0 | 0 |
# Generated with generate_ssl_tests.pl
|
1 | 1 |
|
2 | |
num_tests = 47
|
|
2 |
num_tests = 49
|
3 | 3 |
|
4 | 4 |
test-0 = 0-ECDSA CipherString Selection
|
5 | 5 |
test-1 = 1-ECDSA CipherString Selection
|
|
23 | 23 |
test-19 = 19-RSA-PSS Certificate Unified Signature Algorithm Selection
|
24 | 24 |
test-20 = 20-Only RSA-PSS Certificate
|
25 | 25 |
test-21 = 21-RSA-PSS Certificate, no PSS signature algorithms
|
26 | |
test-22 = 22-Suite B P-256 Hash Algorithm Selection
|
27 | |
test-23 = 23-Suite B P-384 Hash Algorithm Selection
|
28 | |
test-24 = 24-TLS 1.2 Ed25519 Client Auth
|
29 | |
test-25 = 25-TLS 1.2 Ed448 Client Auth
|
30 | |
test-26 = 26-Only RSA-PSS Certificate, TLS v1.1
|
31 | |
test-27 = 27-TLS 1.3 ECDSA Signature Algorithm Selection
|
32 | |
test-28 = 28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point
|
33 | |
test-29 = 29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1
|
34 | |
test-30 = 30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS
|
35 | |
test-31 = 31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS
|
36 | |
test-32 = 32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate
|
37 | |
test-33 = 33-TLS 1.3 RSA Signature Algorithm Selection, no PSS
|
38 | |
test-34 = 34-TLS 1.3 RSA-PSS Signature Algorithm Selection
|
39 | |
test-35 = 35-TLS 1.3 Ed25519 Signature Algorithm Selection
|
40 | |
test-36 = 36-TLS 1.3 Ed448 Signature Algorithm Selection
|
41 | |
test-37 = 37-TLS 1.3 Ed25519 CipherString and Groups Selection
|
42 | |
test-38 = 38-TLS 1.3 Ed448 CipherString and Groups Selection
|
43 | |
test-39 = 39-TLS 1.3 RSA Client Auth Signature Algorithm Selection
|
44 | |
test-40 = 40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names
|
45 | |
test-41 = 41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection
|
46 | |
test-42 = 42-TLS 1.3 Ed25519 Client Auth
|
47 | |
test-43 = 43-TLS 1.3 Ed448 Client Auth
|
48 | |
test-44 = 44-TLS 1.2 DSA Certificate Test
|
49 | |
test-45 = 45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
|
50 | |
test-46 = 46-TLS 1.3 DSA Certificate Test
|
|
26 |
test-22 = 22-RSA key exchange with all RSA certificate types
|
|
27 |
test-23 = 23-RSA key exchange with only RSA-PSS certificate
|
|
28 |
test-24 = 24-Suite B P-256 Hash Algorithm Selection
|
|
29 |
test-25 = 25-Suite B P-384 Hash Algorithm Selection
|
|
30 |
test-26 = 26-TLS 1.2 Ed25519 Client Auth
|
|
31 |
test-27 = 27-TLS 1.2 Ed448 Client Auth
|
|
32 |
test-28 = 28-Only RSA-PSS Certificate, TLS v1.1
|
|
33 |
test-29 = 29-TLS 1.3 ECDSA Signature Algorithm Selection
|
|
34 |
test-30 = 30-TLS 1.3 ECDSA Signature Algorithm Selection compressed point
|
|
35 |
test-31 = 31-TLS 1.3 ECDSA Signature Algorithm Selection SHA1
|
|
36 |
test-32 = 32-TLS 1.3 ECDSA Signature Algorithm Selection with PSS
|
|
37 |
test-33 = 33-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS
|
|
38 |
test-34 = 34-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate
|
|
39 |
test-35 = 35-TLS 1.3 RSA Signature Algorithm Selection, no PSS
|
|
40 |
test-36 = 36-TLS 1.3 RSA-PSS Signature Algorithm Selection
|
|
41 |
test-37 = 37-TLS 1.3 Ed25519 Signature Algorithm Selection
|
|
42 |
test-38 = 38-TLS 1.3 Ed448 Signature Algorithm Selection
|
|
43 |
test-39 = 39-TLS 1.3 Ed25519 CipherString and Groups Selection
|
|
44 |
test-40 = 40-TLS 1.3 Ed448 CipherString and Groups Selection
|
|
45 |
test-41 = 41-TLS 1.3 RSA Client Auth Signature Algorithm Selection
|
|
46 |
test-42 = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names
|
|
47 |
test-43 = 43-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection
|
|
48 |
test-44 = 44-TLS 1.3 Ed25519 Client Auth
|
|
49 |
test-45 = 45-TLS 1.3 Ed448 Client Auth
|
|
50 |
test-46 = 46-TLS 1.2 DSA Certificate Test
|
|
51 |
test-47 = 47-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
|
|
52 |
test-48 = 48-TLS 1.3 DSA Certificate Test
|
51 | 53 |
# ===========================================================
|
52 | 54 |
|
53 | 55 |
[0-ECDSA CipherString Selection]
|
|
765 | 767 |
|
766 | 768 |
# ===========================================================
|
767 | 769 |
|
768 | |
[22-Suite B P-256 Hash Algorithm Selection]
|
769 | |
ssl_conf = 22-Suite B P-256 Hash Algorithm Selection-ssl
|
770 | |
|
771 | |
[22-Suite B P-256 Hash Algorithm Selection-ssl]
|
772 | |
server = 22-Suite B P-256 Hash Algorithm Selection-server
|
773 | |
client = 22-Suite B P-256 Hash Algorithm Selection-client
|
774 | |
|
775 | |
[22-Suite B P-256 Hash Algorithm Selection-server]
|
|
770 |
[22-RSA key exchange with all RSA certificate types]
|
|
771 |
ssl_conf = 22-RSA key exchange with all RSA certificate types-ssl
|
|
772 |
|
|
773 |
[22-RSA key exchange with all RSA certificate types-ssl]
|
|
774 |
server = 22-RSA key exchange with all RSA certificate types-server
|
|
775 |
client = 22-RSA key exchange with all RSA certificate types-client
|
|
776 |
|
|
777 |
[22-RSA key exchange with all RSA certificate types-server]
|
|
778 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
779 |
CipherString = DEFAULT
|
|
780 |
PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
|
|
781 |
PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
|
|
782 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
783 |
|
|
784 |
[22-RSA key exchange with all RSA certificate types-client]
|
|
785 |
CipherString = kRSA
|
|
786 |
MaxProtocol = TLSv1.2
|
|
787 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
788 |
VerifyMode = Peer
|
|
789 |
|
|
790 |
[test-22]
|
|
791 |
ExpectedResult = Success
|
|
792 |
ExpectedServerCertType = RSA
|
|
793 |
|
|
794 |
|
|
795 |
# ===========================================================
|
|
796 |
|
|
797 |
[23-RSA key exchange with only RSA-PSS certificate]
|
|
798 |
ssl_conf = 23-RSA key exchange with only RSA-PSS certificate-ssl
|
|
799 |
|
|
800 |
[23-RSA key exchange with only RSA-PSS certificate-ssl]
|
|
801 |
server = 23-RSA key exchange with only RSA-PSS certificate-server
|
|
802 |
client = 23-RSA key exchange with only RSA-PSS certificate-client
|
|
803 |
|
|
804 |
[23-RSA key exchange with only RSA-PSS certificate-server]
|
|
805 |
Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
|
|
806 |
CipherString = DEFAULT
|
|
807 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
|
|
808 |
|
|
809 |
[23-RSA key exchange with only RSA-PSS certificate-client]
|
|
810 |
CipherString = kRSA
|
|
811 |
MaxProtocol = TLSv1.2
|
|
812 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
813 |
VerifyMode = Peer
|
|
814 |
|
|
815 |
[test-23]
|
|
816 |
ExpectedResult = ServerFail
|
|
817 |
|
|
818 |
|
|
819 |
# ===========================================================
|
|
820 |
|
|
821 |
[24-Suite B P-256 Hash Algorithm Selection]
|
|
822 |
ssl_conf = 24-Suite B P-256 Hash Algorithm Selection-ssl
|
|
823 |
|
|
824 |
[24-Suite B P-256 Hash Algorithm Selection-ssl]
|
|
825 |
server = 24-Suite B P-256 Hash Algorithm Selection-server
|
|
826 |
client = 24-Suite B P-256 Hash Algorithm Selection-client
|
|
827 |
|
|
828 |
[24-Suite B P-256 Hash Algorithm Selection-server]
|
776 | 829 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
777 | 830 |
CipherString = SUITEB128
|
778 | 831 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem
|
|
780 | 833 |
MaxProtocol = TLSv1.2
|
781 | 834 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
782 | 835 |
|
783 | |
[22-Suite B P-256 Hash Algorithm Selection-client]
|
|
836 |
[24-Suite B P-256 Hash Algorithm Selection-client]
