1 # Generated with generate_ssl_tests.pl
5 test-0 = 0-ECDSA CipherString Selection
6 test-1 = 1-RSA CipherString Selection
7 test-2 = 2-ECDSA CipherString Selection, no ECDSA certificate
8 test-3 = 3-ECDSA Signature Algorithm Selection
9 test-4 = 4-ECDSA Signature Algorithm Selection SHA384
10 test-5 = 5-ECDSA Signature Algorithm Selection SHA1
11 test-6 = 6-ECDSA Signature Algorithm Selection compressed point
12 test-7 = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate
13 test-8 = 8-RSA Signature Algorithm Selection
14 test-9 = 9-RSA-PSS Signature Algorithm Selection
15 test-10 = 10-Suite B P-256 Hash Algorithm Selection
16 test-11 = 11-Suite B P-384 Hash Algorithm Selection
17 test-12 = 12-TLS 1.2 DSA Certificate Test
18 # ===========================================================
20 [0-ECDSA CipherString Selection]
21 ssl_conf = 0-ECDSA CipherString Selection-ssl
23 [0-ECDSA CipherString Selection-ssl]
24 server = 0-ECDSA CipherString Selection-server
25 client = 0-ECDSA CipherString Selection-client
27 [0-ECDSA CipherString Selection-server]
28 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
29 CipherString = DEFAULT
30 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
31 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
33 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
35 [0-ECDSA CipherString Selection-client]
37 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
38 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
42 ExpectedResult = Success
43 ExpectedServerCANames = empty
44 ExpectedServerCertType = P-256
45 ExpectedServerSignType = EC
48 # ===========================================================
50 [1-RSA CipherString Selection]
51 ssl_conf = 1-RSA CipherString Selection-ssl
53 [1-RSA CipherString Selection-ssl]
54 server = 1-RSA CipherString Selection-server
55 client = 1-RSA CipherString Selection-client
57 [1-RSA CipherString Selection-server]
58 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
59 CipherString = DEFAULT
60 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
61 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
63 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
65 [1-RSA CipherString Selection-client]
67 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
71 ExpectedResult = Success
72 ExpectedServerCertType = RSA
73 ExpectedServerSignType = RSA-PSS
76 # ===========================================================
78 [2-ECDSA CipherString Selection, no ECDSA certificate]
79 ssl_conf = 2-ECDSA CipherString Selection, no ECDSA certificate-ssl
81 [2-ECDSA CipherString Selection, no ECDSA certificate-ssl]
82 server = 2-ECDSA CipherString Selection, no ECDSA certificate-server
83 client = 2-ECDSA CipherString Selection, no ECDSA certificate-client
85 [2-ECDSA CipherString Selection, no ECDSA certificate-server]
86 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
87 CipherString = DEFAULT
89 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
91 [2-ECDSA CipherString Selection, no ECDSA certificate-client]
93 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
97 ExpectedResult = ServerFail
100 # ===========================================================
102 [3-ECDSA Signature Algorithm Selection]
103 ssl_conf = 3-ECDSA Signature Algorithm Selection-ssl
105 [3-ECDSA Signature Algorithm Selection-ssl]
106 server = 3-ECDSA Signature Algorithm Selection-server
107 client = 3-ECDSA Signature Algorithm Selection-client
109 [3-ECDSA Signature Algorithm Selection-server]
110 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
111 CipherString = DEFAULT
112 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
113 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
114 MaxProtocol = TLSv1.2
115 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
117 [3-ECDSA Signature Algorithm Selection-client]
118 CipherString = DEFAULT
119 SignatureAlgorithms = ECDSA+SHA256
120 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
124 ExpectedResult = Success
125 ExpectedServerCertType = P-256
126 ExpectedServerSignHash = SHA256
127 ExpectedServerSignType = EC
130 # ===========================================================
132 [4-ECDSA Signature Algorithm Selection SHA384]
133 ssl_conf = 4-ECDSA Signature Algorithm Selection SHA384-ssl
135 [4-ECDSA Signature Algorithm Selection SHA384-ssl]
136 server = 4-ECDSA Signature Algorithm Selection SHA384-server
137 client = 4-ECDSA Signature Algorithm Selection SHA384-client
139 [4-ECDSA Signature Algorithm Selection SHA384-server]
140 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
141 CipherString = DEFAULT
142 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
143 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
144 MaxProtocol = TLSv1.2
145 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
147 [4-ECDSA Signature Algorithm Selection SHA384-client]
148 CipherString = DEFAULT
149 SignatureAlgorithms = ECDSA+SHA384
150 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
154 ExpectedResult = Success
155 ExpectedServerCertType = P-256
156 ExpectedServerSignHash = SHA384
157 ExpectedServerSignType = EC
160 # ===========================================================
162 [5-ECDSA Signature Algorithm Selection SHA1]
163 ssl_conf = 5-ECDSA Signature Algorithm Selection SHA1-ssl
165 [5-ECDSA Signature Algorithm Selection SHA1-ssl]
166 server = 5-ECDSA Signature Algorithm Selection SHA1-server
167 client = 5-ECDSA Signature Algorithm Selection SHA1-client
169 [5-ECDSA Signature Algorithm Selection SHA1-server]
170 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
171 CipherString = DEFAULT
172 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
173 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
174 MaxProtocol = TLSv1.2
175 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
177 [5-ECDSA Signature Algorithm Selection SHA1-client]
178 CipherString = DEFAULT
179 SignatureAlgorithms = ECDSA+SHA1
180 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
184 ExpectedResult = Success
185 ExpectedServerCertType = P-256
186 ExpectedServerSignHash = SHA1
187 ExpectedServerSignType = EC
190 # ===========================================================
192 [6-ECDSA Signature Algorithm Selection compressed point]
193 ssl_conf = 6-ECDSA Signature Algorithm Selection compressed point-ssl
195 [6-ECDSA Signature Algorithm Selection compressed point-ssl]
196 server = 6-ECDSA Signature Algorithm Selection compressed point-server
