3 ## SSL test configurations
10 use OpenSSL::Test::Utils;
12 my $dir_sep = $^O ne "VMS" ? "/" : "";
15 "ECDSA.Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem",
16 "ECDSA.PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem",
17 "MaxProtocol" => "TLSv1.2"
22 name => "ECDSA CipherString Selection",
25 "CipherString" => "aECDSA",
28 "ExpectedServerCertType" =>, "P-256",
29 "ExpectedServerSignType" =>, "EC",
30 "ExpectedResult" => "Success"
34 name => "RSA CipherString Selection",
37 "CipherString" => "aRSA",
40 "ExpectedServerCertType" =>, "RSA",
41 "ExpectedServerSignType" =>, "RSA-PSS",
42 "ExpectedResult" => "Success"
46 name => "ECDSA CipherString Selection, no ECDSA certificate",
49 "CipherString" => "aECDSA"
52 "ExpectedResult" => "ServerFail"
56 name => "ECDSA Signature Algorithm Selection",
59 "SignatureAlgorithms" => "ECDSA+SHA256",
62 "ExpectedServerCertType" => "P-256",
63 "ExpectedServerSignHash" => "SHA256",
64 "ExpectedServerSignType" => "EC",
65 "ExpectedResult" => "Success"
69 name => "ECDSA Signature Algorithm Selection SHA384",
72 "SignatureAlgorithms" => "ECDSA+SHA384",
75 "ExpectedServerCertType" => "P-256",
76 "ExpectedServerSignHash" => "SHA384",
77 "ExpectedServerSignType" => "EC",
78 "ExpectedResult" => "Success"
82 name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
85 "SignatureAlgorithms" => "ECDSA+SHA256",
88 "ExpectedResult" => "ServerFail"
92 name => "RSA Signature Algorithm Selection",
95 "SignatureAlgorithms" => "RSA+SHA256",
98 "ExpectedServerCertType" => "RSA",
99 "ExpectedServerSignHash" => "SHA256",
100 "ExpectedServerSignType" => "RSA",
101 "ExpectedResult" => "Success"
105 name => "RSA-PSS Signature Algorithm Selection",
108 "SignatureAlgorithms" => "RSA-PSS+SHA256",
111 "ExpectedServerCertType" => "RSA",
112 "ExpectedServerSignHash" => "SHA256",
113 "ExpectedServerSignType" => "RSA-PSS",
114 "ExpectedResult" => "Success"
120 my $server_tls_1_3 = {
121 "ECDSA.Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem",
122 "ECDSA.PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem",
123 "MinProtocol" => "TLSv1.3",
124 "MaxProtocol" => "TLSv1.3"
127 my @tests_tls_1_3 = (
129 name => "TLS 1.3 ECDSA Signature Algorithm Selection",
130 server => $server_tls_1_3,
132 "SignatureAlgorithms" => "ECDSA+SHA256",
135 "ExpectedServerCertType" => "P-256",
136 "ExpectedServerSignHash" => "SHA256",
137 "ExpectedServerSignType" => "EC",
138 "ExpectedResult" => "Success"
142 name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS",
143 server => $server_tls_1_3,
145 "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256",
148 "ExpectedServerCertType" => "P-256",
149 "ExpectedServerSignHash" => "SHA256",
150 "ExpectedServerSignType" => "EC",
151 "ExpectedResult" => "Success"
155 name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS",
156 server => $server_tls_1_3,
158 "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384",
161 "ExpectedServerCertType" => "RSA",
162 "ExpectedServerSignHash" => "SHA384",
163 "ExpectedServerSignType" => "RSA-PSS",
164 "ExpectedResult" => "Success"
168 name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate",
171 "SignatureAlgorithms" => "ECDSA+SHA256",
174 "ExpectedResult" => "ServerFail"
178 name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS",
179 server => $server_tls_1_3,
181 "SignatureAlgorithms" => "RSA+SHA256",
184 "ExpectedResult" => "ServerFail"
188 name => "TLS 1.3 RSA-PSS Signature Algorithm Selection",
189 server => $server_tls_1_3,
191 "SignatureAlgorithms" => "RSA-PSS+SHA256",
194 "ExpectedServerCertType" => "RSA",
195 "ExpectedServerSignHash" => "SHA256",
196 "ExpectedServerSignType" => "RSA-PSS",
197 "ExpectedResult" => "Success"
202 push @tests, @tests_tls_1_3 unless disabled("tls1_3");