|
784 | 837 |
CipherString = DEFAULT
|
785 | 838 |
SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256
|
786 | 839 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
|
787 | 840 |
VerifyMode = Peer
|
788 | 841 |
|
789 | |
[test-22]
|
|
842 |
[test-24]
|
790 | 843 |
ExpectedResult = Success
|
791 | 844 |
ExpectedServerCertType = P-256
|
792 | 845 |
ExpectedServerSignHash = SHA256
|
|
795 | 848 |
|
796 | 849 |
# ===========================================================
|
797 | 850 |
|
798 | |
[23-Suite B P-384 Hash Algorithm Selection]
|
799 | |
ssl_conf = 23-Suite B P-384 Hash Algorithm Selection-ssl
|
800 | |
|
801 | |
[23-Suite B P-384 Hash Algorithm Selection-ssl]
|
802 | |
server = 23-Suite B P-384 Hash Algorithm Selection-server
|
803 | |
client = 23-Suite B P-384 Hash Algorithm Selection-client
|
804 | |
|
805 | |
[23-Suite B P-384 Hash Algorithm Selection-server]
|
|
851 |
[25-Suite B P-384 Hash Algorithm Selection]
|
|
852 |
ssl_conf = 25-Suite B P-384 Hash Algorithm Selection-ssl
|
|
853 |
|
|
854 |
[25-Suite B P-384 Hash Algorithm Selection-ssl]
|
|
855 |
server = 25-Suite B P-384 Hash Algorithm Selection-server
|
|
856 |
client = 25-Suite B P-384 Hash Algorithm Selection-client
|
|
857 |
|
|
858 |
[25-Suite B P-384 Hash Algorithm Selection-server]
|
806 | 859 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
807 | 860 |
CipherString = SUITEB128
|
808 | 861 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
|
|
810 | 863 |
MaxProtocol = TLSv1.2
|
811 | 864 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
812 | 865 |
|
813 | |
[23-Suite B P-384 Hash Algorithm Selection-client]
|
|
866 |
[25-Suite B P-384 Hash Algorithm Selection-client]
|
814 | 867 |
CipherString = DEFAULT
|
815 | 868 |
SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384
|
816 | 869 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
|
817 | 870 |
VerifyMode = Peer
|
818 | 871 |
|
819 | |
[test-23]
|
|
872 |
[test-25]
|
820 | 873 |
ExpectedResult = Success
|
821 | 874 |
ExpectedServerCertType = P-384
|
822 | 875 |
ExpectedServerSignHash = SHA384
|
|
825 | 878 |
|
826 | 879 |
# ===========================================================
|
827 | 880 |
|
828 | |
[24-TLS 1.2 Ed25519 Client Auth]
|
829 | |
ssl_conf = 24-TLS 1.2 Ed25519 Client Auth-ssl
|
830 | |
|
831 | |
[24-TLS 1.2 Ed25519 Client Auth-ssl]
|
832 | |
server = 24-TLS 1.2 Ed25519 Client Auth-server
|
833 | |
client = 24-TLS 1.2 Ed25519 Client Auth-client
|
834 | |
|
835 | |
[24-TLS 1.2 Ed25519 Client Auth-server]
|
|
881 |
[26-TLS 1.2 Ed25519 Client Auth]
|
|
882 |
ssl_conf = 26-TLS 1.2 Ed25519 Client Auth-ssl
|
|
883 |
|
|
884 |
[26-TLS 1.2 Ed25519 Client Auth-ssl]
|
|
885 |
server = 26-TLS 1.2 Ed25519 Client Auth-server
|
|
886 |
client = 26-TLS 1.2 Ed25519 Client Auth-client
|
|
887 |
|
|
888 |
[26-TLS 1.2 Ed25519 Client Auth-server]
|
836 | 889 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
837 | 890 |
CipherString = DEFAULT
|
838 | 891 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
839 | 892 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
840 | 893 |
VerifyMode = Require
|
841 | 894 |
|
842 | |
[24-TLS 1.2 Ed25519 Client Auth-client]
|
|
895 |
[26-TLS 1.2 Ed25519 Client Auth-client]
|
843 | 896 |
CipherString = DEFAULT
|
844 | 897 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem
|
845 | 898 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem
|
|
848 | 901 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
849 | 902 |
VerifyMode = Peer
|
850 | 903 |
|
851 | |
[test-24]
|
|
904 |
[test-26]
|
852 | 905 |
ExpectedClientCertType = Ed25519
|
853 | 906 |
ExpectedClientSignType = Ed25519
|
854 | 907 |
ExpectedResult = Success
|
|
856 | 909 |
|
857 | 910 |
# ===========================================================
|
858 | 911 |
|
859 | |
[25-TLS 1.2 Ed448 Client Auth]
|
860 | |
ssl_conf = 25-TLS 1.2 Ed448 Client Auth-ssl
|
861 | |
|
862 | |
[25-TLS 1.2 Ed448 Client Auth-ssl]
|
863 | |
server = 25-TLS 1.2 Ed448 Client Auth-server
|
864 | |
client = 25-TLS 1.2 Ed448 Client Auth-client
|
865 | |
|
866 | |
[25-TLS 1.2 Ed448 Client Auth-server]
|
|
912 |
[27-TLS 1.2 Ed448 Client Auth]
|
|
913 |
ssl_conf = 27-TLS 1.2 Ed448 Client Auth-ssl
|
|
914 |
|
|
915 |
[27-TLS 1.2 Ed448 Client Auth-ssl]
|
|
916 |
server = 27-TLS 1.2 Ed448 Client Auth-server
|
|
917 |
client = 27-TLS 1.2 Ed448 Client Auth-client
|
|
918 |
|
|
919 |
[27-TLS 1.2 Ed448 Client Auth-server]
|
867 | 920 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
868 | 921 |
CipherString = DEFAULT
|
869 | 922 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
870 | 923 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
871 | 924 |
VerifyMode = Require
|
872 | 925 |
|
873 | |
[25-TLS 1.2 Ed448 Client Auth-client]
|
|
926 |
[27-TLS 1.2 Ed448 Client Auth-client]
|
874 | 927 |
CipherString = DEFAULT
|
875 | 928 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem
|
876 | 929 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem
|
|
879 | 932 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
880 | 933 |
VerifyMode = Peer
|
881 | 934 |
|
882 | |
[test-25]
|
|
935 |
[test-27]
|
883 | 936 |
ExpectedClientCertType = Ed448
|
884 | 937 |
ExpectedClientSignType = Ed448
|
885 | 938 |
ExpectedResult = Success
|
|
887 | 940 |
|
888 | 941 |
# ===========================================================
|
889 | 942 |
|
890 | |
[26-Only RSA-PSS Certificate, TLS v1.1]
|
891 | |
ssl_conf = 26-Only RSA-PSS Certificate, TLS v1.1-ssl
|
892 | |
|
893 | |
[26-Only RSA-PSS Certificate, TLS v1.1-ssl]
|
894 | |
server = 26-Only RSA-PSS Certificate, TLS v1.1-server
|
895 | |
client = 26-Only RSA-PSS Certificate, TLS v1.1-client
|
896 | |
|
897 | |
[26-Only RSA-PSS Certificate, TLS v1.1-server]
|
|
943 |
[28-Only RSA-PSS Certificate, TLS v1.1]
|
|
944 |
ssl_conf = 28-Only RSA-PSS Certificate, TLS v1.1-ssl
|
|
945 |
|
|
946 |
[28-Only RSA-PSS Certificate, TLS v1.1-ssl]
|
|
947 |
server = 28-Only RSA-PSS Certificate, TLS v1.1-server
|
|
948 |
client = 28-Only RSA-PSS Certificate, TLS v1.1-client
|
|
949 |
|
|
950 |
[28-Only RSA-PSS Certificate, TLS v1.1-server]
|
898 | 951 |
Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
|
899 | 952 |
CipherString = DEFAULT
|
900 | 953 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
|
901 | 954 |
|
902 | |
[26-Only RSA-PSS Certificate, TLS v1.1-client]
|
|
955 |
[28-Only RSA-PSS Certificate, TLS v1.1-client]
|
903 | 956 |
CipherString = DEFAULT
|
904 | 957 |
MaxProtocol = TLSv1.1
|
905 | 958 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
906 | 959 |
VerifyMode = Peer
|
907 | 960 |
|
908 | |
[test-26]
|
|
961 |
[test-28]
|
909 | 962 |
ExpectedResult = ServerFail
|
910 | 963 |
|
911 | 964 |
|
912 | 965 |
# ===========================================================
|
913 | 966 |
|
914 | |
[27-TLS 1.3 ECDSA Signature Algorithm Selection]
|
915 | |
ssl_conf = 27-TLS 1.3 ECDSA Signature Algorithm Selection-ssl
|
916 | |
|
917 | |
[27-TLS 1.3 ECDSA Signature Algorithm Selection-ssl]
|
918 | |
server = 27-TLS 1.3 ECDSA Signature Algorithm Selection-server
|
919 | |
client = 27-TLS 1.3 ECDSA Signature Algorithm Selection-client
|
920 | |
|
921 | |
[27-TLS 1.3 ECDSA Signature Algorithm Selection-server]
|
922 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
923 | |
CipherString = DEFAULT
|
924 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
925 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
