1e0c4386eSCy Schubert# Generated with generate_ssl_tests.pl 2e0c4386eSCy Schubert 3e0c4386eSCy Schubertnum_tests = 57 4e0c4386eSCy Schubert 5e0c4386eSCy Schuberttest-0 = 0-ECDSA CipherString Selection 6e0c4386eSCy Schuberttest-1 = 1-ECDSA CipherString Selection 7e0c4386eSCy Schuberttest-2 = 2-ECDSA CipherString Selection 8e0c4386eSCy Schuberttest-3 = 3-RSA CipherString Selection 9e0c4386eSCy Schuberttest-4 = 4-P-256 CipherString and Signature Algorithm Selection 10e0c4386eSCy Schuberttest-5 = 5-ECDSA CipherString Selection, no ECDSA certificate 11e0c4386eSCy Schuberttest-6 = 6-ECDSA Signature Algorithm Selection 12e0c4386eSCy Schuberttest-7 = 7-ECDSA Signature Algorithm Selection SHA384 13e0c4386eSCy Schuberttest-8 = 8-ECDSA Signature Algorithm Selection compressed point 14e0c4386eSCy Schuberttest-9 = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate 15e0c4386eSCy Schuberttest-10 = 10-RSA Signature Algorithm Selection 16e0c4386eSCy Schuberttest-11 = 11-RSA-PSS Signature Algorithm Selection 17e0c4386eSCy Schuberttest-12 = 12-RSA key exchange with all RSA certificate types 18e0c4386eSCy Schuberttest-13 = 13-Suite B P-256 Hash Algorithm Selection 19e0c4386eSCy Schuberttest-14 = 14-Suite B P-384 Hash Algorithm Selection 20e0c4386eSCy Schuberttest-15 = 15-Ed25519 CipherString and Signature Algorithm Selection 21e0c4386eSCy Schuberttest-16 = 16-Ed448 CipherString and Signature Algorithm Selection 22*44096ebdSEnji Coopertest-17 = 17-TLS 1.2 Ed25519 Client Auth 23*44096ebdSEnji Coopertest-18 = 18-TLS 1.2 Ed448 Client Auth 24*44096ebdSEnji Coopertest-19 = 19-ECDSA Signature Algorithm Selection SHA1 25*44096ebdSEnji Coopertest-20 = 20-ECDSA with brainpool 26*44096ebdSEnji Coopertest-21 = 21-Ed25519 CipherString and Curves Selection 27*44096ebdSEnji Coopertest-22 = 22-Ed448 CipherString and Curves Selection 28e0c4386eSCy Schuberttest-23 = 23-RSA-PSS Certificate CipherString Selection 29e0c4386eSCy Schuberttest-24 = 24-RSA-PSS Certificate Legacy Signature Algorithm Selection 30e0c4386eSCy Schuberttest-25 = 25-RSA-PSS Certificate Unified Signature Algorithm Selection 31e0c4386eSCy Schuberttest-26 = 26-Only RSA-PSS Certificate 32e0c4386eSCy Schuberttest-27 = 27-Only RSA-PSS Certificate Valid Signature Algorithms 33e0c4386eSCy Schuberttest-28 = 28-RSA-PSS Certificate, no PSS signature algorithms 34e0c4386eSCy Schuberttest-29 = 29-Only RSA-PSS Restricted Certificate 35e0c4386eSCy Schuberttest-30 = 30-RSA-PSS Restricted Certificate Valid Signature Algorithms 36e0c4386eSCy Schuberttest-31 = 31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm 37e0c4386eSCy Schuberttest-32 = 32-RSA-PSS Restricted Certificate Invalid Signature Algorithms 38e0c4386eSCy Schuberttest-33 = 33-RSA key exchange with only RSA-PSS certificate 39e0c4386eSCy Schuberttest-34 = 34-Only RSA-PSS Certificate, TLS v1.1 40e0c4386eSCy Schuberttest-35 = 35-TLS 1.3 ECDSA Signature Algorithm Selection 41e0c4386eSCy Schuberttest-36 = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point 42e0c4386eSCy Schuberttest-37 = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1 43e0c4386eSCy Schuberttest-38 = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS 44e0c4386eSCy Schuberttest-39 = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS 45e0c4386eSCy Schuberttest-40 = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate 46e0c4386eSCy Schuberttest-41 = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS 47e0c4386eSCy Schuberttest-42 = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection 48e0c4386eSCy Schuberttest-43 = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection 49e0c4386eSCy Schuberttest-44 = 44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names 50e0c4386eSCy Schuberttest-45 = 45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection 51e0c4386eSCy Schuberttest-46 = 46-TLS 1.3 Ed25519 Signature Algorithm Selection 52e0c4386eSCy Schuberttest-47 = 47-TLS 1.3 Ed448 Signature Algorithm Selection 53e0c4386eSCy Schuberttest-48 = 48-TLS 1.3 Ed25519 CipherString and Groups Selection 54e0c4386eSCy Schuberttest-49 = 49-TLS 1.3 Ed448 CipherString and Groups Selection 55e0c4386eSCy Schuberttest-50 = 50-TLS 1.3 Ed25519 Client Auth 56e0c4386eSCy Schuberttest-51 = 51-TLS 1.3 Ed448 Client Auth 57e0c4386eSCy Schuberttest-52 = 52-TLS 1.3 ECDSA with brainpool but no suitable groups 58e0c4386eSCy Schuberttest-53 = 53-TLS 1.3 ECDSA with brainpool 59e0c4386eSCy Schuberttest-54 = 54-TLS 1.2 DSA Certificate Test 60e0c4386eSCy Schuberttest-55 = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms 61e0c4386eSCy Schuberttest-56 = 56-TLS 1.3 DSA Certificate Test 62e0c4386eSCy Schubert# =========================================================== 63e0c4386eSCy Schubert 64e0c4386eSCy Schubert[0-ECDSA CipherString Selection] 65e0c4386eSCy Schubertssl_conf = 0-ECDSA CipherString Selection-ssl 66e0c4386eSCy Schubert 67e0c4386eSCy Schubert[0-ECDSA CipherString Selection-ssl] 68e0c4386eSCy Schubertserver = 0-ECDSA CipherString Selection-server 69e0c4386eSCy Schubertclient = 0-ECDSA CipherString Selection-client 70e0c4386eSCy Schubert 71e0c4386eSCy Schubert[0-ECDSA CipherString Selection-server] 72e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 73e0c4386eSCy SchubertCipherString = DEFAULT 74e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 75e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 76e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 77e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 78e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 79e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 80e0c4386eSCy SchubertMaxProtocol = TLSv1.2 81e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 82e0c4386eSCy Schubert 83e0c4386eSCy Schubert[0-ECDSA CipherString Selection-client] 84e0c4386eSCy SchubertCipherString = aECDSA 85e0c4386eSCy SchubertMaxProtocol = TLSv1.2 86e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 87e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 88e0c4386eSCy SchubertVerifyMode = Peer 89e0c4386eSCy Schubert 90e0c4386eSCy Schubert[test-0] 91e0c4386eSCy SchubertExpectedResult = Success 92e0c4386eSCy SchubertExpectedServerCANames = empty 93e0c4386eSCy SchubertExpectedServerCertType = P-256 94e0c4386eSCy SchubertExpectedServerSignType = EC 95e0c4386eSCy Schubert 96e0c4386eSCy Schubert 97e0c4386eSCy Schubert# =========================================================== 98e0c4386eSCy Schubert 99e0c4386eSCy Schubert[1-ECDSA CipherString Selection] 100e0c4386eSCy Schubertssl_conf = 1-ECDSA CipherString Selection-ssl 101e0c4386eSCy Schubert 102e0c4386eSCy Schubert[1-ECDSA CipherString Selection-ssl] 103e0c4386eSCy Schubertserver = 1-ECDSA CipherString Selection-server 104e0c4386eSCy Schubertclient = 1-ECDSA CipherString Selection-client 105e0c4386eSCy Schubert 106e0c4386eSCy Schubert[1-ECDSA CipherString Selection-server] 