1 # Generated with generate_ssl_tests.pl
5 test-0 = 0-ECDSA CipherString Selection
6 test-1 = 1-ECDSA CipherString Selection
7 test-2 = 2-ECDSA CipherString Selection
8 test-3 = 3-Ed25519 CipherString and Signature Algorithm Selection
9 test-4 = 4-Ed448 CipherString and Signature Algorithm Selection
10 test-5 = 5-RSA CipherString Selection
11 test-6 = 6-RSA-PSS Certificate CipherString Selection
12 test-7 = 7-P-256 CipherString and Signature Algorithm Selection
13 test-8 = 8-Ed25519 CipherString and Curves Selection
14 test-9 = 9-Ed448 CipherString and Curves Selection
15 test-10 = 10-ECDSA CipherString Selection, no ECDSA certificate
16 test-11 = 11-ECDSA Signature Algorithm Selection
17 test-12 = 12-ECDSA Signature Algorithm Selection SHA384
18 test-13 = 13-ECDSA Signature Algorithm Selection SHA1
19 test-14 = 14-ECDSA Signature Algorithm Selection compressed point
20 test-15 = 15-ECDSA Signature Algorithm Selection, no ECDSA certificate
21 test-16 = 16-RSA Signature Algorithm Selection
22 test-17 = 17-RSA-PSS Signature Algorithm Selection
23 test-18 = 18-RSA-PSS Certificate Legacy Signature Algorithm Selection
24 test-19 = 19-RSA-PSS Certificate Unified Signature Algorithm Selection
25 test-20 = 20-Only RSA-PSS Certificate
26 test-21 = 21-RSA-PSS Certificate, no PSS signature algorithms
27 test-22 = 22-Suite B P-256 Hash Algorithm Selection
28 test-23 = 23-Suite B P-384 Hash Algorithm Selection
29 test-24 = 24-TLS 1.2 Ed25519 Client Auth
30 test-25 = 25-TLS 1.2 Ed448 Client Auth
31 test-26 = 26-Only RSA-PSS Certificate, TLS v1.1
32 test-27 = 27-TLS 1.3 ECDSA Signature Algorithm Selection
33 test-28 = 28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point
34 test-29 = 29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1
35 test-30 = 30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS
36 test-31 = 31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS
37 test-32 = 32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate
38 test-33 = 33-TLS 1.3 RSA Signature Algorithm Selection, no PSS
39 test-34 = 34-TLS 1.3 RSA-PSS Signature Algorithm Selection
40 test-35 = 35-TLS 1.3 Ed25519 Signature Algorithm Selection
41 test-36 = 36-TLS 1.3 Ed448 Signature Algorithm Selection
42 test-37 = 37-TLS 1.3 Ed25519 CipherString and Groups Selection
43 test-38 = 38-TLS 1.3 Ed448 CipherString and Groups Selection
44 test-39 = 39-TLS 1.3 RSA Client Auth Signature Algorithm Selection
45 test-40 = 40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names
46 test-41 = 41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection
47 test-42 = 42-TLS 1.3 Ed25519 Client Auth
48 test-43 = 43-TLS 1.3 Ed448 Client Auth
49 test-44 = 44-TLS 1.2 DSA Certificate Test
50 test-45 = 45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
51 test-46 = 46-TLS 1.3 DSA Certificate Test
52 # ===========================================================
54 [0-ECDSA CipherString Selection]
55 ssl_conf = 0-ECDSA CipherString Selection-ssl
57 [0-ECDSA CipherString Selection-ssl]
58 server = 0-ECDSA CipherString Selection-server
59 client = 0-ECDSA CipherString Selection-client
61 [0-ECDSA CipherString Selection-server]
62 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
63 CipherString = DEFAULT
64 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
65 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
66 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
67 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
68 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
69 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
71 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
73 [0-ECDSA CipherString Selection-client]
76 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
77 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
81 ExpectedResult = Success
82 ExpectedServerCANames = empty
83 ExpectedServerCertType = P-256
84 ExpectedServerSignType = EC
87 # ===========================================================
89 [1-ECDSA CipherString Selection]
90 ssl_conf = 1-ECDSA CipherString Selection-ssl
92 [1-ECDSA CipherString Selection-ssl]
93 server = 1-ECDSA CipherString Selection-server
94 client = 1-ECDSA CipherString Selection-client
96 [1-ECDSA CipherString Selection-server]
97 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
98 CipherString = DEFAULT
99 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
100 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
102 MaxProtocol = TLSv1.2
103 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
105 [1-ECDSA CipherString Selection-client]
106 CipherString = aECDSA
108 MaxProtocol = TLSv1.2
109 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
110 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
114 ExpectedResult = Success
115 ExpectedServerCANames = empty
116 ExpectedServerCertType = P-256
117 ExpectedServerSignType = EC
120 # ===========================================================
122 [2-ECDSA CipherString Selection]
123 ssl_conf = 2-ECDSA CipherString Selection-ssl
125 [2-ECDSA CipherString Selection-ssl]
126 server = 2-ECDSA CipherString Selection-server
127 client = 2-ECDSA CipherString Selection-client
129 [2-ECDSA CipherString Selection-server]
130 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
131 CipherString = DEFAULT
132 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
133 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
135 MaxProtocol = TLSv1.2
136 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
138 [2-ECDSA CipherString Selection-client]
139 CipherString = aECDSA
141 MaxProtocol = TLSv1.2
142 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
143 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
147 ExpectedResult = ServerFail
150 # ===========================================================
152 [3-Ed25519 CipherString and Signature Algorithm Selection]
153 ssl_conf = 3-Ed25519 CipherString and Signature Algorithm Selection-ssl
155 [3-Ed25519 CipherString and Signature Algorithm Selection-ssl]
156 server = 3-Ed25519 CipherString and Signature Algorithm Selection-server
157 client = 3-Ed25519 CipherString and Signature Algorithm Selection-client
159 [3-Ed25519 CipherString and Signature Algorithm Selection-server]
160 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
161 CipherString = DEFAULT
162 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
163 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
164 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
165 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
166 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
167 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
168 MaxProtocol = TLSv1.2
169 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
171 [3-Ed25519 CipherString and Signature Algorithm Selection-client]
172 CipherString = aECDSA
173 MaxProtocol = TLSv1.2
174 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
175 SignatureAlgorithms = ed25519:ECDSA+SHA256
176 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
180 ExpectedResult = Success
181 ExpectedServerCANames = empty
182 ExpectedServerCertType = Ed25519