926 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
927 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
928 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
929 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
930 | |
MaxProtocol = TLSv1.3
|
931 | |
MinProtocol = TLSv1.3
|
932 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
933 | |
|
934 | |
[27-TLS 1.3 ECDSA Signature Algorithm Selection-client]
|
|
967 |
[29-TLS 1.3 ECDSA Signature Algorithm Selection]
|
|
968 |
ssl_conf = 29-TLS 1.3 ECDSA Signature Algorithm Selection-ssl
|
|
969 |
|
|
970 |
[29-TLS 1.3 ECDSA Signature Algorithm Selection-ssl]
|
|
971 |
server = 29-TLS 1.3 ECDSA Signature Algorithm Selection-server
|
|
972 |
client = 29-TLS 1.3 ECDSA Signature Algorithm Selection-client
|
|
973 |
|
|
974 |
[29-TLS 1.3 ECDSA Signature Algorithm Selection-server]
|
|
975 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
976 |
CipherString = DEFAULT
|
|
977 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
978 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
979 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
980 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
981 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
982 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
983 |
MaxProtocol = TLSv1.3
|
|
984 |
MinProtocol = TLSv1.3
|
|
985 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
986 |
|
|
987 |
[29-TLS 1.3 ECDSA Signature Algorithm Selection-client]
|
935 | 988 |
CipherString = DEFAULT
|
936 | 989 |
SignatureAlgorithms = ECDSA+SHA256
|
937 | 990 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
938 | 991 |
VerifyMode = Peer
|
939 | 992 |
|
940 | |
[test-27]
|
|
993 |
[test-29]
|
941 | 994 |
ExpectedResult = Success
|
942 | 995 |
ExpectedServerCANames = empty
|
943 | 996 |
ExpectedServerCertType = P-256
|
|
947 | 1000 |
|
948 | 1001 |
# ===========================================================
|
949 | 1002 |
|
950 | |
[28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point]
|
951 | |
ssl_conf = 28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl
|
952 | |
|
953 | |
[28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl]
|
954 | |
server = 28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server
|
955 | |
client = 28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client
|
956 | |
|
957 | |
[28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server]
|
|
1003 |
[30-TLS 1.3 ECDSA Signature Algorithm Selection compressed point]
|
|
1004 |
ssl_conf = 30-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl
|
|
1005 |
|
|
1006 |
[30-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl]
|
|
1007 |
server = 30-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server
|
|
1008 |
client = 30-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client
|
|
1009 |
|
|
1010 |
[30-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server]
|
958 | 1011 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
959 | 1012 |
CipherString = DEFAULT
|
960 | 1013 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
|
|
963 | 1016 |
MinProtocol = TLSv1.3
|
964 | 1017 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
965 | 1018 |
|
966 | |
[28-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client]
|
|
1019 |
[30-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client]
|
967 | 1020 |
CipherString = DEFAULT
|
968 | 1021 |
SignatureAlgorithms = ECDSA+SHA256
|
969 | 1022 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
970 | 1023 |
VerifyMode = Peer
|
971 | 1024 |
|
972 | |
[test-28]
|
|
1025 |
[test-30]
|
973 | 1026 |
ExpectedResult = Success
|
974 | 1027 |
ExpectedServerCANames = empty
|
975 | 1028 |
ExpectedServerCertType = P-256
|
|
979 | 1032 |
|
980 | 1033 |
# ===========================================================
|
981 | 1034 |
|
982 | |
[29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1]
|
983 | |
ssl_conf = 29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl
|
984 | |
|
985 | |
[29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl]
|
986 | |
server = 29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server
|
987 | |
client = 29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client
|
988 | |
|
989 | |
[29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server]
|
990 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
991 | |
CipherString = DEFAULT
|
992 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
993 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
994 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
995 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
996 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
997 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
998 | |
MaxProtocol = TLSv1.3
|
999 | |
MinProtocol = TLSv1.3
|
1000 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1001 | |
|
1002 | |
[29-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client]
|
|
1035 |
[31-TLS 1.3 ECDSA Signature Algorithm Selection SHA1]
|
|
1036 |
ssl_conf = 31-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl
|
|
1037 |
|
|
1038 |
[31-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl]
|
|
1039 |
server = 31-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server
|
|
1040 |
client = 31-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client
|
|
1041 |
|
|
1042 |
[31-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server]
|
|
1043 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1044 |
CipherString = DEFAULT
|
|
1045 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
1046 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
1047 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
1048 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
1049 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
1050 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
1051 |
MaxProtocol = TLSv1.3
|
|
1052 |
MinProtocol = TLSv1.3
|
|
1053 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1054 |
|
|
1055 |
[31-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client]
|
1003 | 1056 |
CipherString = DEFAULT
|
1004 | 1057 |
SignatureAlgorithms = ECDSA+SHA1
|
1005 | 1058 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1006 | 1059 |
VerifyMode = Peer
|
1007 | 1060 |
|
1008 | |
[test-29]
|
|
1061 |
[test-31]
|
1009 | 1062 |
ExpectedResult = ServerFail
|
1010 | 1063 |
|
1011 | 1064 |
|
1012 | 1065 |
# ===========================================================
|
1013 | 1066 |
|
1014 | |
[30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS]
|
1015 | |
ssl_conf = 30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl
|
1016 | |
|
1017 | |
[30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl]
|
1018 | |
server = 30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server
|
1019 | |
client = 30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client
|
1020 | |
|
1021 | |
[30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server]
|
1022 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1023 | |
CipherString = DEFAULT
|
1024 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
1025 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
1026 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
1027 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
1028 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
1029 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
1030 | |
