test_pem("p384-root.pem"),
+ "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384"
+ },
+ test => {
+ "ExpectedServerCertType" => "P-384",
+ "ExpectedServerSignHash" => "SHA384",
+ "ExpectedServerSignType" => "EC",
+ "ExpectedResult" => "Success"
+ },
+ },
+ {
+ name => "TLS 1.2 Ed25519 Client Auth",
+ server => {
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "Require"
+ },
+ client => {
+ "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"),
+ "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"),
+ "MinProtocol" => "TLSv1.2",
+ "MaxProtocol" => "TLSv1.2"
+ },
+ test => {
+ "ExpectedClientCertType" => "Ed25519",
+ "ExpectedClientSignType" => "Ed25519",
+ "ExpectedResult" => "Success"
+ },
+ },
+ {
+ name => "TLS 1.2 Ed448 Client Auth",
+ server => {
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "Require"
+ },
+ client => {
+ "Ed448.Certificate" => test_pem("client-ed448-cert.pem"),
+ "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"),
+ "MinProtocol" => "TLSv1.2",
+ "MaxProtocol" => "TLSv1.2"
+ },
+ test => {
+ "ExpectedClientCertType" => "Ed448",
+ "ExpectedClientSignType" => "Ed448",
+ "ExpectedResult" => "Success"
+ },
+ },
+);
+
+my @tests_pss = (
+ {
+ name => "RSA-PSS Certificate CipherString Selection",
+ server => $server_pss,
+ client => {
+ "CipherString" => "aRSA",
+ "MaxProtocol" => "TLSv1.2",
+ },
+ test => {
+ "ExpectedServerCertType" =>, "RSA-PSS",
+ "ExpectedServerSignType" =>, "RSA-PSS",
+ "ExpectedResult" => "Success"
+ },
+ },