107e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 108e0c4386eSCy SchubertCipherString = DEFAULT 109e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 110e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 111e0c4386eSCy SchubertGroups = P-384 112e0c4386eSCy SchubertMaxProtocol = TLSv1.2 113e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 114e0c4386eSCy Schubert 115e0c4386eSCy Schubert[1-ECDSA CipherString Selection-client] 116e0c4386eSCy SchubertCipherString = aECDSA 117e0c4386eSCy SchubertGroups = P-256:P-384 118e0c4386eSCy SchubertMaxProtocol = TLSv1.2 119e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 120e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 121e0c4386eSCy SchubertVerifyMode = Peer 122e0c4386eSCy Schubert 123e0c4386eSCy Schubert[test-1] 124e0c4386eSCy SchubertExpectedResult = Success 125e0c4386eSCy SchubertExpectedServerCANames = empty 126e0c4386eSCy SchubertExpectedServerCertType = P-256 127e0c4386eSCy SchubertExpectedServerSignType = EC 128e0c4386eSCy Schubert 129e0c4386eSCy Schubert 130e0c4386eSCy Schubert# =========================================================== 131e0c4386eSCy Schubert 132e0c4386eSCy Schubert[2-ECDSA CipherString Selection] 133e0c4386eSCy Schubertssl_conf = 2-ECDSA CipherString Selection-ssl 134e0c4386eSCy Schubert 135e0c4386eSCy Schubert[2-ECDSA CipherString Selection-ssl] 136e0c4386eSCy Schubertserver = 2-ECDSA CipherString Selection-server 137e0c4386eSCy Schubertclient = 2-ECDSA CipherString Selection-client 138e0c4386eSCy Schubert 139e0c4386eSCy Schubert[2-ECDSA CipherString Selection-server] 140e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 141e0c4386eSCy SchubertCipherString = DEFAULT 142e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 143e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 144e0c4386eSCy SchubertGroups = P-256:P-384 145e0c4386eSCy SchubertMaxProtocol = TLSv1.2 146e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 147e0c4386eSCy Schubert 148e0c4386eSCy Schubert[2-ECDSA CipherString Selection-client] 149e0c4386eSCy SchubertCipherString = aECDSA 150e0c4386eSCy SchubertGroups = P-384 151e0c4386eSCy SchubertMaxProtocol = TLSv1.2 152e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 153e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 154e0c4386eSCy SchubertVerifyMode = Peer 155e0c4386eSCy Schubert 156e0c4386eSCy Schubert[test-2] 157e0c4386eSCy SchubertExpectedResult = ServerFail 158e0c4386eSCy Schubert 159e0c4386eSCy Schubert 160e0c4386eSCy Schubert# =========================================================== 161e0c4386eSCy Schubert 162e0c4386eSCy Schubert[3-RSA CipherString Selection] 163e0c4386eSCy Schubertssl_conf = 3-RSA CipherString Selection-ssl 164e0c4386eSCy Schubert 165e0c4386eSCy Schubert[3-RSA CipherString Selection-ssl] 166e0c4386eSCy Schubertserver = 3-RSA CipherString Selection-server 167e0c4386eSCy Schubertclient = 3-RSA CipherString Selection-client 168e0c4386eSCy Schubert 169e0c4386eSCy Schubert[3-RSA CipherString Selection-server] 170e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 171e0c4386eSCy SchubertCipherString = DEFAULT 172e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 173e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 174e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 175e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 176e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 177e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 178e0c4386eSCy SchubertMaxProtocol = TLSv1.2 179e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 180e0c4386eSCy Schubert 181e0c4386eSCy Schubert[3-RSA CipherString Selection-client] 182e0c4386eSCy SchubertCipherString = aRSA 183e0c4386eSCy SchubertMaxProtocol = TLSv1.2 184e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 185e0c4386eSCy SchubertVerifyMode = Peer 186e0c4386eSCy Schubert 187e0c4386eSCy Schubert[test-3] 188e0c4386eSCy SchubertExpectedResult = Success 189e0c4386eSCy SchubertExpectedServerCertType = RSA 190e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 191e0c4386eSCy Schubert 192e0c4386eSCy Schubert 193e0c4386eSCy Schubert# =========================================================== 194e0c4386eSCy Schubert 195e0c4386eSCy Schubert[4-P-256 CipherString and Signature Algorithm Selection] 196e0c4386eSCy Schubertssl_conf = 4-P-256 CipherString and Signature Algorithm Selection-ssl 197e0c4386eSCy Schubert 198e0c4386eSCy Schubert[4-P-256 CipherString and Signature Algorithm Selection-ssl] 199e0c4386eSCy Schubertserver = 4-P-256 CipherString and Signature Algorithm Selection-server 200e0c4386eSCy Schubertclient = 4-P-256 CipherString and Signature Algorithm Selection-client 201e0c4386eSCy Schubert 202e0c4386eSCy Schubert[4-P-256 CipherString and Signature Algorithm Selection-server] 203e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 204e0c4386eSCy SchubertCipherString = DEFAULT 205e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 206e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 207e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 208e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 209e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 210e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 211e0c4386eSCy SchubertMaxProtocol = TLSv1.2 212e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 213e0c4386eSCy Schubert 214e0c4386eSCy Schubert[4-P-256 CipherString and Signature Algorithm Selection-client] 215e0c4386eSCy SchubertCipherString = aECDSA 216e0c4386eSCy SchubertMaxProtocol = TLSv1.2 217e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256:ed25519 218e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 219e0c4386eSCy SchubertVerifyMode = Peer 220e0c4386eSCy Schubert 221e0c4386eSCy Schubert[test-4] 222e0c4386eSCy SchubertExpectedResult = Success 223e0c4386eSCy SchubertExpectedServerCertType = P-256 224e0c4386eSCy SchubertExpectedServerSignHash = SHA256 225e0c4386eSCy SchubertExpectedServerSignType = EC 226e0c4386eSCy Schubert 227e0c4386eSCy Schubert 228e0c4386eSCy Schubert# =========================================================== 229e0c4386eSCy Schubert 230e0c4386eSCy Schubert[5-ECDSA CipherString Selection, no ECDSA certificate] 231e0c4386eSCy Schubertssl_conf = 5-ECDSA CipherString Selection, no ECDSA certificate-ssl 232e0c4386eSCy Schubert 233e0c4386eSCy Schubert[5-ECDSA CipherString Selection, no ECDSA certificate-ssl] 234e0c4386eSCy Schubertserver = 5-ECDSA CipherString Selection, no ECDSA certificate-server 235e0c4386eSCy Schubertclient = 5-ECDSA CipherString Selection, no ECDSA certificate-client 236e0c4386eSCy Schubert 237e0c4386eSCy Schubert[5-ECDSA CipherString Selection, no ECDSA certificate-server] 238e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 239e0c4386eSCy SchubertCipherString = DEFAULT 240e0c4386eSCy SchubertMaxProtocol = TLSv1.2 241e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 