197 client = 6-ECDSA Signature Algorithm Selection compressed point-client
199 [6-ECDSA Signature Algorithm Selection compressed point-server]
200 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
201 CipherString = DEFAULT
202 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
203 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem
204 MaxProtocol = TLSv1.2
205 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
207 [6-ECDSA Signature Algorithm Selection compressed point-client]
208 CipherString = DEFAULT
209 SignatureAlgorithms = ECDSA+SHA256
210 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
214 ExpectedResult = Success
215 ExpectedServerCertType = P-256
216 ExpectedServerSignHash = SHA256
217 ExpectedServerSignType = EC
220 # ===========================================================
222 [7-ECDSA Signature Algorithm Selection, no ECDSA certificate]
223 ssl_conf = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
225 [7-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
226 server = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate-server
227 client = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
229 [7-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
230 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
231 CipherString = DEFAULT
232 MaxProtocol = TLSv1.2
233 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
235 [7-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
236 CipherString = DEFAULT
237 SignatureAlgorithms = ECDSA+SHA256
238 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
242 ExpectedResult = ServerFail
245 # ===========================================================
247 [8-RSA Signature Algorithm Selection]
248 ssl_conf = 8-RSA Signature Algorithm Selection-ssl
250 [8-RSA Signature Algorithm Selection-ssl]
251 server = 8-RSA Signature Algorithm Selection-server
252 client = 8-RSA Signature Algorithm Selection-client
254 [8-RSA Signature Algorithm Selection-server]
255 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
256 CipherString = DEFAULT
257 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
258 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
259 MaxProtocol = TLSv1.2
260 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
262 [8-RSA Signature Algorithm Selection-client]
263 CipherString = DEFAULT
264 SignatureAlgorithms = RSA+SHA256
265 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
269 ExpectedResult = Success
270 ExpectedServerCertType = RSA
271 ExpectedServerSignHash = SHA256
272 ExpectedServerSignType = RSA
275 # ===========================================================
277 [9-RSA-PSS Signature Algorithm Selection]
278 ssl_conf = 9-RSA-PSS Signature Algorithm Selection-ssl
280 [9-RSA-PSS Signature Algorithm Selection-ssl]
281 server = 9-RSA-PSS Signature Algorithm Selection-server
282 client = 9-RSA-PSS Signature Algorithm Selection-client
284 [9-RSA-PSS Signature Algorithm Selection-server]
285 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
286 CipherString = DEFAULT
287 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
288 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
289 MaxProtocol = TLSv1.2
290 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
292 [9-RSA-PSS Signature Algorithm Selection-client]
293 CipherString = DEFAULT
294 SignatureAlgorithms = RSA-PSS+SHA256
295 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
299 ExpectedResult = Success
300 ExpectedServerCertType = RSA
301 ExpectedServerSignHash = SHA256
302 ExpectedServerSignType = RSA-PSS
305 # ===========================================================
307 [10-Suite B P-256 Hash Algorithm Selection]
308 ssl_conf = 10-Suite B P-256 Hash Algorithm Selection-ssl
310 [10-Suite B P-256 Hash Algorithm Selection-ssl]
311 server = 10-Suite B P-256 Hash Algorithm Selection-server
312 client = 10-Suite B P-256 Hash Algorithm Selection-client
314 [10-Suite B P-256 Hash Algorithm Selection-server]
315 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
316 CipherString = SUITEB128
317 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem
318 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p256-server-key.pem
319 MaxProtocol = TLSv1.2
320 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
322 [10-Suite B P-256 Hash Algorithm Selection-client]
323 CipherString = DEFAULT
324 SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256
325 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
329 ExpectedResult = Success
330 ExpectedServerCertType = P-256
331 ExpectedServerSignHash = SHA256
332 ExpectedServerSignType = EC
335 # ===========================================================
337 [11-Suite B P-384 Hash Algorithm Selection]
338 ssl_conf = 11-Suite B P-384 Hash Algorithm Selection-ssl
340 [11-Suite B P-384 Hash Algorithm Selection-ssl]
341 server = 11-Suite B P-384 Hash Algorithm Selection-server
342 client = 11-Suite B P-384 Hash Algorithm Selection-client
344 [11-Suite B P-384 Hash Algorithm Selection-server]
345 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
346 CipherString = SUITEB128
347 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
348 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem
349 MaxProtocol = TLSv1.2
350 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
352 [11-Suite B P-384 Hash Algorithm Selection-client]
353 CipherString = DEFAULT
354 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384
355 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
359 ExpectedResult = Success
360 ExpectedServerCertType = P-384
361 ExpectedServerSignHash = SHA384
362 ExpectedServerSignType = EC
365 # ===========================================================
367 [12-TLS 1.2 DSA Certificate Test]
368 ssl_conf = 12-TLS 1.2 DSA Certificate Test-ssl
370 [12-TLS 1.2 DSA Certificate Test-ssl]
371 server = 12-TLS 1.2 DSA Certificate Test-server
372 client = 12-TLS 1.2 DSA Certificate Test-client
374 [12-TLS 1.2 DSA Certificate Test-server]
375 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
377 DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem
378 DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
379 DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem
380 MaxProtocol = TLSv1.2
381 MinProtocol = TLSv1.2
382 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
384 [12-TLS 1.2 DSA Certificate Test-client]
386 SignatureAlgorithms = DSA+SHA256:DSA+SHA1
387 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
391 ExpectedResult = Success