test/ssl-tests/25-cipher.cnf.in

   1 # -*- mode: perl; -*-
   2 # Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
   3 #
   4 # Licensed under the Apache License 2.0 (the "License").  You may not use
   5 # this file except in compliance with the License.  You can obtain a copy
   6 # in the file LICENSE in the source distribution or at
   7 # https://www.openssl.org/source/license.html
   8
   9
  10 ## Test version negotiation
  11
  12 use strict;
  13 use warnings;
  14
  15 package ssltests;
  16 use OpenSSL::Test::Utils;
  17
  18 our $fips_mode;
  19
  20 our @tests = (
  21     {
  22         name => "cipher-server-1",
  23         server => {
  24             "MaxProtocol" => "TLSv1.2",
  25             "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
  26     },
  27         client => {
  28             "MaxProtocol" => "TLSv1.2",
  29             "CipherString" => "ECDHE-RSA-AES256-SHA384"
  30         },
  31         test => {
  32             "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
  33         },
  34     },
  35     {
  36         name => "cipher-server-2",
  37         server => {
  38             "MaxProtocol" => "TLSv1.2",
  39             "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
  40         },
  41         client => {
  42             "MaxProtocol" => "TLSv1.2",
  43             "CipherString" => "ECDHE-RSA-AES128-SHA256"
  44         },
  45         test => {
  46             "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
  47         },
  48     },
  49     {
  50         name => "cipher-server-client-list",
  51         server => {
  52             "MaxProtocol" => "TLSv1.2",
  53             "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
  54         },
  55         client => {
  56             "MaxProtocol" => "TLSv1.2",
  57             "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
  58         },
  59         test => {
  60             "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
  61         },
  62     },
  63     {
  64         name => "cipher-server-pref-1",
  65         server => {
  66             "MaxProtocol" => "TLSv1.2",
  67             "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
  68             "Options" => "ServerPreference",
  69         },
  70         client => {
  71             "MaxProtocol" => "TLSv1.2",
  72             "CipherString" => "ECDHE-RSA-AES256-SHA384"
  73         },
  74         test => {
  75             "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
  76         },
  77     },
  78     {
  79         name => "cipher-server-pref-2",
  80         server => {
  81             "MaxProtocol" => "TLSv1.2",
  82             "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
  83             "Options" => "ServerPreference",
  84         },
  85         client => {
  86             "MaxProtocol" => "TLSv1.2",
  87             "CipherString" => "ECDHE-RSA-AES128-SHA256"
  88         },
  89         test => {
  90             "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256",
  91         },
  92     },
  93     {
  94         name => "cipher-server-pref-client-list",
  95         server => {
  96             "MaxProtocol" => "TLSv1.2",
  97             "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
  98             "Options" => "ServerPreference",
  99         },
 100         client => {
 101             "MaxProtocol" => "TLSv1.2",
 102             "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
 103         },
 104         test => {
 105             "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
 106         },
 107     },
 108     {
 109         name => "cipher-server-pref-not-mobile",
 110         server => {
 111             "MaxProtocol" => "TLSv1.2",
 112             "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
 113             "Options" => "ServerPreference",
 114         },
 115         client => {
 116             "MaxProtocol" => "TLSv1.2",
 117             "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
 118         },
 119         test => {
 120             "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
 121         },
 122     },
 123     {
 124         name => "cipher-server-pref-mobile",
 125         server => {
 126             "MaxProtocol" => "TLSv1.2",
 127             "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
 128             "Options" => "ServerPreference,PrioritizeChaCha",
 129         },
 130         client => {
 131             "MaxProtocol" => "TLSv1.2",
 132             "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305",
 133         },
 134         test => {
 135             "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
 136         },
 137     },
 138 );
 139
 140 my @tests_poly1305 = (
 141     {
 142         name => "cipher-server-pref-mobile2",
 143         server => {
 144             "MaxProtocol" => "TLSv1.2",
 145             "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305",
 146             "Options" => "ServerPreference,PrioritizeChaCha",
 147         },
 148         client => {
 149             "MaxProtocol" => "TLSv1.2",
 150             "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384",
 151         },
 152         test => {
 153             "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305",
 154         },
 155     },
 156 );
 157
 158 push @tests, @tests_poly1305
 159     unless disabled("poly1305") || disabled("chacha") || $fips_mode;