183 ExpectedServerSignType = Ed25519
186 # ===========================================================
188 [4-Ed448 CipherString and Signature Algorithm Selection]
189 ssl_conf = 4-Ed448 CipherString and Signature Algorithm Selection-ssl
191 [4-Ed448 CipherString and Signature Algorithm Selection-ssl]
192 server = 4-Ed448 CipherString and Signature Algorithm Selection-server
193 client = 4-Ed448 CipherString and Signature Algorithm Selection-client
195 [4-Ed448 CipherString and Signature Algorithm Selection-server]
196 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
197 CipherString = DEFAULT
198 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
199 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
200 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
201 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
202 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
203 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
204 MaxProtocol = TLSv1.2
205 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
207 [4-Ed448 CipherString and Signature Algorithm Selection-client]
208 CipherString = aECDSA
209 MaxProtocol = TLSv1.2
210 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
211 SignatureAlgorithms = ed448:ECDSA+SHA256
212 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
216 ExpectedResult = Success
217 ExpectedServerCANames = empty
218 ExpectedServerCertType = Ed448
219 ExpectedServerSignType = Ed448
222 # ===========================================================
224 [5-RSA CipherString Selection]
225 ssl_conf = 5-RSA CipherString Selection-ssl
227 [5-RSA CipherString Selection-ssl]
228 server = 5-RSA CipherString Selection-server
229 client = 5-RSA CipherString Selection-client
231 [5-RSA CipherString Selection-server]
232 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
233 CipherString = DEFAULT
234 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
235 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
236 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
237 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
238 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
239 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
240 MaxProtocol = TLSv1.2
241 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
243 [5-RSA CipherString Selection-client]
245 MaxProtocol = TLSv1.2
246 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
250 ExpectedResult = Success
251 ExpectedServerCertType = RSA
252 ExpectedServerSignType = RSA-PSS
255 # ===========================================================
257 [6-RSA-PSS Certificate CipherString Selection]
258 ssl_conf = 6-RSA-PSS Certificate CipherString Selection-ssl
260 [6-RSA-PSS Certificate CipherString Selection-ssl]
261 server = 6-RSA-PSS Certificate CipherString Selection-server
262 client = 6-RSA-PSS Certificate CipherString Selection-client
264 [6-RSA-PSS Certificate CipherString Selection-server]
265 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
266 CipherString = DEFAULT
267 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
268 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
269 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
270 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
271 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
272 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
273 MaxProtocol = TLSv1.2
274 PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
275 PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
276 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
278 [6-RSA-PSS Certificate CipherString Selection-client]
280 MaxProtocol = TLSv1.2
281 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
285 ExpectedResult = Success
286 ExpectedServerCertType = RSA-PSS
287 ExpectedServerSignType = RSA-PSS
290 # ===========================================================
292 [7-P-256 CipherString and Signature Algorithm Selection]
293 ssl_conf = 7-P-256 CipherString and Signature Algorithm Selection-ssl
295 [7-P-256 CipherString and Signature Algorithm Selection-ssl]
296 server = 7-P-256 CipherString and Signature Algorithm Selection-server
297 client = 7-P-256 CipherString and Signature Algorithm Selection-client
299 [7-P-256 CipherString and Signature Algorithm Selection-server]
300 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
301 CipherString = DEFAULT
302 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
303 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
304 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
305 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
306 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
307 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
308 MaxProtocol = TLSv1.2
309 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
311 [7-P-256 CipherString and Signature Algorithm Selection-client]
312 CipherString = aECDSA
313 MaxProtocol = TLSv1.2
314 SignatureAlgorithms = ECDSA+SHA256:ed25519
315 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
319 ExpectedResult = Success
320 ExpectedServerCertType = P-256
321 ExpectedServerSignHash = SHA256
322 ExpectedServerSignType = EC
325 # ===========================================================
327 [8-Ed25519 CipherString and Curves Selection]
328 ssl_conf = 8-Ed25519 CipherString and Curves Selection-ssl
330 [8-Ed25519 CipherString and Curves Selection-ssl]
331 server = 8-Ed25519 CipherString and Curves Selection-server
332 client = 8-Ed25519 CipherString and Curves Selection-client
334 [8-Ed25519 CipherString and Curves Selection-server]
335 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
336 CipherString = DEFAULT
337 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
338 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
339 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
340 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
341 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
342 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
343 MaxProtocol = TLSv1.2
344 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
346 [8-Ed25519 CipherString and Curves Selection-client]
347 CipherString = aECDSA
349 MaxProtocol = TLSv1.2
350 SignatureAlgorithms = ECDSA+SHA256:ed25519
351 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
355 ExpectedResult = Success
356 ExpectedServerCertType = Ed25519
357 ExpectedServerSignType = Ed25519
360 # ===========================================================
362 [9-Ed448 CipherString and Curves Selection]
363 ssl_conf = 9-Ed448 CipherString and Curves Selection-ssl
365 [9-Ed448 CipherString and Curves Selection-ssl]
366 server = 9-Ed448 CipherString and Curves Selection-server
367 client = 9-Ed448 CipherString and Curves Selection-client
369 [9-Ed448 CipherString and Curves Selection-server]
370 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
371 CipherString = DEFAULT
372 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
373 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
374 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
375 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