242e0c4386eSCy Schubert 243e0c4386eSCy Schubert[5-ECDSA CipherString Selection, no ECDSA certificate-client] 244e0c4386eSCy SchubertCipherString = aECDSA 245e0c4386eSCy SchubertMaxProtocol = TLSv1.2 246e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 247e0c4386eSCy SchubertVerifyMode = Peer 248e0c4386eSCy Schubert 249e0c4386eSCy Schubert[test-5] 250e0c4386eSCy SchubertExpectedResult = ServerFail 251e0c4386eSCy Schubert 252e0c4386eSCy Schubert 253e0c4386eSCy Schubert# =========================================================== 254e0c4386eSCy Schubert 255e0c4386eSCy Schubert[6-ECDSA Signature Algorithm Selection] 256e0c4386eSCy Schubertssl_conf = 6-ECDSA Signature Algorithm Selection-ssl 257e0c4386eSCy Schubert 258e0c4386eSCy Schubert[6-ECDSA Signature Algorithm Selection-ssl] 259e0c4386eSCy Schubertserver = 6-ECDSA Signature Algorithm Selection-server 260e0c4386eSCy Schubertclient = 6-ECDSA Signature Algorithm Selection-client 261e0c4386eSCy Schubert 262e0c4386eSCy Schubert[6-ECDSA Signature Algorithm Selection-server] 263e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 264e0c4386eSCy SchubertCipherString = DEFAULT 265e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 266e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 267e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 268e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 269e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 270e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 271e0c4386eSCy SchubertMaxProtocol = TLSv1.2 272e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 273e0c4386eSCy Schubert 274e0c4386eSCy Schubert[6-ECDSA Signature Algorithm Selection-client] 275e0c4386eSCy SchubertCipherString = DEFAULT 276e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256 277e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 278e0c4386eSCy SchubertVerifyMode = Peer 279e0c4386eSCy Schubert 280e0c4386eSCy Schubert[test-6] 281e0c4386eSCy SchubertExpectedResult = Success 282e0c4386eSCy SchubertExpectedServerCertType = P-256 283e0c4386eSCy SchubertExpectedServerSignHash = SHA256 284e0c4386eSCy SchubertExpectedServerSignType = EC 285e0c4386eSCy Schubert 286e0c4386eSCy Schubert 287e0c4386eSCy Schubert# =========================================================== 288e0c4386eSCy Schubert 289e0c4386eSCy Schubert[7-ECDSA Signature Algorithm Selection SHA384] 290e0c4386eSCy Schubertssl_conf = 7-ECDSA Signature Algorithm Selection SHA384-ssl 291e0c4386eSCy Schubert 292e0c4386eSCy Schubert[7-ECDSA Signature Algorithm Selection SHA384-ssl] 293e0c4386eSCy Schubertserver = 7-ECDSA Signature Algorithm Selection SHA384-server 294e0c4386eSCy Schubertclient = 7-ECDSA Signature Algorithm Selection SHA384-client 295e0c4386eSCy Schubert 296e0c4386eSCy Schubert[7-ECDSA Signature Algorithm Selection SHA384-server] 297e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 298e0c4386eSCy SchubertCipherString = DEFAULT 299e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 300e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 301e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 302e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 303e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 304e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 305e0c4386eSCy SchubertMaxProtocol = TLSv1.2 306e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 307e0c4386eSCy Schubert 308e0c4386eSCy Schubert[7-ECDSA Signature Algorithm Selection SHA384-client] 309e0c4386eSCy SchubertCipherString = DEFAULT 310e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA384 311e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 312e0c4386eSCy SchubertVerifyMode = Peer 313e0c4386eSCy Schubert 314e0c4386eSCy Schubert[test-7] 315e0c4386eSCy SchubertExpectedResult = Success 316e0c4386eSCy SchubertExpectedServerCertType = P-256 317e0c4386eSCy SchubertExpectedServerSignHash = SHA384 318e0c4386eSCy SchubertExpectedServerSignType = EC 319e0c4386eSCy Schubert 320e0c4386eSCy Schubert 321e0c4386eSCy Schubert# =========================================================== 322e0c4386eSCy Schubert 323e0c4386eSCy Schubert[8-ECDSA Signature Algorithm Selection compressed point] 324e0c4386eSCy Schubertssl_conf = 8-ECDSA Signature Algorithm Selection compressed point-ssl 325e0c4386eSCy Schubert 326e0c4386eSCy Schubert[8-ECDSA Signature Algorithm Selection compressed point-ssl] 327e0c4386eSCy Schubertserver = 8-ECDSA Signature Algorithm Selection compressed point-server 328e0c4386eSCy Schubertclient = 8-ECDSA Signature Algorithm Selection compressed point-client 329e0c4386eSCy Schubert 330e0c4386eSCy Schubert[8-ECDSA Signature Algorithm Selection compressed point-server] 331e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 332e0c4386eSCy SchubertCipherString = DEFAULT 333e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem 334e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem 335e0c4386eSCy SchubertMaxProtocol = TLSv1.2 336e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 337e0c4386eSCy Schubert 338e0c4386eSCy Schubert[8-ECDSA Signature Algorithm Selection compressed point-client] 339e0c4386eSCy SchubertCipherString = DEFAULT 340e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256 341e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 342e0c4386eSCy SchubertVerifyMode = Peer 343e0c4386eSCy Schubert 344e0c4386eSCy Schubert[test-8] 345e0c4386eSCy SchubertExpectedResult = Success 346e0c4386eSCy SchubertExpectedServerCertType = P-256 347e0c4386eSCy SchubertExpectedServerSignHash = SHA256 348e0c4386eSCy SchubertExpectedServerSignType = EC 349e0c4386eSCy Schubert 350e0c4386eSCy Schubert 351e0c4386eSCy Schubert# =========================================================== 352e0c4386eSCy Schubert 353e0c4386eSCy Schubert[9-ECDSA Signature Algorithm Selection, no ECDSA certificate] 354e0c4386eSCy Schubertssl_conf = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl 355e0c4386eSCy Schubert 356e0c4386eSCy Schubert[9-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl] 357e0c4386eSCy Schubertserver = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate-server 358e0c4386eSCy Schubertclient = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate-client 359e0c4386eSCy Schubert 360e0c4386eSCy Schubert[9-ECDSA Signature Algorithm Selection, no ECDSA certificate-server] 361e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 362e0c4386eSCy SchubertCipherString = DEFAULT 363e0c4386eSCy SchubertMaxProtocol = TLSv1.2 364e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 365e0c4386eSCy Schubert 366e0c4386eSCy Schubert[9-ECDSA Signature Algorithm Selection, no ECDSA certificate-client] 367e0c4386eSCy SchubertCipherString = DEFAULT 368e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256 369e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 370e0c4386eSCy