MaxProtocol = TLSv1.3
|
1031 | |
MinProtocol = TLSv1.3
|
1032 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1033 | |
|
1034 | |
[30-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client]
|
|
1067 |
[32-TLS 1.3 ECDSA Signature Algorithm Selection with PSS]
|
|
1068 |
ssl_conf = 32-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl
|
|
1069 |
|
|
1070 |
[32-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl]
|
|
1071 |
server = 32-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server
|
|
1072 |
client = 32-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client
|
|
1073 |
|
|
1074 |
[32-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server]
|
|
1075 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1076 |
CipherString = DEFAULT
|
|
1077 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
1078 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
1079 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
1080 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
1081 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
1082 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
1083 |
MaxProtocol = TLSv1.3
|
|
1084 |
MinProtocol = TLSv1.3
|
|
1085 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1086 |
|
|
1087 |
[32-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client]
|
1035 | 1088 |
CipherString = DEFAULT
|
1036 | 1089 |
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
1037 | 1090 |
SignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256
|
1038 | 1091 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1039 | 1092 |
VerifyMode = Peer
|
1040 | 1093 |
|
1041 | |
[test-30]
|
|
1094 |
[test-32]
|
1042 | 1095 |
ExpectedResult = Success
|
1043 | 1096 |
ExpectedServerCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
1044 | 1097 |
ExpectedServerCertType = P-256
|
|
1048 | 1101 |
|
1049 | 1102 |
# ===========================================================
|
1050 | 1103 |
|
1051 | |
[31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS]
|
1052 | |
ssl_conf = 31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl
|
1053 | |
|
1054 | |
[31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl]
|
1055 | |
server = 31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server
|
1056 | |
client = 31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client
|
1057 | |
|
1058 | |
[31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server]
|
1059 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1060 | |
CipherString = DEFAULT
|
1061 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
1062 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
1063 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
1064 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
1065 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
1066 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
1067 | |
MaxProtocol = TLSv1.3
|
1068 | |
MinProtocol = TLSv1.3
|
1069 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1070 | |
|
1071 | |
[31-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client]
|
|
1104 |
[33-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS]
|
|
1105 |
ssl_conf = 33-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl
|
|
1106 |
|
|
1107 |
[33-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl]
|
|
1108 |
server = 33-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server
|
|
1109 |
client = 33-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client
|
|
1110 |
|
|
1111 |
[33-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server]
|
|
1112 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1113 |
CipherString = DEFAULT
|
|
1114 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
1115 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
1116 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
1117 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
1118 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
1119 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
1120 |
MaxProtocol = TLSv1.3
|
|
1121 |
MinProtocol = TLSv1.3
|
|
1122 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1123 |
|
|
1124 |
[33-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client]
|
1072 | 1125 |
CipherString = DEFAULT
|
1073 | 1126 |
SignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384
|
1074 | 1127 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1075 | 1128 |
VerifyMode = Peer
|
1076 | 1129 |
|
1077 | |
[test-31]
|
|
1130 |
[test-33]
|
1078 | 1131 |
ExpectedResult = Success
|
1079 | 1132 |
ExpectedServerCertType = RSA
|
1080 | 1133 |
ExpectedServerSignHash = SHA384
|
|
1083 | 1136 |
|
1084 | 1137 |
# ===========================================================
|
1085 | 1138 |
|
1086 | |
[32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate]
|
1087 | |
ssl_conf = 32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
|
1088 | |
|
1089 | |
[32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
|
1090 | |
server = 32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server
|
1091 | |
client = 32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client
|
1092 | |
|
1093 | |
[32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
|
1094 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1095 | |
CipherString = DEFAULT
|
1096 | |
MaxProtocol = TLSv1.3
|
1097 | |
MinProtocol = TLSv1.3
|
1098 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1099 | |
|
1100 | |
[32-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
|
|
1139 |
[34-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate]
|
|
1140 |
ssl_conf = 34-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
|
|
1141 |
|
|
1142 |
[34-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
|
|
1143 |
server = 34-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server
|
|
1144 |
client = 34-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client
|
|
1145 |
|
|
1146 |
[34-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
|
|
1147 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1148 |
CipherString = DEFAULT
|
|
1149 |
MaxProtocol = TLSv1.3
|
|
1150 |
MinProtocol = TLSv1.3
|
|
1151 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1152 |
|
|
1153 |
[34-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
|
1101 | 1154 |
CipherString = DEFAULT
|
1102 | 1155 |
SignatureAlgorithms = ECDSA+SHA256
|
1103 | 1156 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1104 | 1157 |
VerifyMode = Peer
|
1105 | 1158 |
|
1106 | |
[test-32]
|
|
1159 |
[test-34]
|
1107 | 1160 |
ExpectedResult = ServerFail
|
1108 | 1161 |
|
1109 | 1162 |
|
1110 | 1163 |
# ===========================================================
|
1111 | 1164 |
|
1112 | |
[33-TLS 1.3 RSA Signature Algorithm Selection, no PSS]
|
1113 | |
ssl_conf = 33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl
|
1114 | |
|
1115 | |
[33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl]
|
1116 | |
server = 33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server
|
1117 | |
client = 33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client
|
1118 | |
|
1119 | |
[33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server]
|
1120 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1121 | |
CipherString = DEFAULT
|
1122 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
1123 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
1124 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