376 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
377 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
378 MaxProtocol = TLSv1.2
379 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
381 [9-Ed448 CipherString and Curves Selection-client]
382 CipherString = aECDSA
384 MaxProtocol = TLSv1.2
385 SignatureAlgorithms = ECDSA+SHA256:ed448
386 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
390 ExpectedResult = Success
391 ExpectedServerCertType = Ed448
392 ExpectedServerSignType = Ed448
395 # ===========================================================
397 [10-ECDSA CipherString Selection, no ECDSA certificate]
398 ssl_conf = 10-ECDSA CipherString Selection, no ECDSA certificate-ssl
400 [10-ECDSA CipherString Selection, no ECDSA certificate-ssl]
401 server = 10-ECDSA CipherString Selection, no ECDSA certificate-server
402 client = 10-ECDSA CipherString Selection, no ECDSA certificate-client
404 [10-ECDSA CipherString Selection, no ECDSA certificate-server]
405 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
406 CipherString = DEFAULT
407 MaxProtocol = TLSv1.2
408 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
410 [10-ECDSA CipherString Selection, no ECDSA certificate-client]
411 CipherString = aECDSA
412 MaxProtocol = TLSv1.2
413 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
417 ExpectedResult = ServerFail
420 # ===========================================================
422 [11-ECDSA Signature Algorithm Selection]
423 ssl_conf = 11-ECDSA Signature Algorithm Selection-ssl
425 [11-ECDSA Signature Algorithm Selection-ssl]
426 server = 11-ECDSA Signature Algorithm Selection-server
427 client = 11-ECDSA Signature Algorithm Selection-client
429 [11-ECDSA Signature Algorithm Selection-server]
430 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
431 CipherString = DEFAULT
432 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
433 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
434 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
435 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
436 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
437 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
438 MaxProtocol = TLSv1.2
439 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
441 [11-ECDSA Signature Algorithm Selection-client]
442 CipherString = DEFAULT
443 SignatureAlgorithms = ECDSA+SHA256
444 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
448 ExpectedResult = Success
449 ExpectedServerCertType = P-256
450 ExpectedServerSignHash = SHA256
451 ExpectedServerSignType = EC
454 # ===========================================================
456 [12-ECDSA Signature Algorithm Selection SHA384]
457 ssl_conf = 12-ECDSA Signature Algorithm Selection SHA384-ssl
459 [12-ECDSA Signature Algorithm Selection SHA384-ssl]
460 server = 12-ECDSA Signature Algorithm Selection SHA384-server
461 client = 12-ECDSA Signature Algorithm Selection SHA384-client
463 [12-ECDSA Signature Algorithm Selection SHA384-server]
464 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
465 CipherString = DEFAULT
466 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
467 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
468 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
469 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
470 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
471 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
472 MaxProtocol = TLSv1.2
473 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
475 [12-ECDSA Signature Algorithm Selection SHA384-client]
476 CipherString = DEFAULT
477 SignatureAlgorithms = ECDSA+SHA384
478 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
482 ExpectedResult = Success
483 ExpectedServerCertType = P-256
484 ExpectedServerSignHash = SHA384
485 ExpectedServerSignType = EC
488 # ===========================================================
490 [13-ECDSA Signature Algorithm Selection SHA1]
491 ssl_conf = 13-ECDSA Signature Algorithm Selection SHA1-ssl
493 [13-ECDSA Signature Algorithm Selection SHA1-ssl]
494 server = 13-ECDSA Signature Algorithm Selection SHA1-server
495 client = 13-ECDSA Signature Algorithm Selection SHA1-client
497 [13-ECDSA Signature Algorithm Selection SHA1-server]
498 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
499 CipherString = DEFAULT
500 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
501 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
502 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
503 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
504 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
505 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
506 MaxProtocol = TLSv1.2
507 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
509 [13-ECDSA Signature Algorithm Selection SHA1-client]
510 CipherString = DEFAULT
511 SignatureAlgorithms = ECDSA+SHA1
512 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
516 ExpectedResult = Success
517 ExpectedServerCertType = P-256
518 ExpectedServerSignHash = SHA1
519 ExpectedServerSignType = EC
522 # ===========================================================
524 [14-ECDSA Signature Algorithm Selection compressed point]
525 ssl_conf = 14-ECDSA Signature Algorithm Selection compressed point-ssl
527 [14-ECDSA Signature Algorithm Selection compressed point-ssl]
528 server = 14-ECDSA Signature Algorithm Selection compressed point-server
529 client = 14-ECDSA Signature Algorithm Selection compressed point-client
531 [14-ECDSA Signature Algorithm Selection compressed point-server]
532 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
533 CipherString = DEFAULT
534 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
535 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem
536 MaxProtocol = TLSv1.2
537 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
539 [14-ECDSA Signature Algorithm Selection compressed point-client]
540 CipherString = DEFAULT
541 SignatureAlgorithms = ECDSA+SHA256
542 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
546 ExpectedResult = Success
547 ExpectedServerCertType = P-256
548 ExpectedServerSignHash = SHA256
549 ExpectedServerSignType = EC
552 # ===========================================================
554 [15-ECDSA Signature Algorithm Selection, no ECDSA certificate]
555 ssl_conf = 15-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
557 [15-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
558 server = 15-ECDSA Signature Algorithm Selection, no ECDSA certificate-server
559 client = 15-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
561 [15-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
562 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
563 CipherString = DEFAULT
564 MaxProtocol = TLSv1.2
565 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
567 [15-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
568 CipherString = DEFAULT
569 SignatureAlgorithms = ECDSA+SHA256
570 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
574 ExpectedResult = ServerFail
577 # ===========================================================
579 [16-RSA Signature Algorithm Selection]