SchubertVerifyMode = Peer 371e0c4386eSCy Schubert 372e0c4386eSCy Schubert[test-9] 373e0c4386eSCy SchubertExpectedResult = ServerFail 374e0c4386eSCy Schubert 375e0c4386eSCy Schubert 376e0c4386eSCy Schubert# =========================================================== 377e0c4386eSCy Schubert 378e0c4386eSCy Schubert[10-RSA Signature Algorithm Selection] 379e0c4386eSCy Schubertssl_conf = 10-RSA Signature Algorithm Selection-ssl 380e0c4386eSCy Schubert 381e0c4386eSCy Schubert[10-RSA Signature Algorithm Selection-ssl] 382e0c4386eSCy Schubertserver = 10-RSA Signature Algorithm Selection-server 383e0c4386eSCy Schubertclient = 10-RSA Signature Algorithm Selection-client 384e0c4386eSCy Schubert 385e0c4386eSCy Schubert[10-RSA Signature Algorithm Selection-server] 386e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 387e0c4386eSCy SchubertCipherString = DEFAULT 388e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 389e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 390e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 391e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 392e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 393e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 394e0c4386eSCy SchubertMaxProtocol = TLSv1.2 395e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 396e0c4386eSCy Schubert 397e0c4386eSCy Schubert[10-RSA Signature Algorithm Selection-client] 398e0c4386eSCy SchubertCipherString = DEFAULT 399e0c4386eSCy SchubertSignatureAlgorithms = RSA+SHA256 400e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 401e0c4386eSCy SchubertVerifyMode = Peer 402e0c4386eSCy Schubert 403e0c4386eSCy Schubert[test-10] 404e0c4386eSCy SchubertExpectedResult = Success 405e0c4386eSCy SchubertExpectedServerCertType = RSA 406e0c4386eSCy SchubertExpectedServerSignHash = SHA256 407e0c4386eSCy SchubertExpectedServerSignType = RSA 408e0c4386eSCy Schubert 409e0c4386eSCy Schubert 410e0c4386eSCy Schubert# =========================================================== 411e0c4386eSCy Schubert 412e0c4386eSCy Schubert[11-RSA-PSS Signature Algorithm Selection] 413e0c4386eSCy Schubertssl_conf = 11-RSA-PSS Signature Algorithm Selection-ssl 414e0c4386eSCy Schubert 415e0c4386eSCy Schubert[11-RSA-PSS Signature Algorithm Selection-ssl] 416e0c4386eSCy Schubertserver = 11-RSA-PSS Signature Algorithm Selection-server 417e0c4386eSCy Schubertclient = 11-RSA-PSS Signature Algorithm Selection-client 418e0c4386eSCy Schubert 419e0c4386eSCy Schubert[11-RSA-PSS Signature Algorithm Selection-server] 420e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 421e0c4386eSCy SchubertCipherString = DEFAULT 422e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 423e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 424e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 425e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 426e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 427e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 428e0c4386eSCy SchubertMaxProtocol = TLSv1.2 429e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 430e0c4386eSCy Schubert 431e0c4386eSCy Schubert[11-RSA-PSS Signature Algorithm Selection-client] 432e0c4386eSCy SchubertCipherString = DEFAULT 433e0c4386eSCy SchubertSignatureAlgorithms = RSA-PSS+SHA256 434e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 435e0c4386eSCy SchubertVerifyMode = Peer 436e0c4386eSCy Schubert 437e0c4386eSCy Schubert[test-11] 438e0c4386eSCy SchubertExpectedResult = Success 439e0c4386eSCy SchubertExpectedServerCertType = RSA 440e0c4386eSCy SchubertExpectedServerSignHash = SHA256 441e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 442e0c4386eSCy Schubert 443e0c4386eSCy Schubert 444e0c4386eSCy Schubert# =========================================================== 445e0c4386eSCy Schubert 446e0c4386eSCy Schubert[12-RSA key exchange with all RSA certificate types] 447e0c4386eSCy Schubertssl_conf = 12-RSA key exchange with all RSA certificate types-ssl 448e0c4386eSCy Schubert 449e0c4386eSCy Schubert[12-RSA key exchange with all RSA certificate types-ssl] 450e0c4386eSCy Schubertserver = 12-RSA key exchange with all RSA certificate types-server 451e0c4386eSCy Schubertclient = 12-RSA key exchange with all RSA certificate types-client 452e0c4386eSCy Schubert 453e0c4386eSCy Schubert[12-RSA key exchange with all RSA certificate types-server] 454e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 455e0c4386eSCy SchubertCipherString = DEFAULT 456e0c4386eSCy SchubertPSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem 457e0c4386eSCy SchubertPSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem 458e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 459e0c4386eSCy Schubert 460e0c4386eSCy Schubert[12-RSA key exchange with all RSA certificate types-client] 461e0c4386eSCy SchubertCipherString = kRSA 462e0c4386eSCy SchubertMaxProtocol = TLSv1.2 463e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 464e0c4386eSCy SchubertVerifyMode = Peer 465e0c4386eSCy Schubert 466e0c4386eSCy Schubert[test-12] 467e0c4386eSCy SchubertExpectedResult = Success 468e0c4386eSCy SchubertExpectedServerCertType = RSA 469e0c4386eSCy Schubert 470e0c4386eSCy Schubert 471e0c4386eSCy Schubert# =========================================================== 472e0c4386eSCy Schubert 473e0c4386eSCy Schubert[13-Suite B P-256 Hash Algorithm Selection] 474e0c4386eSCy Schubertssl_conf = 13-Suite B P-256 Hash Algorithm Selection-ssl 475e0c4386eSCy Schubert 476e0c4386eSCy Schubert[13-Suite B P-256 Hash Algorithm Selection-ssl] 477e0c4386eSCy Schubertserver = 13-Suite B P-256 Hash Algorithm Selection-server 478e0c4386eSCy Schubertclient = 13-Suite B P-256 Hash Algorithm Selection-client 479e0c4386eSCy Schubert 480e0c4386eSCy Schubert[13-Suite B P-256 Hash Algorithm Selection-server] 481e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 482e0c4386eSCy SchubertCipherString = SUITEB128 483e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem 484e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p256-server-key.pem 485e0c4386eSCy SchubertMaxProtocol = TLSv1.2 486e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 487e0c4386eSCy Schubert 488e0c4386eSCy Schubert[13-Suite B P-256 Hash Algorithm Selection-client] 489e0c4386eSCy SchubertCipherString = DEFAULT 490e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256 491e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem 492e0c4386eSCy SchubertVerifyMode = Peer 493e0c4386eSCy Schubert 494e0c4386eSCy Schubert[test-13] 495e0c4386eSCy SchubertExpectedResult = Success 496e0c4386eSCy SchubertExpectedServerCertType = P-256 497e0c4386eSCy SchubertExpectedServerSignHash = SHA256 498e0c4386eSCy SchubertExpectedServerSignType = EC 499e0c4386eSCy Schubert 500e0c4386eSCy Schubert 501e0c4386eSCy Schubert# =========================================================== 502e0c4386eSCy Schubert 503e0c4386eSCy