1125 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
1126 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
1127 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
1128 | |
MaxProtocol = TLSv1.3
|
1129 | |
MinProtocol = TLSv1.3
|
1130 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1131 | |
|
1132 | |
[33-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client]
|
|
1165 |
[35-TLS 1.3 RSA Signature Algorithm Selection, no PSS]
|
|
1166 |
ssl_conf = 35-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl
|
|
1167 |
|
|
1168 |
[35-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl]
|
|
1169 |
server = 35-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server
|
|
1170 |
client = 35-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client
|
|
1171 |
|
|
1172 |
[35-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server]
|
|
1173 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1174 |
CipherString = DEFAULT
|
|
1175 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
1176 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
1177 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
1178 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
1179 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
1180 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
1181 |
MaxProtocol = TLSv1.3
|
|
1182 |
MinProtocol = TLSv1.3
|
|
1183 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1184 |
|
|
1185 |
[35-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client]
|
1133 | 1186 |
CipherString = DEFAULT
|
1134 | 1187 |
SignatureAlgorithms = RSA+SHA256
|
1135 | 1188 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1136 | 1189 |
VerifyMode = Peer
|
1137 | 1190 |
|
1138 | |
[test-33]
|
|
1191 |
[test-35]
|
1139 | 1192 |
ExpectedResult = ServerFail
|
1140 | 1193 |
|
1141 | 1194 |
|
1142 | 1195 |
# ===========================================================
|
1143 | 1196 |
|
1144 | |
[34-TLS 1.3 RSA-PSS Signature Algorithm Selection]
|
1145 | |
ssl_conf = 34-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl
|
1146 | |
|
1147 | |
[34-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl]
|
1148 | |
server = 34-TLS 1.3 RSA-PSS Signature Algorithm Selection-server
|
1149 | |
client = 34-TLS 1.3 RSA-PSS Signature Algorithm Selection-client
|
1150 | |
|
1151 | |
[34-TLS 1.3 RSA-PSS Signature Algorithm Selection-server]
|
1152 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1153 | |
CipherString = DEFAULT
|
1154 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
1155 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
1156 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
1157 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
1158 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
1159 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
1160 | |
MaxProtocol = TLSv1.3
|
1161 | |
MinProtocol = TLSv1.3
|
1162 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1163 | |
|
1164 | |
[34-TLS 1.3 RSA-PSS Signature Algorithm Selection-client]
|
|
1197 |
[36-TLS 1.3 RSA-PSS Signature Algorithm Selection]
|
|
1198 |
ssl_conf = 36-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl
|
|
1199 |
|
|
1200 |
[36-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl]
|
|
1201 |
server = 36-TLS 1.3 RSA-PSS Signature Algorithm Selection-server
|
|
1202 |
client = 36-TLS 1.3 RSA-PSS Signature Algorithm Selection-client
|
|
1203 |
|
|
1204 |
[36-TLS 1.3 RSA-PSS Signature Algorithm Selection-server]
|
|
1205 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1206 |
CipherString = DEFAULT
|
|
1207 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
1208 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
1209 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
1210 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
1211 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
1212 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
1213 |
MaxProtocol = TLSv1.3
|
|
1214 |
MinProtocol = TLSv1.3
|
|
1215 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1216 |
|
|
1217 |
[36-TLS 1.3 RSA-PSS Signature Algorithm Selection-client]
|
1165 | 1218 |
CipherString = DEFAULT
|
1166 | 1219 |
SignatureAlgorithms = RSA-PSS+SHA256
|
1167 | 1220 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1168 | 1221 |
VerifyMode = Peer
|
1169 | 1222 |
|
1170 | |
[test-34]
|
|
1223 |
[test-36]
|
1171 | 1224 |
ExpectedResult = Success
|
1172 | 1225 |
ExpectedServerCertType = RSA
|
1173 | 1226 |
ExpectedServerSignHash = SHA256
|
|
1176 | 1229 |
|
1177 | 1230 |
# ===========================================================
|
1178 | 1231 |
|
1179 | |
[35-TLS 1.3 Ed25519 Signature Algorithm Selection]
|
1180 | |
ssl_conf = 35-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl
|
1181 | |
|
1182 | |
[35-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl]
|
1183 | |
server = 35-TLS 1.3 Ed25519 Signature Algorithm Selection-server
|
1184 | |
client = 35-TLS 1.3 Ed25519 Signature Algorithm Selection-client
|
1185 | |
|
1186 | |
[35-TLS 1.3 Ed25519 Signature Algorithm Selection-server]
|
1187 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1188 | |
CipherString = DEFAULT
|
1189 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
1190 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
1191 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
1192 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
1193 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
1194 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
1195 | |
MaxProtocol = TLSv1.3
|
1196 | |
MinProtocol = TLSv1.3
|
1197 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1198 | |
|
1199 | |
[35-TLS 1.3 Ed25519 Signature Algorithm Selection-client]
|
|
1232 |
[37-TLS 1.3 Ed25519 Signature Algorithm Selection]
|
|
1233 |
ssl_conf = 37-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl
|
|
1234 |
|
|
1235 |
[37-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl]
|
|
1236 |
server = 37-TLS 1.3 Ed25519 Signature Algorithm Selection-server
|
|
1237 |
client = 37-TLS 1.3 Ed25519 Signature Algorithm Selection-client
|
|
1238 |
|
|
1239 |
[37-TLS 1.3 Ed25519 Signature Algorithm Selection-server]
|
|
1240 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1241 |
CipherString = DEFAULT
|
|
1242 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
1243 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
1244 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
1245 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
1246 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
1247 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
1248 |
MaxProtocol = TLSv1.3
|
|
1249 |
MinProtocol = TLSv1.3
|
|
1250 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1251 |
|
|
1252 |
[37-TLS 1.3 Ed25519 Signature Algorithm Selection-client]
|
1200 | 1253 |
CipherString = DEFAULT
|
1201 | 1254 |
SignatureAlgorithms = ed25519
|
1202 | 1255 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1203 | 1256 |
VerifyMode = Peer
|
1204 | 1257 |
|
1205 | |
[test-35]
|
|
1258 |
[test-37]
|
1206 | 1259 |
ExpectedResult = Success
|
1207 | 1260 |
ExpectedServerCertType = Ed25519
|
1208 | 1261 |
ExpectedServerSignType = Ed25519
|
|
1210 | 1263 |
|
1211 | 1264 |
# ===========================================================
|
1212 | 1265 |
|
1213 | |
[36-TLS 1.3 Ed448 Signature Algorithm Selection]
|
1214 | |