580 ssl_conf = 16-RSA Signature Algorithm Selection-ssl
582 [16-RSA Signature Algorithm Selection-ssl]
583 server = 16-RSA Signature Algorithm Selection-server
584 client = 16-RSA Signature Algorithm Selection-client
586 [16-RSA Signature Algorithm Selection-server]
587 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
588 CipherString = DEFAULT
589 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
590 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
591 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
592 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
593 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
594 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
595 MaxProtocol = TLSv1.2
596 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
598 [16-RSA Signature Algorithm Selection-client]
599 CipherString = DEFAULT
600 SignatureAlgorithms = RSA+SHA256
601 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
605 ExpectedResult = Success
606 ExpectedServerCertType = RSA
607 ExpectedServerSignHash = SHA256
608 ExpectedServerSignType = RSA
611 # ===========================================================
613 [17-RSA-PSS Signature Algorithm Selection]
614 ssl_conf = 17-RSA-PSS Signature Algorithm Selection-ssl
616 [17-RSA-PSS Signature Algorithm Selection-ssl]
617 server = 17-RSA-PSS Signature Algorithm Selection-server
618 client = 17-RSA-PSS Signature Algorithm Selection-client
620 [17-RSA-PSS Signature Algorithm Selection-server]
621 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
622 CipherString = DEFAULT
623 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
624 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
625 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
626 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
627 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
628 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
629 MaxProtocol = TLSv1.2
630 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
632 [17-RSA-PSS Signature Algorithm Selection-client]
633 CipherString = DEFAULT
634 SignatureAlgorithms = RSA-PSS+SHA256
635 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
639 ExpectedResult = Success
640 ExpectedServerCertType = RSA
641 ExpectedServerSignHash = SHA256
642 ExpectedServerSignType = RSA-PSS
645 # ===========================================================
647 [18-RSA-PSS Certificate Legacy Signature Algorithm Selection]
648 ssl_conf = 18-RSA-PSS Certificate Legacy Signature Algorithm Selection-ssl
650 [18-RSA-PSS Certificate Legacy Signature Algorithm Selection-ssl]
651 server = 18-RSA-PSS Certificate Legacy Signature Algorithm Selection-server
652 client = 18-RSA-PSS Certificate Legacy Signature Algorithm Selection-client
654 [18-RSA-PSS Certificate Legacy Signature Algorithm Selection-server]
655 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
656 CipherString = DEFAULT
657 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
658 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
659 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
660 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
661 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
662 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
663 MaxProtocol = TLSv1.2
664 PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
665 PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
666 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
668 [18-RSA-PSS Certificate Legacy Signature Algorithm Selection-client]
669 CipherString = DEFAULT
670 SignatureAlgorithms = RSA-PSS+SHA256
671 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
675 ExpectedResult = Success
676 ExpectedServerCertType = RSA
677 ExpectedServerSignHash = SHA256
678 ExpectedServerSignType = RSA-PSS
681 # ===========================================================
683 [19-RSA-PSS Certificate Unified Signature Algorithm Selection]
684 ssl_conf = 19-RSA-PSS Certificate Unified Signature Algorithm Selection-ssl
686 [19-RSA-PSS Certificate Unified Signature Algorithm Selection-ssl]
687 server = 19-RSA-PSS Certificate Unified Signature Algorithm Selection-server
688 client = 19-RSA-PSS Certificate Unified Signature Algorithm Selection-client
690 [19-RSA-PSS Certificate Unified Signature Algorithm Selection-server]
691 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
692 CipherString = DEFAULT
693 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
694 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
695 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
696 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
697 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
698 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
699 MaxProtocol = TLSv1.2
700 PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
701 PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
702 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
704 [19-RSA-PSS Certificate Unified Signature Algorithm Selection-client]
705 CipherString = DEFAULT
706 SignatureAlgorithms = rsa_pss_pss_sha256
707 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
711 ExpectedResult = Success
712 ExpectedServerCertType = RSA-PSS
713 ExpectedServerSignHash = SHA256
714 ExpectedServerSignType = RSA-PSS
717 # ===========================================================
719 [20-Only RSA-PSS Certificate]
720 ssl_conf = 20-Only RSA-PSS Certificate-ssl
722 [20-Only RSA-PSS Certificate-ssl]
723 server = 20-Only RSA-PSS Certificate-server
724 client = 20-Only RSA-PSS Certificate-client
726 [20-Only RSA-PSS Certificate-server]
727 Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
728 CipherString = DEFAULT
729 PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
731 [20-Only RSA-PSS Certificate-client]
732 CipherString = DEFAULT
733 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
737 ExpectedResult = Success
738 ExpectedServerCertType = RSA-PSS
739 ExpectedServerSignHash = SHA256
740 ExpectedServerSignType = RSA-PSS
743 # ===========================================================
745 [21-RSA-PSS Certificate, no PSS signature algorithms]
746 ssl_conf = 21-RSA-PSS Certificate, no PSS signature algorithms-ssl
748 [21-RSA-PSS Certificate, no PSS signature algorithms-ssl]
749 server = 21-RSA-PSS Certificate, no PSS signature algorithms-server
750 client = 21-RSA-PSS Certificate, no PSS signature algorithms-client
752 [21-RSA-PSS Certificate, no PSS signature algorithms-server]
753 Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
754 CipherString = DEFAULT
755 PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
757 [21-RSA-PSS Certificate, no PSS signature algorithms-client]
758 CipherString = DEFAULT
759 SignatureAlgorithms = RSA+SHA256
760 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
764 ExpectedResult = ServerFail
767 # ===========================================================
769 [22-Suite B P-256 Hash Algorithm Selection]
770 ssl_conf = 22-Suite B P-256 Hash Algorithm Selection-ssl
772 [22-Suite B P-256 Hash Algorithm Selection-ssl]
773 server = 22-Suite B P-256 Hash Algorithm Selection-server
