3 ## SSL test configurations
10 use OpenSSL::Test::Utils;
12 my $dir_sep = $^O ne "VMS" ? "/" : "";
15 "ECDSA.Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem",
16 "ECDSA.PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem",
17 "MaxProtocol" => "TLSv1.2"
22 name => "ECDSA CipherString Selection",
25 "CipherString" => "aECDSA",
28 "ExpectedServerCertType" =>, "P-256",
29 "ExpectedServerSignType" =>, "EC",
30 "ExpectedResult" => "Success"
34 name => "RSA CipherString Selection",
37 "CipherString" => "aRSA",
40 "ExpectedServerCertType" =>, "RSA",
41 "ExpectedServerSignType" =>, "RSA-PSS",
42 "ExpectedResult" => "Success"
46 name => "ECDSA CipherString Selection, no ECDSA certificate",
48 "MaxProtocol" => "TLSv1.2"
51 "CipherString" => "aECDSA"
54 "ExpectedResult" => "ServerFail"
58 name => "ECDSA Signature Algorithm Selection",
61 "SignatureAlgorithms" => "ECDSA+SHA256",
64 "ExpectedServerCertType" => "P-256",
65 "ExpectedServerSignHash" => "SHA256",
66 "ExpectedServerSignType" => "EC",
67 "ExpectedResult" => "Success"
71 name => "ECDSA Signature Algorithm Selection SHA384",
74 "SignatureAlgorithms" => "ECDSA+SHA384",
77 "ExpectedServerCertType" => "P-256",
78 "ExpectedServerSignHash" => "SHA384",
79 "ExpectedServerSignType" => "EC",
80 "ExpectedResult" => "Success"
84 name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
86 "MaxProtocol" => "TLSv1.2"
89 "SignatureAlgorithms" => "ECDSA+SHA256",
92 "ExpectedResult" => "ServerFail"
96 name => "RSA Signature Algorithm Selection",
99 "SignatureAlgorithms" => "RSA+SHA256",
102 "ExpectedServerCertType" => "RSA",
103 "ExpectedServerSignHash" => "SHA256",
104 "ExpectedServerSignType" => "RSA",
105 "ExpectedResult" => "Success"
109 name => "RSA-PSS Signature Algorithm Selection",
112 "SignatureAlgorithms" => "RSA-PSS+SHA256",
115 "ExpectedServerCertType" => "RSA",
116 "ExpectedServerSignHash" => "SHA256",
117 "ExpectedServerSignType" => "RSA-PSS",
118 "ExpectedResult" => "Success"
124 my $server_tls_1_3 = {
125 "ECDSA.Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem",
126 "ECDSA.PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem",
127 "MinProtocol" => "TLSv1.3",
128 "MaxProtocol" => "TLSv1.3"
131 my @tests_tls_1_3 = (
133 name => "TLS 1.3 ECDSA Signature Algorithm Selection",
134 server => $server_tls_1_3,
136 "SignatureAlgorithms" => "ECDSA+SHA256",
139 "ExpectedServerCertType" => "P-256",
140 "ExpectedServerSignHash" => "SHA256",
141 "ExpectedServerSignType" => "EC",
142 "ExpectedResult" => "Success"
146 name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
147 server => $server_tls_1_3,
149 "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
152 "ExpectedServerCertType" => "P-256",
153 "ExpectedServerSignHash" => "SHA256",
154 "ExpectedServerSignType" => "EC",
155 "ExpectedResult" => "Success"
159 name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
160 server => $server_tls_1_3,
162 "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
165 "ExpectedServerCertType" => "RSA",
166 "ExpectedServerSignHash" => "SHA384",
167 "ExpectedServerSignType" => "RSA-PSS",
168 "ExpectedResult" => "Success"
172 name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
174 "MinProtocol" => "TLSv1.3",
175 "MaxProtocol" => "TLSv1.3"
178 "SignatureAlgorithms" => "ECDSA+SHA256",
181 "ExpectedResult" => "ServerFail"
185 name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
186 server => $server_tls_1_3,
188 "SignatureAlgorithms" => "RSA+SHA256",
191 "ExpectedResult" => "ServerFail"
195 name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
196 server => $server_tls_1_3,
198 "SignatureAlgorithms" => "RSA-PSS+SHA256",
201 "ExpectedServerCertType" => "RSA",
202 "ExpectedServerSignHash" => "SHA256",
203 "ExpectedServerSignType" => "RSA-PSS",
204 "ExpectedResult" => "Success"
209 push @tests, @tests_tls_1_3 unless disabled("tls1_3");