ssl_conf = 36-TLS 1.3 Ed448 Signature Algorithm Selection-ssl
|
1215 | |
|
1216 | |
[36-TLS 1.3 Ed448 Signature Algorithm Selection-ssl]
|
1217 | |
server = 36-TLS 1.3 Ed448 Signature Algorithm Selection-server
|
1218 | |
client = 36-TLS 1.3 Ed448 Signature Algorithm Selection-client
|
1219 | |
|
1220 | |
[36-TLS 1.3 Ed448 Signature Algorithm Selection-server]
|
1221 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1222 | |
CipherString = DEFAULT
|
1223 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
1224 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
1225 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
1226 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
1227 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
1228 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
1229 | |
MaxProtocol = TLSv1.3
|
1230 | |
MinProtocol = TLSv1.3
|
1231 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1232 | |
|
1233 | |
[36-TLS 1.3 Ed448 Signature Algorithm Selection-client]
|
|
1266 |
[38-TLS 1.3 Ed448 Signature Algorithm Selection]
|
|
1267 |
ssl_conf = 38-TLS 1.3 Ed448 Signature Algorithm Selection-ssl
|
|
1268 |
|
|
1269 |
[38-TLS 1.3 Ed448 Signature Algorithm Selection-ssl]
|
|
1270 |
server = 38-TLS 1.3 Ed448 Signature Algorithm Selection-server
|
|
1271 |
client = 38-TLS 1.3 Ed448 Signature Algorithm Selection-client
|
|
1272 |
|
|
1273 |
[38-TLS 1.3 Ed448 Signature Algorithm Selection-server]
|
|
1274 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1275 |
CipherString = DEFAULT
|
|
1276 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
1277 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
1278 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
1279 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
1280 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
1281 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
1282 |
MaxProtocol = TLSv1.3
|
|
1283 |
MinProtocol = TLSv1.3
|
|
1284 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1285 |
|
|
1286 |
[38-TLS 1.3 Ed448 Signature Algorithm Selection-client]
|
1234 | 1287 |
CipherString = DEFAULT
|
1235 | 1288 |
SignatureAlgorithms = ed448
|
1236 | 1289 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1237 | 1290 |
VerifyMode = Peer
|
1238 | 1291 |
|
1239 | |
[test-36]
|
|
1292 |
[test-38]
|
1240 | 1293 |
ExpectedResult = Success
|
1241 | 1294 |
ExpectedServerCertType = Ed448
|
1242 | 1295 |
ExpectedServerSignType = Ed448
|
|
1244 | 1297 |
|
1245 | 1298 |
# ===========================================================
|
1246 | 1299 |
|
1247 | |
[37-TLS 1.3 Ed25519 CipherString and Groups Selection]
|
1248 | |
ssl_conf = 37-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl
|
1249 | |
|
1250 | |
[37-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl]
|
1251 | |
server = 37-TLS 1.3 Ed25519 CipherString and Groups Selection-server
|
1252 | |
client = 37-TLS 1.3 Ed25519 CipherString and Groups Selection-client
|
1253 | |
|
1254 | |
[37-TLS 1.3 Ed25519 CipherString and Groups Selection-server]
|
1255 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1256 | |
CipherString = DEFAULT
|
1257 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
1258 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
1259 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
1260 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
1261 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
1262 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
1263 | |
MaxProtocol = TLSv1.3
|
1264 | |
MinProtocol = TLSv1.3
|
1265 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1266 | |
|
1267 | |
[37-TLS 1.3 Ed25519 CipherString and Groups Selection-client]
|
|
1300 |
[39-TLS 1.3 Ed25519 CipherString and Groups Selection]
|
|
1301 |
ssl_conf = 39-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl
|
|
1302 |
|
|
1303 |
[39-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl]
|
|
1304 |
server = 39-TLS 1.3 Ed25519 CipherString and Groups Selection-server
|
|
1305 |
client = 39-TLS 1.3 Ed25519 CipherString and Groups Selection-client
|
|
1306 |
|
|
1307 |
[39-TLS 1.3 Ed25519 CipherString and Groups Selection-server]
|
|
1308 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1309 |
CipherString = DEFAULT
|
|
1310 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
1311 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
1312 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
1313 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
1314 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
1315 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
1316 |
MaxProtocol = TLSv1.3
|
|
1317 |
MinProtocol = TLSv1.3
|
|
1318 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1319 |
|
|
1320 |
[39-TLS 1.3 Ed25519 CipherString and Groups Selection-client]
|
1268 | 1321 |
CipherString = DEFAULT
|
1269 | 1322 |
Groups = X25519
|
1270 | 1323 |
SignatureAlgorithms = ECDSA+SHA256:ed25519
|
1271 | 1324 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1272 | 1325 |
VerifyMode = Peer
|
1273 | 1326 |
|
1274 | |
[test-37]
|
|
1327 |
[test-39]
|
1275 | 1328 |
ExpectedResult = Success
|
1276 | 1329 |
ExpectedServerCertType = P-256
|
1277 | 1330 |
ExpectedServerSignType = EC
|
|
1279 | 1332 |
|
1280 | 1333 |
# ===========================================================
|
1281 | 1334 |
|
1282 | |
[38-TLS 1.3 Ed448 CipherString and Groups Selection]
|
1283 | |
ssl_conf = 38-TLS 1.3 Ed448 CipherString and Groups Selection-ssl
|
1284 | |
|
1285 | |
[38-TLS 1.3 Ed448 CipherString and Groups Selection-ssl]
|
1286 | |
server = 38-TLS 1.3 Ed448 CipherString and Groups Selection-server
|
1287 | |
client = 38-TLS 1.3 Ed448 CipherString and Groups Selection-client
|
1288 | |
|
1289 | |
[38-TLS 1.3 Ed448 CipherString and Groups Selection-server]
|
1290 | |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1291 | |
CipherString = DEFAULT
|
1292 | |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
1293 | |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
1294 | |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
1295 | |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
1296 | |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
1297 | |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
1298 | |
MaxProtocol = TLSv1.3
|
1299 | |
MinProtocol = TLSv1.3
|
1300 | |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1301 | |
|
1302 | |
[38-TLS 1.3 Ed448 CipherString and Groups Selection-client]
|
|
1335 |
[40-TLS 1.3 Ed448 CipherString and Groups Selection]
|
|
1336 |
ssl_conf = 40-TLS 1.3 Ed448 CipherString and Groups Selection-ssl
|
|
1337 |
|
|
1338 |
[40-TLS 1.3 Ed448 CipherString and Groups Selection-ssl]
|
|
1339 |
server = 40-TLS 1.3 Ed448 CipherString and Groups Selection-server
|
|
1340 |
client = 40-TLS 1.3 Ed448 CipherString and Groups Selection-client
|
|
1341 |
|
|
1342 |
[40-TLS 1.3 Ed448 CipherString and Groups Selection-server]
|
|
1343 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
|
1344 |
CipherString = DEFAULT
|
|
1345 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
|
|
1346 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
|
|
1347 |
Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
|
|
1348 |
Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
|
|
1349 |
Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem
|
|
1350 |
Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem
|
|
1351 |
MaxProtocol = TLSv1.3
|
|