774 client = 22-Suite B P-256 Hash Algorithm Selection-client
776 [22-Suite B P-256 Hash Algorithm Selection-server]
777 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
778 CipherString = SUITEB128
779 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem
780 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p256-server-key.pem
781 MaxProtocol = TLSv1.2
782 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
784 [22-Suite B P-256 Hash Algorithm Selection-client]
785 CipherString = DEFAULT
786 SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256
787 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
791 ExpectedResult = Success
792 ExpectedServerCertType = P-256
793 ExpectedServerSignHash = SHA256
794 ExpectedServerSignType = EC
797 # ===========================================================
799 [23-Suite B P-384 Hash Algorithm Selection]
800 ssl_conf = 23-Suite B P-384 Hash Algorithm Selection-ssl
802 [23-Suite B P-384 Hash Algorithm Selection-ssl]
803 server = 23-Suite B P-384 Hash Algorithm Selection-server
804 client = 23-Suite B P-384 Hash Algorithm Selection-client
806 [23-Suite B P-384 Hash Algorithm Selection-server]
807 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
808 CipherString = SUITEB128
809 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
810 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem
811 MaxProtocol = TLSv1.2
812 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
814 [23-Suite B P-384 Hash Algorithm Selection-client]
815 CipherString = DEFAULT
816 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384
817 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
821 ExpectedResult = Success
822 ExpectedServerCertType = P-384
823 ExpectedServerSignHash = SHA384
824 ExpectedServerSignType = EC
827 # ===========================================================
829 [24-TLS 1.2 Ed25519 Client Auth]
830 ssl_conf = 24-TLS 1.2 Ed25519 Client Auth-ssl
832 [24-TLS 1.2 Ed25519 Client Auth-ssl]
833 server = 24-TLS 1.2 Ed25519 Client Auth-server
834 client = 24-TLS 1.2 Ed25519 Client Auth-client
836 [24-TLS 1.2 Ed25519 Client Auth-server]
837 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
838 CipherString = DEFAULT
839 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
840 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
843 [24-TLS 1.2 Ed25519 Client Auth-client]
844 CipherString = DEFAULT
845 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem
846 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem
847 MaxProtocol = TLSv1.2
848 MinProtocol = TLSv1.2
849 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
853 ExpectedClientCertType = Ed25519
854 ExpectedClientSignType = Ed25519
855 ExpectedResult = Success
858 # ===========================================================
860 [25-TLS 1.2 Ed448 Client Auth]
861 ssl_conf = 25-TLS 1.2 Ed448 Client Auth-ssl
863 [25-TLS 1.2 Ed448 Client Auth-ssl]
864 server = 25-TLS 1.2 Ed448 Client Auth-server
865 client = 25-TLS 1.2 Ed448 Client Auth-client
867 [25-TLS 1.2 Ed448 Client Auth-server]
868 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
869 CipherString = DEFAULT
870 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
871 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
874 [25-TLS 1.2 Ed448 Client Auth-client]
875 CipherString = DEFAULT
876 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem
877 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem
878 MaxProtocol = TLSv1.2
879 MinProtocol = TLSv1.2
880 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
884 ExpectedClientCertType = Ed448
885 ExpectedClientSignType = Ed448
886 ExpectedResult = Success
889 # ===========================================================
891 [26-Only RSA-PSS Certificate, TLS v1.1]
892 ssl_conf = 26-Only RSA-PSS Certificate, TLS v1.1-ssl
894 [26-Only RSA-PSS Certificate, TLS v1.1-ssl]
895 server = 26-Only RSA-PSS Certificate, TLS v1.1-server
896 client = 26-Only RSA-PSS Certificate, TLS v1.1-client
898 [26-Only RSA-PSS Certificate, TLS v1.1-server]
899 Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
900 CipherString = DEFAULT
901 PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
903 [26-Only RSA-PSS Certificate, TLS v1.1-client]
904 CipherString = DEFAULT
905 MaxProtocol = TLSv1.1
906 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
910 ExpectedResult = ServerFail
913 # ===========================================================
915 [27-TLS 1.3 ECDSA Signature Algorithm Selection]
916 ssl_conf = 27-TLS 1.3 ECDSA Signature Algorithm Selection-ssl
918 [27-TLS 1.3 ECDSA Signature Algorithm Selection-ssl]
919 server = 27-TLS 1.3 ECDSA Signature Algorithm Selection-server
920 client = 27-TLS 1.3 ECDSA Signature Algorithm Selection-client
922 [27-TLS 1.3 ECDSA Signature Algorithm Selection-server]
923 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
924 CipherString = DEFAULT
925 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
926 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
927 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
928 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
929 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
930 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
931 MaxProtocol = TLSv1.3
932 MinProtocol = TLSv1.3
933 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
935 [27-TLS 1.3 ECDSA Signature Algorithm Selection-client]
936 CipherString = DEFAULT
937 SignatureAlgorithms = ECDSA+SHA256
938 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
942 ExpectedResult = Success
943 ExpectedServerCANames = empty
944 ExpectedServerCertType = P-256
945 ExpectedServerSignHash = SHA256
946 ExpectedServerSignType = EC
949 # ===========================================================
951 [28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point]
952 ssl_conf = 28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl
954 [28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl]
955 server = 28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server
956 client = 28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client
958 [28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server]
959 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
960 CipherString = DEFAULT
961 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
962 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem
963 MaxProtocol = TLSv1.3
964 MinProtocol = TLSv1.3
965 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
967 [28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client]
968 CipherString = DEFAULT
969 SignatureAlgorithms = ECDSA+SHA256
970 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
974 ExpectedResult = Success
975 ExpectedServerCANames = empty
976 ExpectedServerCertType = P-256
977 ExpectedServerSignHash = SHA256
978 ExpectedServerSignType = EC
981 # ===========================================================
983 [29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1]
984 ssl_conf = 29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl
986 [29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl]
987 server = 29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server