Schubert[14-Suite B P-384 Hash Algorithm Selection] 504e0c4386eSCy Schubertssl_conf = 14-Suite B P-384 Hash Algorithm Selection-ssl 505e0c4386eSCy Schubert 506e0c4386eSCy Schubert[14-Suite B P-384 Hash Algorithm Selection-ssl] 507e0c4386eSCy Schubertserver = 14-Suite B P-384 Hash Algorithm Selection-server 508e0c4386eSCy Schubertclient = 14-Suite B P-384 Hash Algorithm Selection-client 509e0c4386eSCy Schubert 510e0c4386eSCy Schubert[14-Suite B P-384 Hash Algorithm Selection-server] 511e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 512e0c4386eSCy SchubertCipherString = SUITEB128 513e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem 514e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem 515e0c4386eSCy SchubertMaxProtocol = TLSv1.2 516e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 517e0c4386eSCy Schubert 518e0c4386eSCy Schubert[14-Suite B P-384 Hash Algorithm Selection-client] 519e0c4386eSCy SchubertCipherString = DEFAULT 520e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384 521e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem 522e0c4386eSCy SchubertVerifyMode = Peer 523e0c4386eSCy Schubert 524e0c4386eSCy Schubert[test-14] 525e0c4386eSCy SchubertExpectedResult = Success 526e0c4386eSCy SchubertExpectedServerCertType = P-384 527e0c4386eSCy SchubertExpectedServerSignHash = SHA384 528e0c4386eSCy SchubertExpectedServerSignType = EC 529e0c4386eSCy Schubert 530e0c4386eSCy Schubert 531e0c4386eSCy Schubert# =========================================================== 532e0c4386eSCy Schubert 533e0c4386eSCy Schubert[15-Ed25519 CipherString and Signature Algorithm Selection] 534e0c4386eSCy Schubertssl_conf = 15-Ed25519 CipherString and Signature Algorithm Selection-ssl 535e0c4386eSCy Schubert 536e0c4386eSCy Schubert[15-Ed25519 CipherString and Signature Algorithm Selection-ssl] 537e0c4386eSCy Schubertserver = 15-Ed25519 CipherString and Signature Algorithm Selection-server 538e0c4386eSCy Schubertclient = 15-Ed25519 CipherString and Signature Algorithm Selection-client 539e0c4386eSCy Schubert 540e0c4386eSCy Schubert[15-Ed25519 CipherString and Signature Algorithm Selection-server] 541e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 542e0c4386eSCy SchubertCipherString = DEFAULT 543e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 544e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 545e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 546e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 547e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 548e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 549e0c4386eSCy SchubertMaxProtocol = TLSv1.2 550e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 551e0c4386eSCy Schubert 552e0c4386eSCy Schubert[15-Ed25519 CipherString and Signature Algorithm Selection-client] 553e0c4386eSCy SchubertCipherString = aECDSA 554e0c4386eSCy SchubertMaxProtocol = TLSv1.2 555e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 556e0c4386eSCy SchubertSignatureAlgorithms = ed25519:ECDSA+SHA256 557e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 558e0c4386eSCy SchubertVerifyMode = Peer 559e0c4386eSCy Schubert 560e0c4386eSCy Schubert[test-15] 561e0c4386eSCy SchubertExpectedResult = Success 562e0c4386eSCy SchubertExpectedServerCANames = empty 563e0c4386eSCy SchubertExpectedServerCertType = Ed25519 564e0c4386eSCy SchubertExpectedServerSignType = Ed25519 565e0c4386eSCy Schubert 566e0c4386eSCy Schubert 567e0c4386eSCy Schubert# =========================================================== 568e0c4386eSCy Schubert 569e0c4386eSCy Schubert[16-Ed448 CipherString and Signature Algorithm Selection] 570e0c4386eSCy Schubertssl_conf = 16-Ed448 CipherString and Signature Algorithm Selection-ssl 571e0c4386eSCy Schubert 572e0c4386eSCy Schubert[16-Ed448 CipherString and Signature Algorithm Selection-ssl] 573e0c4386eSCy Schubertserver = 16-Ed448 CipherString and Signature Algorithm Selection-server 574e0c4386eSCy Schubertclient = 16-Ed448 CipherString and Signature Algorithm Selection-client 575e0c4386eSCy Schubert 576e0c4386eSCy Schubert[16-Ed448 CipherString and Signature Algorithm Selection-server] 577e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 578e0c4386eSCy SchubertCipherString = DEFAULT 579e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 580e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 581e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 582e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 583e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 584e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 585e0c4386eSCy SchubertMaxProtocol = TLSv1.2 586e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 587e0c4386eSCy Schubert 588e0c4386eSCy Schubert[16-Ed448 CipherString and Signature Algorithm Selection-client] 589e0c4386eSCy SchubertCipherString = aECDSA 590e0c4386eSCy SchubertMaxProtocol = TLSv1.2 591e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem 592e0c4386eSCy SchubertSignatureAlgorithms = ed448:ECDSA+SHA256 593e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem 594e0c4386eSCy SchubertVerifyMode = Peer 595e0c4386eSCy Schubert 596e0c4386eSCy Schubert[test-16] 597e0c4386eSCy SchubertExpectedResult = Success 598e0c4386eSCy SchubertExpectedServerCANames = empty 599e0c4386eSCy SchubertExpectedServerCertType = Ed448 600e0c4386eSCy SchubertExpectedServerSignType = Ed448 601e0c4386eSCy Schubert 602e0c4386eSCy Schubert 603e0c4386eSCy Schubert# =========================================================== 604e0c4386eSCy Schubert 605*44096ebdSEnji Cooper[17-TLS 1.2 Ed25519 Client Auth] 606*44096ebdSEnji Cooperssl_conf = 17-TLS 1.2 Ed25519 Client Auth-ssl 607e0c4386eSCy Schubert 608*44096ebdSEnji Cooper[17-TLS 1.2 Ed25519 Client Auth-ssl] 609*44096ebdSEnji Cooperserver = 17-TLS 1.2 Ed25519 Client Auth-server 610*44096ebdSEnji Cooperclient = 17-TLS 1.2 Ed25519 Client Auth-client 611e0c4386eSCy Schubert 612*44096ebdSEnji Cooper[17-TLS 1.2 Ed25519 Client Auth-server] 613e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 614e0c4386eSCy SchubertCipherString = DEFAULT 615e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 616e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 617e0c4386eSCy SchubertVerifyMode = Require 618e0c4386eSCy Schubert 619*44096ebdSEnji Cooper[17-TLS 1.2 Ed25519 Client Auth-client] 620e0c4386eSCy SchubertCipherString = DEFAULT 621e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem 622e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem 623e0c4386eSCy SchubertMaxProtocol = TLSv1.2 624e0c4386eSCy SchubertMinProtocol = TLSv1.2 625e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 626e0c4386eSCy SchubertVerifyMode = Peer 627e0c4386eSCy Schubert 628*44096ebdSEnji Cooper[test-17] 629e0c4386eSCy SchubertExpectedClientCertType = Ed25519 630e0c4386eSCy SchubertExpectedClientSignType = Ed25519 631e0c4386eSCy