1352 |
MinProtocol = TLSv1.3
|
|
1353 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
|
1354 |
|
|
1355 |
[40-TLS 1.3 Ed448 CipherString and Groups Selection-client]
|
1303 | 1356 |
CipherString = DEFAULT
|
1304 | 1357 |
Groups = X448
|
1305 | 1358 |
SignatureAlgorithms = ECDSA+SHA256:ed448
|
1306 | 1359 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1307 | 1360 |
VerifyMode = Peer
|
1308 | 1361 |
|
1309 | |
[test-38]
|
|
1362 |
[test-40]
|
1310 | 1363 |
ExpectedResult = Success
|
1311 | 1364 |
ExpectedServerCertType = P-256
|
1312 | 1365 |
ExpectedServerSignType = EC
|
|
1314 | 1367 |
|
1315 | 1368 |
# ===========================================================
|
1316 | 1369 |
|
1317 | |
[39-TLS 1.3 RSA Client Auth Signature Algorithm Selection]
|
1318 | |
ssl_conf = 39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl
|
1319 | |
|
1320 | |
[39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl]
|
1321 | |
server = 39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server
|
1322 | |
client = 39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client
|
1323 | |
|
1324 | |
[39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server]
|
|
1370 |
[41-TLS 1.3 RSA Client Auth Signature Algorithm Selection]
|
|
1371 |
ssl_conf = 41-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl
|
|
1372 |
|
|
1373 |
[41-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl]
|
|
1374 |
server = 41-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server
|
|
1375 |
client = 41-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client
|
|
1376 |
|
|
1377 |
[41-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server]
|
1325 | 1378 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1326 | 1379 |
CipherString = DEFAULT
|
1327 | 1380 |
ClientSignatureAlgorithms = PSS+SHA256
|
|
1329 | 1382 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
1330 | 1383 |
VerifyMode = Require
|
1331 | 1384 |
|
1332 | |
[39-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client]
|
|
1385 |
[41-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client]
|
1333 | 1386 |
CipherString = DEFAULT
|
1334 | 1387 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
|
1335 | 1388 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
|
|
1340 | 1393 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1341 | 1394 |
VerifyMode = Peer
|
1342 | 1395 |
|
1343 | |
[test-39]
|
|
1396 |
[test-41]
|
1344 | 1397 |
ExpectedClientCANames = empty
|
1345 | 1398 |
ExpectedClientCertType = RSA
|
1346 | 1399 |
ExpectedClientSignHash = SHA256
|
|
1350 | 1403 |
|
1351 | 1404 |
# ===========================================================
|
1352 | 1405 |
|
1353 | |
[40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names]
|
1354 | |
ssl_conf = 40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl
|
1355 | |
|
1356 | |
[40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl]
|
1357 | |
server = 40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server
|
1358 | |
client = 40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client
|
1359 | |
|
1360 | |
[40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server]
|
|
1406 |
[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names]
|
|
1407 |
ssl_conf = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl
|
|
1408 |
|
|
1409 |
[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl]
|
|
1410 |
server = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server
|
|
1411 |
client = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client
|
|
1412 |
|
|
1413 |
[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server]
|
1361 | 1414 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1362 | 1415 |
CipherString = DEFAULT
|
1363 | 1416 |
ClientSignatureAlgorithms = PSS+SHA256
|
|
1366 | 1419 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
1367 | 1420 |
VerifyMode = Require
|
1368 | 1421 |
|
1369 | |
[40-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client]
|
|
1422 |
[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client]
|
1370 | 1423 |
CipherString = DEFAULT
|
1371 | 1424 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
|
1372 | 1425 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
|
|
1377 | 1430 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1378 | 1431 |
VerifyMode = Peer
|
1379 | 1432 |
|
1380 | |
[test-40]
|
|
1433 |
[test-42]
|
1381 | 1434 |
ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
1382 | 1435 |
ExpectedClientCertType = RSA
|
1383 | 1436 |
ExpectedClientSignHash = SHA256
|
|
1387 | 1440 |
|
1388 | 1441 |
# ===========================================================
|
1389 | 1442 |
|
1390 | |
[41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection]
|
1391 | |
ssl_conf = 41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl
|
1392 | |
|
1393 | |
[41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl]
|
1394 | |
server = 41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server
|
1395 | |
client = 41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client
|
1396 | |
|
1397 | |
[41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server]
|
|
1443 |
[43-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection]
|
|
1444 |
ssl_conf = 43-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl
|
|
1445 |
|
|
1446 |
[43-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl]
|
|
1447 |
server = 43-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server
|
|
1448 |
client = 43-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client
|
|
1449 |
|
|
1450 |
[43-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server]
|
1398 | 1451 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1399 | 1452 |
CipherString = DEFAULT
|
1400 | 1453 |
ClientSignatureAlgorithms = ECDSA+SHA256
|
|
1402 | 1455 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
1403 | 1456 |
VerifyMode = Require
|
1404 | 1457 |
|
1405 | |
[41-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client]
|
|
1458 |
[43-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client]
|
1406 | 1459 |
CipherString = DEFAULT
|
1407 | 1460 |
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
|
1408 | 1461 |
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
|
|
1413 | 1466 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1414 | 1467 |
VerifyMode = Peer
|
1415 | 1468 |
|
1416 | |
[test-41]
|
|
1469 |
[test-43]
|
1417 | 1470 |
ExpectedClientCertType = P-256
|
1418 | 1471 |
ExpectedClientSignHash = SHA256
|
1419 | 1472 |
ExpectedClientSignType = EC
|
|
1422 | 1475 |
|
1423 | 1476 |
# ===========================================================
|
1424 | 1477 |
|
1425 | |
[42-TLS 1.3 Ed25519 Client Auth]
|
1426 | |
ssl_conf = 42-TLS 1.3 Ed25519 Client Auth-ssl
|
1427 | |
|
1428 | |
[42-TLS 1.3 Ed25519 Client Auth-ssl]
|
1429 | |
server = 42-TLS 1.3 Ed25519 Client Auth-server
|
1430 | |
client = 42-TLS 1.3 Ed25519 Client Auth-client
|
1431 | |
|
1432 | |
[42-TLS 1.3 Ed25519 Client Auth-server]
|
|
1478 |
[44-TLS 1.3 Ed25519 Client Auth]
|
|
1479 |
ssl_conf = 44-TLS 1.3 Ed25519 Client Auth-ssl
|
|
1480 |
|
|
1481 |
[44-TLS 1.3 Ed25519 Client Auth-ssl]
|
|
1482 |
server = 44-TLS 1.3 Ed25519 Client Auth-server
|
|
1483 |
client = 44-TLS 1.3 Ed25519 Client Auth-client
|
|
1484 |
|
|
1485 |
[44-TLS 1.3 Ed25519 Client Auth-server]
|
1433 | 1486 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1434 | 1487 |
CipherString = DEFAULT
|