988 client = 29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client
990 [29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server]
991 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
992 CipherString = DEFAULT
993 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
994 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
995 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
996 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
997 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
998 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
999 MaxProtocol = TLSv1.3
1000 MinProtocol = TLSv1.3
1001 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1003 [29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client]
1004 CipherString = DEFAULT
1005 SignatureAlgorithms = ECDSA+SHA1
1006 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1010 ExpectedResult = ServerFail
1013 # ===========================================================
1015 [30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS]
1016 ssl_conf = 30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl
1018 [30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl]
1019 server = 30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server
1020 client = 30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client
1022 [30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server]
1023 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1024 CipherString = DEFAULT
1025 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
1026 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
1027 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
1028 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
1029 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
1030 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
1031 MaxProtocol = TLSv1.3
1032 MinProtocol = TLSv1.3
1033 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1035 [30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client]
1036 CipherString = DEFAULT
1037 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1038 SignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256
1039 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1043 ExpectedResult = Success
1044 ExpectedServerCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1045 ExpectedServerCertType = P-256
1046 ExpectedServerSignHash = SHA256
1047 ExpectedServerSignType = EC
1050 # ===========================================================
1052 [31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS]
1053 ssl_conf = 31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl
1055 [31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl]
1056 server = 31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server
1057 client = 31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client
1059 [31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server]
1060 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1061 CipherString = DEFAULT
1062 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
1063 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
1064 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
1065 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
1066 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
1067 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
1068 MaxProtocol = TLSv1.3
1069 MinProtocol = TLSv1.3
1070 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1072 [31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client]
1073 CipherString = DEFAULT
1074 SignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384
1075 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1079 ExpectedResult = Success
1080 ExpectedServerCertType = RSA
1081 ExpectedServerSignHash = SHA384
1082 ExpectedServerSignType = RSA-PSS
1085 # ===========================================================
1087 [32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate]
1088 ssl_conf = 32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
1090 [32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
1091 server = 32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server
1092 client = 32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client
1094 [32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
1095 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1096 CipherString = DEFAULT
1097 MaxProtocol = TLSv1.3
1098 MinProtocol = TLSv1.3
1099 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1101 [32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
1102 CipherString = DEFAULT
1103 SignatureAlgorithms = ECDSA+SHA256
1104 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1108 ExpectedResult = ServerFail
1111 # ===========================================================
1113 [33-TLS 1.3 RSA Signature Algorithm Selection, no PSS]
1114 ssl_conf = 33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl
1116 [33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl]
1117 server = 33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server
1118 client = 33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client
1120 [33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server]
1121 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1122 CipherString = DEFAULT
1123 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
1124 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
1125 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
1126 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
1127 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
1128 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
1129 MaxProtocol = TLSv1.3
1130 MinProtocol = TLSv1.3
1131 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1133 [33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client]
1134 CipherString = DEFAULT
1135 SignatureAlgorithms = RSA+SHA256
1136 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1140 ExpectedResult = ServerFail
1143 # ===========================================================
1145 [34-TLS 1.3 RSA-PSS Signature Algorithm Selection]
1146 ssl_conf = 34-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl
1148 [34-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl]
1149 server = 34-TLS 1.3 RSA-PSS Signature Algorithm Selection-server
1150 client = 34-TLS 1.3 RSA-PSS Signature Algorithm Selection-client
1152 [34-TLS 1.3 RSA-PSS Signature Algorithm Selection-server]
1153 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1154 CipherString = DEFAULT
1155 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
1156 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
1157 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
1158 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
1159 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
1160 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
1161 MaxProtocol = TLSv1.3
1162 MinProtocol = TLSv1.3
1163 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1165 [34-TLS 1.3 RSA-PSS Signature Algorithm Selection-client]
1166 CipherString = DEFAULT