SchubertExpectedResult = Success 632e0c4386eSCy Schubert 633e0c4386eSCy Schubert 634e0c4386eSCy Schubert# =========================================================== 635e0c4386eSCy Schubert 636*44096ebdSEnji Cooper[18-TLS 1.2 Ed448 Client Auth] 637*44096ebdSEnji Cooperssl_conf = 18-TLS 1.2 Ed448 Client Auth-ssl 638e0c4386eSCy Schubert 639*44096ebdSEnji Cooper[18-TLS 1.2 Ed448 Client Auth-ssl] 640*44096ebdSEnji Cooperserver = 18-TLS 1.2 Ed448 Client Auth-server 641*44096ebdSEnji Cooperclient = 18-TLS 1.2 Ed448 Client Auth-client 642e0c4386eSCy Schubert 643*44096ebdSEnji Cooper[18-TLS 1.2 Ed448 Client Auth-server] 644e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 645e0c4386eSCy SchubertCipherString = DEFAULT 646e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 647e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 648e0c4386eSCy SchubertVerifyMode = Require 649e0c4386eSCy Schubert 650*44096ebdSEnji Cooper[18-TLS 1.2 Ed448 Client Auth-client] 651e0c4386eSCy SchubertCipherString = DEFAULT 652e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem 653e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem 654e0c4386eSCy SchubertMaxProtocol = TLSv1.2 655e0c4386eSCy SchubertMinProtocol = TLSv1.2 656e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 657e0c4386eSCy SchubertVerifyMode = Peer 658e0c4386eSCy Schubert 659*44096ebdSEnji Cooper[test-18] 660e0c4386eSCy SchubertExpectedClientCertType = Ed448 661e0c4386eSCy SchubertExpectedClientSignType = Ed448 662e0c4386eSCy SchubertExpectedResult = Success 663e0c4386eSCy Schubert 664e0c4386eSCy Schubert 665e0c4386eSCy Schubert# =========================================================== 666e0c4386eSCy Schubert 667*44096ebdSEnji Cooper[19-ECDSA Signature Algorithm Selection SHA1] 668*44096ebdSEnji Cooperssl_conf = 19-ECDSA Signature Algorithm Selection SHA1-ssl 669e0c4386eSCy Schubert 670*44096ebdSEnji Cooper[19-ECDSA Signature Algorithm Selection SHA1-ssl] 671*44096ebdSEnji Cooperserver = 19-ECDSA Signature Algorithm Selection SHA1-server 672*44096ebdSEnji Cooperclient = 19-ECDSA Signature Algorithm Selection SHA1-client 673e0c4386eSCy Schubert 674*44096ebdSEnji Cooper[19-ECDSA Signature Algorithm Selection SHA1-server] 675e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 676e0c4386eSCy SchubertCipherString = DEFAULT:@SECLEVEL=0 677e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 678e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 679e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 680e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 681e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 682e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 683e0c4386eSCy SchubertMaxProtocol = TLSv1.2 684e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 685e0c4386eSCy Schubert 686*44096ebdSEnji Cooper[19-ECDSA Signature Algorithm Selection SHA1-client] 687e0c4386eSCy SchubertCipherString = DEFAULT:@SECLEVEL=0 688e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA1 689e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 690e0c4386eSCy SchubertVerifyMode = Peer 691e0c4386eSCy Schubert 692*44096ebdSEnji Cooper[test-19] 693e0c4386eSCy SchubertExpectedResult = Success 694e0c4386eSCy SchubertExpectedServerCertType = P-256 695e0c4386eSCy SchubertExpectedServerSignHash = SHA1 696e0c4386eSCy SchubertExpectedServerSignType = EC 697e0c4386eSCy Schubert 698e0c4386eSCy Schubert 699e0c4386eSCy Schubert# =========================================================== 700e0c4386eSCy Schubert 701*44096ebdSEnji Cooper[20-ECDSA with brainpool] 702*44096ebdSEnji Cooperssl_conf = 20-ECDSA with brainpool-ssl 703e0c4386eSCy Schubert 704*44096ebdSEnji Cooper[20-ECDSA with brainpool-ssl] 705*44096ebdSEnji Cooperserver = 20-ECDSA with brainpool-server 706*44096ebdSEnji Cooperclient = 20-ECDSA with brainpool-client 707e0c4386eSCy Schubert 708*44096ebdSEnji Cooper[20-ECDSA with brainpool-server] 709e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem 710e0c4386eSCy SchubertCipherString = DEFAULT 711e0c4386eSCy SchubertGroups = brainpoolP256r1 712e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem 713e0c4386eSCy Schubert 714*44096ebdSEnji Cooper[20-ECDSA with brainpool-client] 715e0c4386eSCy SchubertCipherString = aECDSA 716e0c4386eSCy SchubertGroups = brainpoolP256r1 717e0c4386eSCy SchubertMaxProtocol = TLSv1.2 718e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 719e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 720e0c4386eSCy SchubertVerifyMode = Peer 721e0c4386eSCy Schubert 722*44096ebdSEnji Cooper[test-20] 723e0c4386eSCy SchubertExpectedResult = Success 724e0c4386eSCy SchubertExpectedServerCANames = empty 725e0c4386eSCy SchubertExpectedServerCertType = brainpoolP256r1 726e0c4386eSCy SchubertExpectedServerSignType = EC 727e0c4386eSCy Schubert 728e0c4386eSCy Schubert 729e0c4386eSCy Schubert# =========================================================== 730e0c4386eSCy Schubert 731*44096ebdSEnji Cooper[21-Ed25519 CipherString and Curves Selection] 732*44096ebdSEnji Cooperssl_conf = 21-Ed25519 CipherString and Curves Selection-ssl 733*44096ebdSEnji Cooper 734*44096ebdSEnji Cooper[21-Ed25519 CipherString and Curves Selection-ssl] 735*44096ebdSEnji Cooperserver = 21-Ed25519 CipherString and Curves Selection-server 736*44096ebdSEnji Cooperclient = 21-Ed25519 CipherString and Curves Selection-client 737*44096ebdSEnji Cooper 738*44096ebdSEnji Cooper[21-Ed25519 CipherString and Curves Selection-server] 739*44096ebdSEnji CooperCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 740*44096ebdSEnji CooperCipherString = DEFAULT 741*44096ebdSEnji CooperECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 742*44096ebdSEnji CooperECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 743*44096ebdSEnji CooperEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 744*44096ebdSEnji CooperEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 745*44096ebdSEnji CooperEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 746*44096ebdSEnji CooperEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 747*44096ebdSEnji CooperMaxProtocol = TLSv1.2 748*44096ebdSEnji CooperPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 749*44096ebdSEnji Cooper 750*44096ebdSEnji Cooper[21-Ed25519 CipherString and Curves Selection-client] 751*44096ebdSEnji CooperCipherString = aECDSA 752*44096ebdSEnji CooperCurves = X25519 753*44096ebdSEnji CooperMaxProtocol = TLSv1.2 754*44096ebdSEnji CooperSignatureAlgorithms = ECDSA+SHA256:ed25519 755*44096ebdSEnji CooperVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 756*44096ebdSEnji CooperVerifyMode = Peer 757*44096ebdSEnji Cooper 758*44096ebdSEnji Cooper[test-21] 759*44096ebdSEnji CooperExpectedResult = Success 760*44096ebdSEnji CooperExpectedServerCertType = Ed25519 761*44096ebdSEnji CooperExpectedServerSignType = Ed25519 762*44096ebdSEnji Cooper 763*44096ebdSEnji