1435 | 1488 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1436 | 1489 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
1437 | 1490 |
VerifyMode = Require
|
1438 | 1491 |
|
1439 | |
[42-TLS 1.3 Ed25519 Client Auth-client]
|
|
1492 |
[44-TLS 1.3 Ed25519 Client Auth-client]
|
1440 | 1493 |
CipherString = DEFAULT
|
1441 | 1494 |
EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem
|
1442 | 1495 |
EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem
|
|
1445 | 1498 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1446 | 1499 |
VerifyMode = Peer
|
1447 | 1500 |
|
1448 | |
[test-42]
|
|
1501 |
[test-44]
|
1449 | 1502 |
ExpectedClientCertType = Ed25519
|
1450 | 1503 |
ExpectedClientSignType = Ed25519
|
1451 | 1504 |
ExpectedResult = Success
|
|
1453 | 1506 |
|
1454 | 1507 |
# ===========================================================
|
1455 | 1508 |
|
1456 | |
[43-TLS 1.3 Ed448 Client Auth]
|
1457 | |
ssl_conf = 43-TLS 1.3 Ed448 Client Auth-ssl
|
1458 | |
|
1459 | |
[43-TLS 1.3 Ed448 Client Auth-ssl]
|
1460 | |
server = 43-TLS 1.3 Ed448 Client Auth-server
|
1461 | |
client = 43-TLS 1.3 Ed448 Client Auth-client
|
1462 | |
|
1463 | |
[43-TLS 1.3 Ed448 Client Auth-server]
|
|
1509 |
[45-TLS 1.3 Ed448 Client Auth]
|
|
1510 |
ssl_conf = 45-TLS 1.3 Ed448 Client Auth-ssl
|
|
1511 |
|
|
1512 |
[45-TLS 1.3 Ed448 Client Auth-ssl]
|
|
1513 |
server = 45-TLS 1.3 Ed448 Client Auth-server
|
|
1514 |
client = 45-TLS 1.3 Ed448 Client Auth-client
|
|
1515 |
|
|
1516 |
[45-TLS 1.3 Ed448 Client Auth-server]
|
1464 | 1517 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1465 | 1518 |
CipherString = DEFAULT
|
1466 | 1519 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1467 | 1520 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
1468 | 1521 |
VerifyMode = Require
|
1469 | 1522 |
|
1470 | |
[43-TLS 1.3 Ed448 Client Auth-client]
|
|
1523 |
[45-TLS 1.3 Ed448 Client Auth-client]
|
1471 | 1524 |
CipherString = DEFAULT
|
1472 | 1525 |
EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem
|
1473 | 1526 |
EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem
|
|
1476 | 1529 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1477 | 1530 |
VerifyMode = Peer
|
1478 | 1531 |
|
1479 | |
[test-43]
|
|
1532 |
[test-45]
|
1480 | 1533 |
ExpectedClientCertType = Ed448
|
1481 | 1534 |
ExpectedClientSignType = Ed448
|
1482 | 1535 |
ExpectedResult = Success
|
|
1484 | 1537 |
|
1485 | 1538 |
# ===========================================================
|
1486 | 1539 |
|
1487 | |
[44-TLS 1.2 DSA Certificate Test]
|
1488 | |
ssl_conf = 44-TLS 1.2 DSA Certificate Test-ssl
|
1489 | |
|
1490 | |
[44-TLS 1.2 DSA Certificate Test-ssl]
|
1491 | |
server = 44-TLS 1.2 DSA Certificate Test-server
|
1492 | |
client = 44-TLS 1.2 DSA Certificate Test-client
|
1493 | |
|
1494 | |
[44-TLS 1.2 DSA Certificate Test-server]
|
|
1540 |
[46-TLS 1.2 DSA Certificate Test]
|
|
1541 |
ssl_conf = 46-TLS 1.2 DSA Certificate Test-ssl
|
|
1542 |
|
|
1543 |
[46-TLS 1.2 DSA Certificate Test-ssl]
|
|
1544 |
server = 46-TLS 1.2 DSA Certificate Test-server
|
|
1545 |
client = 46-TLS 1.2 DSA Certificate Test-client
|
|
1546 |
|
|
1547 |
[46-TLS 1.2 DSA Certificate Test-server]
|
1495 | 1548 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1496 | 1549 |
CipherString = ALL
|
1497 | 1550 |
DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem
|
|
1501 | 1554 |
MinProtocol = TLSv1.2
|
1502 | 1555 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1503 | 1556 |
|
1504 | |
[44-TLS 1.2 DSA Certificate Test-client]
|
|
1557 |
[46-TLS 1.2 DSA Certificate Test-client]
|
1505 | 1558 |
CipherString = ALL
|
1506 | 1559 |
SignatureAlgorithms = DSA+SHA256:DSA+SHA1
|
1507 | 1560 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1508 | 1561 |
VerifyMode = Peer
|
1509 | 1562 |
|
1510 | |
[test-44]
|
1511 | |
ExpectedResult = Success
|
1512 | |
|
1513 | |
|
1514 | |
# ===========================================================
|
1515 | |
|
1516 | |
[45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms]
|
1517 | |
ssl_conf = 45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl
|
1518 | |
|
1519 | |
[45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl]
|
1520 | |
server = 45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server
|
1521 | |
client = 45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client
|
1522 | |
|
1523 | |
[45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
|
|
1563 |
[test-46]
|
|
1564 |
ExpectedResult = Success
|
|
1565 |
|
|
1566 |
|
|
1567 |
# ===========================================================
|
|
1568 |
|
|
1569 |
[47-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms]
|
|
1570 |
ssl_conf = 47-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl
|
|
1571 |
|
|
1572 |
[47-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl]
|
|
1573 |
server = 47-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server
|
|
1574 |
client = 47-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client
|
|
1575 |
|
|
1576 |
[47-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
|
1524 | 1577 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1525 | 1578 |
CipherString = DEFAULT
|
1526 | 1579 |
ClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256
|
|
1528 | 1581 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
|
1529 | 1582 |
VerifyMode = Request
|
1530 | 1583 |
|
1531 | |
[45-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client]
|
1532 | |
CipherString = DEFAULT
|
1533 | |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1534 | |
VerifyMode = Peer
|
1535 | |
|
1536 | |
[test-45]
|
|
1584 |
[47-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client]
|
|
1585 |
CipherString = DEFAULT
|
|
1586 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
|
1587 |
VerifyMode = Peer
|
|
1588 |
|
|
1589 |
[test-47]
|
1537 | 1590 |
ExpectedResult = ServerFail
|
1538 | 1591 |
|
1539 | 1592 |
|
1540 | 1593 |
# ===========================================================
|
1541 | 1594 |
|
1542 | |
[46-TLS 1.3 DSA Certificate Test]
|
1543 | |
ssl_conf = 46-TLS 1.3 DSA Certificate Test-ssl
|
1544 | |
|
1545 | |
[46-TLS 1.3 DSA Certificate Test-ssl]
|
1546 | |
server = 46-TLS 1.3 DSA Certificate Test-server
|
1547 | |
client = 46-TLS 1.3 DSA Certificate Test-client
|
1548 | |
|
1549 | |
[46-TLS 1.3 DSA Certificate Test-server]
|
|
1595 |
[48-TLS 1.3 DSA Certificate Test]
|
|
1596 |
ssl_conf = 48-TLS 1.3 DSA Certificate Test-ssl
|
|
1597 |
|
|
1598 |
[48-TLS 1.3 DSA Certificate Test-ssl]
|
|
1599 |
server = 48-TLS 1.3 DSA Certificate Test-server
|
|
1600 |
client = 48-TLS 1.3 DSA Certificate Test-client
|
|
1601 |
|
|
1602 |
[48-TLS 1.3 DSA Certificate Test-server]
|
1550 | 1603 |
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
|
1551 | 1604 |
CipherString = ALL
|
1552 | 1605 |
DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
|
|
1555 | 1608 |
MinProtocol = TLSv1.3
|
1556 | 1609 |
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
|
1557 | 1610 |
|
1558 | |
[46-TLS 1.3 DSA Certificate Test-client]
|
|
1611 |
[48-TLS 1.3 DSA Certificate Test-client]
|
1559 | 1612 |
CipherString = ALL
|
1560 | 1613 |
SignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256
|
1561 | 1614 |
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
|
1562 | 1615 |
VerifyMode = Peer
|
1563 | 1616 |
|
1564 | |
[test-46]
|
|
1617 |
[test-48]
|
1565 | 1618 |
ExpectedResult = ServerFail
|
1566 | 1619 |
|
1567 | 1620 |
|