1167 SignatureAlgorithms = RSA-PSS+SHA256
1168 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1172 ExpectedResult = Success
1173 ExpectedServerCertType = RSA
1174 ExpectedServerSignHash = SHA256
1175 ExpectedServerSignType = RSA-PSS
1178 # ===========================================================
1180 [35-TLS 1.3 Ed25519 Signature Algorithm Selection]
1181 ssl_conf = 35-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl
1183 [35-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl]
1184 server = 35-TLS 1.3 Ed25519 Signature Algorithm Selection-server
1185 client = 35-TLS 1.3 Ed25519 Signature Algorithm Selection-client
1187 [35-TLS 1.3 Ed25519 Signature Algorithm Selection-server]
1188 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1189 CipherString = DEFAULT
1190 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
1191 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
1192 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
1193 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
1194 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
1195 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
1196 MaxProtocol = TLSv1.3
1197 MinProtocol = TLSv1.3
1198 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1200 [35-TLS 1.3 Ed25519 Signature Algorithm Selection-client]
1201 CipherString = DEFAULT
1202 SignatureAlgorithms = ed25519
1203 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1207 ExpectedResult = Success
1208 ExpectedServerCertType = Ed25519
1209 ExpectedServerSignType = Ed25519
1212 # ===========================================================
1214 [36-TLS 1.3 Ed448 Signature Algorithm Selection]
1215 ssl_conf = 36-TLS 1.3 Ed448 Signature Algorithm Selection-ssl
1217 [36-TLS 1.3 Ed448 Signature Algorithm Selection-ssl]
1218 server = 36-TLS 1.3 Ed448 Signature Algorithm Selection-server
1219 client = 36-TLS 1.3 Ed448 Signature Algorithm Selection-client
1221 [36-TLS 1.3 Ed448 Signature Algorithm Selection-server]
1222 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1223 CipherString = DEFAULT
1224 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
1225 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
1226 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
1227 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
1228 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
1229 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
1230 MaxProtocol = TLSv1.3
1231 MinProtocol = TLSv1.3
1232 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1234 [36-TLS 1.3 Ed448 Signature Algorithm Selection-client]
1235 CipherString = DEFAULT
1236 SignatureAlgorithms = ed448
1237 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1241 ExpectedResult = Success
1242 ExpectedServerCertType = Ed448
1243 ExpectedServerSignType = Ed448
1246 # ===========================================================
1248 [37-TLS 1.3 Ed25519 CipherString and Groups Selection]
1249 ssl_conf = 37-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl
1251 [37-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl]
1252 server = 37-TLS 1.3 Ed25519 CipherString and Groups Selection-server
1253 client = 37-TLS 1.3 Ed25519 CipherString and Groups Selection-client
1255 [37-TLS 1.3 Ed25519 CipherString and Groups Selection-server]
1256 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1257 CipherString = DEFAULT
1258 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
1259 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
1260 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
1261 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
1262 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
1263 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
1264 MaxProtocol = TLSv1.3
1265 MinProtocol = TLSv1.3
1266 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1268 [37-TLS 1.3 Ed25519 CipherString and Groups Selection-client]
1269 CipherString = DEFAULT
1271 SignatureAlgorithms = ECDSA+SHA256:ed25519
1272 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1276 ExpectedResult = Success
1277 ExpectedServerCertType = P-256
1278 ExpectedServerSignType = EC
1281 # ===========================================================
1283 [38-TLS 1.3 Ed448 CipherString and Groups Selection]
1284 ssl_conf = 38-TLS 1.3 Ed448 CipherString and Groups Selection-ssl
1286 [38-TLS 1.3 Ed448 CipherString and Groups Selection-ssl]
1287 server = 38-TLS 1.3 Ed448 CipherString and Groups Selection-server
1288 client = 38-TLS 1.3 Ed448 CipherString and Groups Selection-client
1290 [38-TLS 1.3 Ed448 CipherString and Groups Selection-server]
1291 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1292 CipherString = DEFAULT
1293 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
1294 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
1295 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
1296 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
1297 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
1298 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
1299 MaxProtocol = TLSv1.3
1300 MinProtocol = TLSv1.3
1301 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1303 [38-TLS 1.3 Ed448 CipherString and Groups Selection-client]
1304 CipherString = DEFAULT
1306 SignatureAlgorithms = ECDSA+SHA256:ed448
1307 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1311 ExpectedResult = Success
1312 ExpectedServerCertType = P-256
1313 ExpectedServerSignType = EC
1316 # ===========================================================
1318 [39-TLS 1.3 RSA Client Auth Signature Algorithm Selection]
1319 ssl_conf = 39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl
1321 [39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl]
1322 server = 39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server
1323 client = 39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client
1325 [39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server]
1326 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1327 CipherString = DEFAULT
1328 ClientSignatureAlgorithms = PSS+SHA256
1329 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1330 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1331 VerifyMode = Require
1333 [39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client]
1334 CipherString = DEFAULT
1335 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
1336 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
1337 MaxProtocol = TLSv1.3
1338 MinProtocol = TLSv1.3
1339 RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
1340 RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
1341 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1345 ExpectedClientCANames = empty
1346 ExpectedClientCertType = RSA
1347 ExpectedClientSignHash = SHA256
1348 ExpectedClientSignType = RSA-PSS
1349 ExpectedResult = Success
1352 # ===========================================================
1354 [40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names]
1355 ssl_conf = 40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl
1357 [40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl]
1358 server = 40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server