Cooper 764*44096ebdSEnji Cooper# =========================================================== 765*44096ebdSEnji Cooper 766*44096ebdSEnji Cooper[22-Ed448 CipherString and Curves Selection] 767*44096ebdSEnji Cooperssl_conf = 22-Ed448 CipherString and Curves Selection-ssl 768*44096ebdSEnji Cooper 769*44096ebdSEnji Cooper[22-Ed448 CipherString and Curves Selection-ssl] 770*44096ebdSEnji Cooperserver = 22-Ed448 CipherString and Curves Selection-server 771*44096ebdSEnji Cooperclient = 22-Ed448 CipherString and Curves Selection-client 772*44096ebdSEnji Cooper 773*44096ebdSEnji Cooper[22-Ed448 CipherString and Curves Selection-server] 774*44096ebdSEnji CooperCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 775*44096ebdSEnji CooperCipherString = DEFAULT 776*44096ebdSEnji CooperECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 777*44096ebdSEnji CooperECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 778*44096ebdSEnji CooperEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 779*44096ebdSEnji CooperEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 780*44096ebdSEnji CooperEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 781*44096ebdSEnji CooperEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 782*44096ebdSEnji CooperMaxProtocol = TLSv1.2 783*44096ebdSEnji CooperPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 784*44096ebdSEnji Cooper 785*44096ebdSEnji Cooper[22-Ed448 CipherString and Curves Selection-client] 786*44096ebdSEnji CooperCipherString = aECDSA 787*44096ebdSEnji CooperCurves = X448 788*44096ebdSEnji CooperMaxProtocol = TLSv1.2 789*44096ebdSEnji CooperSignatureAlgorithms = ECDSA+SHA256:ed448 790*44096ebdSEnji CooperVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem 791*44096ebdSEnji CooperVerifyMode = Peer 792*44096ebdSEnji Cooper 793*44096ebdSEnji Cooper[test-22] 794*44096ebdSEnji CooperExpectedResult = Success 795*44096ebdSEnji CooperExpectedServerCertType = Ed448 796*44096ebdSEnji CooperExpectedServerSignType = Ed448 797*44096ebdSEnji Cooper 798*44096ebdSEnji Cooper 799*44096ebdSEnji Cooper# =========================================================== 800*44096ebdSEnji Cooper 801e0c4386eSCy Schubert[23-RSA-PSS Certificate CipherString Selection] 802e0c4386eSCy Schubertssl_conf = 23-RSA-PSS Certificate CipherString Selection-ssl 803e0c4386eSCy Schubert 804e0c4386eSCy Schubert[23-RSA-PSS Certificate CipherString Selection-ssl] 805e0c4386eSCy Schubertserver = 23-RSA-PSS Certificate CipherString Selection-server 806e0c4386eSCy Schubertclient = 23-RSA-PSS Certificate CipherString Selection-client 807e0c4386eSCy Schubert 808e0c4386eSCy Schubert[23-RSA-PSS Certificate CipherString Selection-server] 809e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 810e0c4386eSCy SchubertCipherString = DEFAULT 811e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 812e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 813e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 814e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 815e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 816e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 817e0c4386eSCy SchubertMaxProtocol = TLSv1.2 818e0c4386eSCy SchubertPSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem 819e0c4386eSCy SchubertPSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem 820e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 821e0c4386eSCy Schubert 822e0c4386eSCy Schubert[23-RSA-PSS Certificate CipherString Selection-client] 823e0c4386eSCy SchubertCipherString = aRSA 824e0c4386eSCy SchubertMaxProtocol = TLSv1.2 825e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 826e0c4386eSCy SchubertVerifyMode = Peer 827e0c4386eSCy Schubert 828e0c4386eSCy Schubert[test-23] 829e0c4386eSCy SchubertExpectedResult = Success 830e0c4386eSCy SchubertExpectedServerCertType = RSA-PSS 831e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 832e0c4386eSCy Schubert 833e0c4386eSCy Schubert 834e0c4386eSCy Schubert# =========================================================== 835e0c4386eSCy Schubert 836e0c4386eSCy Schubert[24-RSA-PSS Certificate Legacy Signature Algorithm Selection] 837e0c4386eSCy Schubertssl_conf = 24-RSA-PSS Certificate Legacy Signature Algorithm Selection-ssl 838e0c4386eSCy Schubert 839e0c4386eSCy Schubert[24-RSA-PSS Certificate Legacy Signature Algorithm Selection-ssl] 840e0c4386eSCy Schubertserver = 24-RSA-PSS Certificate Legacy Signature Algorithm Selection-server 841e0c4386eSCy Schubertclient = 24-RSA-PSS Certificate Legacy Signature Algorithm Selection-client 842e0c4386eSCy Schubert 843e0c4386eSCy Schubert[24-RSA-PSS Certificate Legacy Signature Algorithm Selection-server] 844e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 845e0c4386eSCy SchubertCipherString = DEFAULT 846e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 847e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 848e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 849e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 850e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 851e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 852e0c4386eSCy SchubertMaxProtocol = TLSv1.2 853e0c4386eSCy SchubertPSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem 854e0c4386eSCy SchubertPSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem 855e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 856e0c4386eSCy Schubert 857e0c4386eSCy Schubert[24-RSA-PSS Certificate Legacy Signature Algorithm Selection-client] 858e0c4386eSCy SchubertCipherString = DEFAULT 859e0c4386eSCy SchubertSignatureAlgorithms = RSA-PSS+SHA256 860e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 861e0c4386eSCy SchubertVerifyMode = Peer 862e0c4386eSCy Schubert 863e0c4386eSCy Schubert[test-24] 864e0c4386eSCy SchubertExpectedResult = Success 865e0c4386eSCy SchubertExpectedServerCertType = RSA 866e0c4386eSCy SchubertExpectedServerSignHash = SHA256 867e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 868e0c4386eSCy Schubert 869e0c4386eSCy Schubert 870e0c4386eSCy Schubert# =========================================================== 871e0c4386eSCy Schubert 872e0c4386eSCy Schubert[25-RSA-PSS Certificate Unified Signature Algorithm Selection] 873e0c4386eSCy Schubertssl_conf = 25-RSA-PSS Certificate Unified Signature Algorithm Selection-ssl 874e0c4386eSCy Schubert 875e0c4386eSCy Schubert[25-RSA-PSS Certificate Unified Signature Algorithm Selection-ssl] 876e0c4386eSCy Schubertserver = 25-RSA-PSS Certificate Unified Signature Algorithm Selection-server 877e0c4386eSCy Schubertclient = 25-RSA-PSS Certificate Unified Signature Algorithm Selection-client 878e0c4386eSCy Schubert 879e0c4386eSCy Schubert[25-RSA-PSS Certificate Unified Signature Algorithm Selection-server] 880e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 881e0c4386eSCy SchubertCipherString = DEFAULT 