From b1b22b0b77c2118377320d9a665f495fdea7d419 Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sat, 20 Aug 2016 19:51:14 +0200 Subject: [PATCH] Test the support curves in tls Reviewed-by: Rich Salz GH: #1472 --- test/recipes/80-test_ssl_new.t | 5 +- test/ssl-tests/14-curves.conf | 758 +++++++++++++++++++++++++++++++ test/ssl-tests/14-curves.conf.in | 41 ++ 3 files changed, 802 insertions(+), 2 deletions(-) create mode 100644 test/ssl-tests/14-curves.conf create mode 100644 test/ssl-tests/14-curves.conf.in diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t index 09db280146..29e490d411 100644 --- a/test/recipes/80-test_ssl_new.t +++ b/test/recipes/80-test_ssl_new.t @@ -29,7 +29,7 @@ map { s/\.in// } @conf_files; # We hard-code the number of tests to double-check that the globbing above # finds all files as expected. -plan tests => 13; # = scalar @conf_srcs +plan tests => 14; # = scalar @conf_srcs # Some test results depend on the configuration of enabled protocols. We only # verify generated sources in the default configuration. @@ -67,7 +67,8 @@ my %skip = ( # disable instruction but that's a bizarre configuration not worth # special-casing for. # We should review this once we have TLS 1.3. - "13-fragmentation.conf" => disabled("tls1_2") + "13-fragmentation.conf" => disabled("tls1_2"), + "14-curves.conf" => disabled("tls1_2") || $no_ec ); foreach my $conf (@conf_files) { diff --git a/test/ssl-tests/14-curves.conf b/test/ssl-tests/14-curves.conf new file mode 100644 index 0000000000..d4c19c7a70 --- /dev/null +++ b/test/ssl-tests/14-curves.conf @@ -0,0 +1,758 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 29 + +test-0 = 0-curve-sect163k1 +test-1 = 1-curve-sect163r1 +test-2 = 2-curve-sect163r2 +test-3 = 3-curve-sect193r1 +test-4 = 4-curve-sect193r2 +test-5 = 5-curve-sect233k1 +test-6 = 6-curve-sect233r1 +test-7 = 7-curve-sect239k1 +test-8 = 8-curve-sect283k1 +test-9 = 9-curve-sect283r1 +test-10 = 10-curve-sect409k1 +test-11 = 11-curve-sect409r1 +test-12 = 12-curve-sect571k1 +test-13 = 13-curve-sect571r1 +test-14 = 14-curve-secp160k1 +test-15 = 15-curve-secp160r1 +test-16 = 16-curve-secp160r2 +test-17 = 17-curve-secp192k1 +test-18 = 18-curve-prime192v1 +test-19 = 19-curve-secp224k1 +test-20 = 20-curve-secp224r1 +test-21 = 21-curve-secp256k1 +test-22 = 22-curve-prime256v1 +test-23 = 23-curve-secp384r1 +test-24 = 24-curve-secp521r1 +test-25 = 25-curve-brainpoolP256r1 +test-26 = 26-curve-brainpoolP384r1 +test-27 = 27-curve-brainpoolP512r1 +test-28 = 28-curve-X25519 +# =========================================================== + +[0-curve-sect163k1] +ssl_conf = 0-curve-sect163k1-ssl + +[0-curve-sect163k1-ssl] +server = 0-curve-sect163k1-server +client = 0-curve-sect163k1-client + +[0-curve-sect163k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect163k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-curve-sect163k1-client] +CipherString = ECDHE +Curves = sect163k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedResult = Success + + +# =========================================================== + +[1-curve-sect163r1] +ssl_conf = 1-curve-sect163r1-ssl + +[1-curve-sect163r1-ssl] +server = 1-curve-sect163r1-server +client = 1-curve-sect163r1-client + +[1-curve-sect163r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect163r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[1-curve-sect163r1-client] +CipherString = ECDHE +Curves = sect163r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +ExpectedResult = Success + + +# =========================================================== + +[2-curve-sect163r2] +ssl_conf = 2-curve-sect163r2-ssl + +[2-curve-sect163r2-ssl] +server = 2-curve-sect163r2-server +client = 2-curve-sect163r2-client + +[2-curve-sect163r2-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect163r2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[2-curve-sect163r2-client] +CipherString = ECDHE +Curves = sect163r2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +ExpectedResult = Success + + +# =========================================================== + +[3-curve-sect193r1] +ssl_conf = 3-curve-sect193r1-ssl + +[3-curve-sect193r1-ssl] +server = 3-curve-sect193r1-server +client = 3-curve-sect193r1-client + +[3-curve-sect193r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect193r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[3-curve-sect193r1-client] +CipherString = ECDHE +Curves = sect193r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +ExpectedResult = Success + + +# =========================================================== + +[4-curve-sect193r2] +ssl_conf = 4-curve-sect193r2-ssl + +[4-curve-sect193r2-ssl] +server = 4-curve-sect193r2-server +client = 4-curve-sect193r2-client + +[4-curve-sect193r2-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect193r2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[4-curve-sect193r2-client] +CipherString = ECDHE +Curves = sect193r2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-4] +ExpectedResult = Success + + +# =========================================================== + +[5-curve-sect233k1] +ssl_conf = 5-curve-sect233k1-ssl + +[5-curve-sect233k1-ssl] +server = 5-curve-sect233k1-server +client = 5-curve-sect233k1-client + +[5-curve-sect233k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect233k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[5-curve-sect233k1-client] +CipherString = ECDHE +Curves = sect233k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-5] +ExpectedResult = Success + + +# =========================================================== + +[6-curve-sect233r1] +ssl_conf = 6-curve-sect233r1-ssl + +[6-curve-sect233r1-ssl] +server = 6-curve-sect233r1-server +client = 6-curve-sect233r1-client + +[6-curve-sect233r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect233r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[6-curve-sect233r1-client] +CipherString = ECDHE +Curves = sect233r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-6] +ExpectedResult = Success + + +# =========================================================== + +[7-curve-sect239k1] +ssl_conf = 7-curve-sect239k1-ssl + +[7-curve-sect239k1-ssl] +server = 7-curve-sect239k1-server +client = 7-curve-sect239k1-client + +[7-curve-sect239k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect239k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[7-curve-sect239k1-client] +CipherString = ECDHE +Curves = sect239k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-7] +ExpectedResult = Success + + +# =========================================================== + +[8-curve-sect283k1] +ssl_conf = 8-curve-sect283k1-ssl + +[8-curve-sect283k1-ssl] +server = 8-curve-sect283k1-server +client = 8-curve-sect283k1-client + +[8-curve-sect283k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect283k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[8-curve-sect283k1-client] +CipherString = ECDHE +Curves = sect283k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-8] +ExpectedResult = Success + + +# =========================================================== + +[9-curve-sect283r1] +ssl_conf = 9-curve-sect283r1-ssl + +[9-curve-sect283r1-ssl] +server = 9-curve-sect283r1-server +client = 9-curve-sect283r1-client + +[9-curve-sect283r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect283r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[9-curve-sect283r1-client] +CipherString = ECDHE +Curves = sect283r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-9] +ExpectedResult = Success + + +# =========================================================== + +[10-curve-sect409k1] +ssl_conf = 10-curve-sect409k1-ssl + +[10-curve-sect409k1-ssl] +server = 10-curve-sect409k1-server +client = 10-curve-sect409k1-client + +[10-curve-sect409k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect409k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[10-curve-sect409k1-client] +CipherString = ECDHE +Curves = sect409k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-10] +ExpectedResult = Success + + +# =========================================================== + +[11-curve-sect409r1] +ssl_conf = 11-curve-sect409r1-ssl + +[11-curve-sect409r1-ssl] +server = 11-curve-sect409r1-server +client = 11-curve-sect409r1-client + +[11-curve-sect409r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect409r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[11-curve-sect409r1-client] +CipherString = ECDHE +Curves = sect409r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-11] +ExpectedResult = Success + + +# =========================================================== + +[12-curve-sect571k1] +ssl_conf = 12-curve-sect571k1-ssl + +[12-curve-sect571k1-ssl] +server = 12-curve-sect571k1-server +client = 12-curve-sect571k1-client + +[12-curve-sect571k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect571k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[12-curve-sect571k1-client] +CipherString = ECDHE +Curves = sect571k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-12] +ExpectedResult = Success + + +# =========================================================== + +[13-curve-sect571r1] +ssl_conf = 13-curve-sect571r1-ssl + +[13-curve-sect571r1-ssl] +server = 13-curve-sect571r1-server +client = 13-curve-sect571r1-client + +[13-curve-sect571r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = sect571r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[13-curve-sect571r1-client] +CipherString = ECDHE +Curves = sect571r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-13] +ExpectedResult = Success + + +# =========================================================== + +[14-curve-secp160k1] +ssl_conf = 14-curve-secp160k1-ssl + +[14-curve-secp160k1-ssl] +server = 14-curve-secp160k1-server +client = 14-curve-secp160k1-client + +[14-curve-secp160k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = secp160k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[14-curve-secp160k1-client] +CipherString = ECDHE +Curves = secp160k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-14] +ExpectedResult = Success + + +# =========================================================== + +[15-curve-secp160r1] +ssl_conf = 15-curve-secp160r1-ssl + +[15-curve-secp160r1-ssl] +server = 15-curve-secp160r1-server +client = 15-curve-secp160r1-client + +[15-curve-secp160r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = secp160r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[15-curve-secp160r1-client] +CipherString = ECDHE +Curves = secp160r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-15] +ExpectedResult = Success + + +# =========================================================== + +[16-curve-secp160r2] +ssl_conf = 16-curve-secp160r2-ssl + +[16-curve-secp160r2-ssl] +server = 16-curve-secp160r2-server +client = 16-curve-secp160r2-client + +[16-curve-secp160r2-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = secp160r2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[16-curve-secp160r2-client] +CipherString = ECDHE +Curves = secp160r2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-16] +ExpectedResult = Success + + +# =========================================================== + +[17-curve-secp192k1] +ssl_conf = 17-curve-secp192k1-ssl + +[17-curve-secp192k1-ssl] +server = 17-curve-secp192k1-server +client = 17-curve-secp192k1-client + +[17-curve-secp192k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = secp192k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[17-curve-secp192k1-client] +CipherString = ECDHE +Curves = secp192k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-17] +ExpectedResult = Success + + +# =========================================================== + +[18-curve-prime192v1] +ssl_conf = 18-curve-prime192v1-ssl + +[18-curve-prime192v1-ssl] +server = 18-curve-prime192v1-server +client = 18-curve-prime192v1-client + +[18-curve-prime192v1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = prime192v1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[18-curve-prime192v1-client] +CipherString = ECDHE +Curves = prime192v1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-18] +ExpectedResult = Success + + +# =========================================================== + +[19-curve-secp224k1] +ssl_conf = 19-curve-secp224k1-ssl + +[19-curve-secp224k1-ssl] +server = 19-curve-secp224k1-server +client = 19-curve-secp224k1-client + +[19-curve-secp224k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = secp224k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[19-curve-secp224k1-client] +CipherString = ECDHE +Curves = secp224k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-19] +ExpectedResult = Success + + +# =========================================================== + +[20-curve-secp224r1] +ssl_conf = 20-curve-secp224r1-ssl + +[20-curve-secp224r1-ssl] +server = 20-curve-secp224r1-server +client = 20-curve-secp224r1-client + +[20-curve-secp224r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = secp224r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[20-curve-secp224r1-client] +CipherString = ECDHE +Curves = secp224r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-20] +ExpectedResult = Success + + +# =========================================================== + +[21-curve-secp256k1] +ssl_conf = 21-curve-secp256k1-ssl + +[21-curve-secp256k1-ssl] +server = 21-curve-secp256k1-server +client = 21-curve-secp256k1-client + +[21-curve-secp256k1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = secp256k1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[21-curve-secp256k1-client] +CipherString = ECDHE +Curves = secp256k1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-21] +ExpectedResult = Success + + +# =========================================================== + +[22-curve-prime256v1] +ssl_conf = 22-curve-prime256v1-ssl + +[22-curve-prime256v1-ssl] +server = 22-curve-prime256v1-server +client = 22-curve-prime256v1-client + +[22-curve-prime256v1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = prime256v1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[22-curve-prime256v1-client] +CipherString = ECDHE +Curves = prime256v1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-22] +ExpectedResult = Success + + +# =========================================================== + +[23-curve-secp384r1] +ssl_conf = 23-curve-secp384r1-ssl + +[23-curve-secp384r1-ssl] +server = 23-curve-secp384r1-server +client = 23-curve-secp384r1-client + +[23-curve-secp384r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = secp384r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[23-curve-secp384r1-client] +CipherString = ECDHE +Curves = secp384r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-23] +ExpectedResult = Success + + +# =========================================================== + +[24-curve-secp521r1] +ssl_conf = 24-curve-secp521r1-ssl + +[24-curve-secp521r1-ssl] +server = 24-curve-secp521r1-server +client = 24-curve-secp521r1-client + +[24-curve-secp521r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = secp521r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[24-curve-secp521r1-client] +CipherString = ECDHE +Curves = secp521r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-24] +ExpectedResult = Success + + +# =========================================================== + +[25-curve-brainpoolP256r1] +ssl_conf = 25-curve-brainpoolP256r1-ssl + +[25-curve-brainpoolP256r1-ssl] +server = 25-curve-brainpoolP256r1-server +client = 25-curve-brainpoolP256r1-client + +[25-curve-brainpoolP256r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = brainpoolP256r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[25-curve-brainpoolP256r1-client] +CipherString = ECDHE +Curves = brainpoolP256r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-25] +ExpectedResult = Success + + +# =========================================================== + +[26-curve-brainpoolP384r1] +ssl_conf = 26-curve-brainpoolP384r1-ssl + +[26-curve-brainpoolP384r1-ssl] +server = 26-curve-brainpoolP384r1-server +client = 26-curve-brainpoolP384r1-client + +[26-curve-brainpoolP384r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = brainpoolP384r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[26-curve-brainpoolP384r1-client] +CipherString = ECDHE +Curves = brainpoolP384r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-26] +ExpectedResult = Success + + +# =========================================================== + +[27-curve-brainpoolP512r1] +ssl_conf = 27-curve-brainpoolP512r1-ssl + +[27-curve-brainpoolP512r1-ssl] +server = 27-curve-brainpoolP512r1-server +client = 27-curve-brainpoolP512r1-client + +[27-curve-brainpoolP512r1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = brainpoolP512r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[27-curve-brainpoolP512r1-client] +CipherString = ECDHE +Curves = brainpoolP512r1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-27] +ExpectedResult = Success + + +# =========================================================== + +[28-curve-X25519] +ssl_conf = 28-curve-X25519-ssl + +[28-curve-X25519-ssl] +server = 28-curve-X25519-server +client = 28-curve-X25519-client + +[28-curve-X25519-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = X25519 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[28-curve-X25519-client] +CipherString = ECDHE +Curves = X25519 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-28] +ExpectedResult = Success + + diff --git a/test/ssl-tests/14-curves.conf.in b/test/ssl-tests/14-curves.conf.in new file mode 100644 index 0000000000..f39ff7d22a --- /dev/null +++ b/test/ssl-tests/14-curves.conf.in @@ -0,0 +1,41 @@ +# -*- mode: perl; -*- + +## SSL test configurations + +package ssltests; + +use strict; +use warnings; + +use OpenSSL::Test; +use OpenSSL::Test::Utils qw(anydisabled); + +my @curves = ("sect163k1", "sect163r1", "sect163r2", "sect193r1", + "sect193r2", "sect233k1", "sect233r1", "sect239k1", + "sect283k1", "sect283r1", "sect409k1", "sect409r1", + "sect571k1", "sect571r1", "secp160k1", "secp160r1", + "secp160r2", "secp192k1", "prime192v1", "secp224k1", + "secp224r1", "secp256k1", "prime256v1", "secp384r1", + "secp521r1", "brainpoolP256r1", "brainpoolP384r1", + "brainpoolP512r1", "X25519"); + +our @tests = (); + +sub generate_tests() { + foreach (0..$#curves) { + my $curve = $curves[$_]; + push @tests, { + name => "curve-${curve}", + server => { + "Curves" => $curve + }, + client => { + "CipherString" => "ECDHE", + "Curves" => $curve + }, + test => { "ExpectedResult" => "Success" }, + }; + } +} + +generate_tests(); -- 2.34.1