1359 client = 40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client
1361 [40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server]
1362 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1363 CipherString = DEFAULT
1364 ClientSignatureAlgorithms = PSS+SHA256
1365 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1366 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1367 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1368 VerifyMode = Require
1370 [40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client]
1371 CipherString = DEFAULT
1372 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
1373 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
1374 MaxProtocol = TLSv1.3
1375 MinProtocol = TLSv1.3
1376 RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
1377 RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
1378 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1382 ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1383 ExpectedClientCertType = RSA
1384 ExpectedClientSignHash = SHA256
1385 ExpectedClientSignType = RSA-PSS
1386 ExpectedResult = Success
1389 # ===========================================================
1391 [41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection]
1392 ssl_conf = 41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl
1394 [41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl]
1395 server = 41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server
1396 client = 41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client
1398 [41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server]
1399 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1400 CipherString = DEFAULT
1401 ClientSignatureAlgorithms = ECDSA+SHA256
1402 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1403 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1404 VerifyMode = Require
1406 [41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client]
1407 CipherString = DEFAULT
1408 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
1409 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
1410 MaxProtocol = TLSv1.3
1411 MinProtocol = TLSv1.3
1412 RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
1413 RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
1414 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1418 ExpectedClientCertType = P-256
1419 ExpectedClientSignHash = SHA256
1420 ExpectedClientSignType = EC
1421 ExpectedResult = Success
1424 # ===========================================================
1426 [42-TLS 1.3 Ed25519 Client Auth]
1427 ssl_conf = 42-TLS 1.3 Ed25519 Client Auth-ssl
1429 [42-TLS 1.3 Ed25519 Client Auth-ssl]
1430 server = 42-TLS 1.3 Ed25519 Client Auth-server
1431 client = 42-TLS 1.3 Ed25519 Client Auth-client
1433 [42-TLS 1.3 Ed25519 Client Auth-server]
1434 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1435 CipherString = DEFAULT
1436 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1437 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1438 VerifyMode = Require
1440 [42-TLS 1.3 Ed25519 Client Auth-client]
1441 CipherString = DEFAULT
1442 EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem
1443 EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem
1444 MaxProtocol = TLSv1.3
1445 MinProtocol = TLSv1.3
1446 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1450 ExpectedClientCertType = Ed25519
1451 ExpectedClientSignType = Ed25519
1452 ExpectedResult = Success
1455 # ===========================================================
1457 [43-TLS 1.3 Ed448 Client Auth]
1458 ssl_conf = 43-TLS 1.3 Ed448 Client Auth-ssl
1460 [43-TLS 1.3 Ed448 Client Auth-ssl]
1461 server = 43-TLS 1.3 Ed448 Client Auth-server
1462 client = 43-TLS 1.3 Ed448 Client Auth-client
1464 [43-TLS 1.3 Ed448 Client Auth-server]
1465 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1466 CipherString = DEFAULT
1467 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1468 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1469 VerifyMode = Require
1471 [43-TLS 1.3 Ed448 Client Auth-client]
1472 CipherString = DEFAULT
1473 EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem
1474 EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem
1475 MaxProtocol = TLSv1.3
1476 MinProtocol = TLSv1.3
1477 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1481 ExpectedClientCertType = Ed448
1482 ExpectedClientSignType = Ed448
1483 ExpectedResult = Success
1486 # ===========================================================
1488 [44-TLS 1.2 DSA Certificate Test]
1489 ssl_conf = 44-TLS 1.2 DSA Certificate Test-ssl
1491 [44-TLS 1.2 DSA Certificate Test-ssl]
1492 server = 44-TLS 1.2 DSA Certificate Test-server
1493 client = 44-TLS 1.2 DSA Certificate Test-client
1495 [44-TLS 1.2 DSA Certificate Test-server]
1496 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1498 DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem
1499 DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
1500 DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem
1501 MaxProtocol = TLSv1.2
1502 MinProtocol = TLSv1.2
1503 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1505 [44-TLS 1.2 DSA Certificate Test-client]
1507 SignatureAlgorithms = DSA+SHA256:DSA+SHA1
1508 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1512 ExpectedResult = Success
1515 # ===========================================================
1517 [45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms]
1518 ssl_conf = 45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl
1520 [45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl]
1521 server = 45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server
1522 client = 45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client
1524 [45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
1525 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1526 CipherString = DEFAULT
1527 ClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256
1528 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1529 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
1530 VerifyMode = Request
1532 [45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client]
1533 CipherString = DEFAULT
1534 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1538 ExpectedResult = ServerFail
1541 # ===========================================================
1543 [46-TLS 1.3 DSA Certificate Test]
1544 ssl_conf = 46-TLS 1.3 DSA Certificate Test-ssl
1546 [46-TLS 1.3 DSA Certificate Test-ssl]
1547 server = 46-TLS 1.3 DSA Certificate Test-server
1548 client = 46-TLS 1.3 DSA Certificate Test-client
1550 [46-TLS 1.3 DSA Certificate Test-server]
1551 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
1553 DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
1554 DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem
1555 MaxProtocol = TLSv1.3
1556 MinProtocol = TLSv1.3
1557 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
1559 [46-TLS 1.3 DSA Certificate Test-client]
1561 SignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256
1562 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
1566 ExpectedResult = ServerFail