882e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 883e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 884e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 885e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 886e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 887e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 888e0c4386eSCy SchubertMaxProtocol = TLSv1.2 889e0c4386eSCy SchubertPSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem 890e0c4386eSCy SchubertPSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem 891e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 892e0c4386eSCy Schubert 893e0c4386eSCy Schubert[25-RSA-PSS Certificate Unified Signature Algorithm Selection-client] 894e0c4386eSCy SchubertCipherString = DEFAULT 895e0c4386eSCy SchubertSignatureAlgorithms = rsa_pss_pss_sha256 896e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 897e0c4386eSCy SchubertVerifyMode = Peer 898e0c4386eSCy Schubert 899e0c4386eSCy Schubert[test-25] 900e0c4386eSCy SchubertExpectedResult = Success 901e0c4386eSCy SchubertExpectedServerCertType = RSA-PSS 902e0c4386eSCy SchubertExpectedServerSignHash = SHA256 903e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 904e0c4386eSCy Schubert 905e0c4386eSCy Schubert 906e0c4386eSCy Schubert# =========================================================== 907e0c4386eSCy Schubert 908e0c4386eSCy Schubert[26-Only RSA-PSS Certificate] 909e0c4386eSCy Schubertssl_conf = 26-Only RSA-PSS Certificate-ssl 910e0c4386eSCy Schubert 911e0c4386eSCy Schubert[26-Only RSA-PSS Certificate-ssl] 912e0c4386eSCy Schubertserver = 26-Only RSA-PSS Certificate-server 913e0c4386eSCy Schubertclient = 26-Only RSA-PSS Certificate-client 914e0c4386eSCy Schubert 915e0c4386eSCy Schubert[26-Only RSA-PSS Certificate-server] 916e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem 917e0c4386eSCy SchubertCipherString = DEFAULT 918e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem 919e0c4386eSCy Schubert 920e0c4386eSCy Schubert[26-Only RSA-PSS Certificate-client] 921e0c4386eSCy SchubertCipherString = DEFAULT 922e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 923e0c4386eSCy SchubertVerifyMode = Peer 924e0c4386eSCy Schubert 925e0c4386eSCy Schubert[test-26] 926e0c4386eSCy SchubertExpectedResult = Success 927e0c4386eSCy SchubertExpectedServerCertType = RSA-PSS 928e0c4386eSCy SchubertExpectedServerSignHash = SHA256 929e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 930e0c4386eSCy Schubert 931e0c4386eSCy Schubert 932e0c4386eSCy Schubert# =========================================================== 933e0c4386eSCy Schubert 934e0c4386eSCy Schubert[27-Only RSA-PSS Certificate Valid Signature Algorithms] 935e0c4386eSCy Schubertssl_conf = 27-Only RSA-PSS Certificate Valid Signature Algorithms-ssl 936e0c4386eSCy Schubert 937e0c4386eSCy Schubert[27-Only RSA-PSS Certificate Valid Signature Algorithms-ssl] 938e0c4386eSCy Schubertserver = 27-Only RSA-PSS Certificate Valid Signature Algorithms-server 939e0c4386eSCy Schubertclient = 27-Only RSA-PSS Certificate Valid Signature Algorithms-client 940e0c4386eSCy Schubert 941e0c4386eSCy Schubert[27-Only RSA-PSS Certificate Valid Signature Algorithms-server] 942e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem 943e0c4386eSCy SchubertCipherString = DEFAULT 944e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem 945e0c4386eSCy Schubert 946e0c4386eSCy Schubert[27-Only RSA-PSS Certificate Valid Signature Algorithms-client] 947e0c4386eSCy SchubertCipherString = DEFAULT 948e0c4386eSCy SchubertSignatureAlgorithms = rsa_pss_pss_sha512 949e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 950e0c4386eSCy SchubertVerifyMode = Peer 951e0c4386eSCy Schubert 952e0c4386eSCy Schubert[test-27] 953e0c4386eSCy SchubertExpectedResult = Success 954e0c4386eSCy SchubertExpectedServerCertType = RSA-PSS 955e0c4386eSCy SchubertExpectedServerSignHash = SHA512 956e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 957e0c4386eSCy Schubert 958e0c4386eSCy Schubert 959e0c4386eSCy Schubert# =========================================================== 960e0c4386eSCy Schubert 961e0c4386eSCy Schubert[28-RSA-PSS Certificate, no PSS signature algorithms] 962e0c4386eSCy Schubertssl_conf = 28-RSA-PSS Certificate, no PSS signature algorithms-ssl 963e0c4386eSCy Schubert 964e0c4386eSCy Schubert[28-RSA-PSS Certificate, no PSS signature algorithms-ssl] 965e0c4386eSCy Schubertserver = 28-RSA-PSS Certificate, no PSS signature algorithms-server 966e0c4386eSCy Schubertclient = 28-RSA-PSS Certificate, no PSS signature algorithms-client 967e0c4386eSCy Schubert 968e0c4386eSCy Schubert[28-RSA-PSS Certificate, no PSS signature algorithms-server] 969e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem 970e0c4386eSCy SchubertCipherString = DEFAULT 971e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem 972e0c4386eSCy Schubert 973e0c4386eSCy Schubert[28-RSA-PSS Certificate, no PSS signature algorithms-client] 974e0c4386eSCy SchubertCipherString = DEFAULT 975e0c4386eSCy SchubertSignatureAlgorithms = RSA+SHA256 976e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 977e0c4386eSCy SchubertVerifyMode = Peer 978e0c4386eSCy Schubert 979e0c4386eSCy Schubert[test-28] 980e0c4386eSCy SchubertExpectedResult = ServerFail 981e0c4386eSCy Schubert 982e0c4386eSCy Schubert 983e0c4386eSCy Schubert# =========================================================== 984e0c4386eSCy Schubert 985e0c4386eSCy Schubert[29-Only RSA-PSS Restricted Certificate] 986e0c4386eSCy Schubertssl_conf = 29-Only RSA-PSS Restricted Certificate-ssl 987e0c4386eSCy Schubert 988e0c4386eSCy Schubert[29-Only RSA-PSS Restricted Certificate-ssl] 989e0c4386eSCy Schubertserver = 29-Only RSA-PSS Restricted Certificate-server 990e0c4386eSCy Schubertclient = 29-Only RSA-PSS Restricted Certificate-client 991e0c4386eSCy Schubert 992e0c4386eSCy Schubert[29-Only RSA-PSS Restricted Certificate-server] 993e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem 994e0c4386eSCy SchubertCipherString = DEFAULT 995e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem 996e0c4386eSCy Schubert 997e0c4386eSCy Schubert[29-Only RSA-PSS Restricted Certificate-client] 998e0c4386eSCy SchubertCipherString = DEFAULT 999e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1000e0c4386eSCy SchubertVerifyMode = Peer 1001e0c4386eSCy Schubert 1002e0c4386eSCy Schubert[test-29] 1003e0c4386eSCy SchubertExpectedResult = Success 1004e0c4386eSCy SchubertExpectedServerCertType = RSA-PSS 1005e0c4386eSCy SchubertExpectedServerSignHash = SHA256 1006e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 1007e0c4386eSCy Schubert 1008e0c4386eSCy Schubert 1009e0c4386eSCy Schubert# =========================================================== 1010e0c4386eSCy Schubert 1011e0c4386eSCy Schubert[30-RSA-PSS Restricted Certificate Valid Signature Algorithms] 1012e0c4386eSCy Schubertssl_conf = 30-RSA-PSS Restricted Certificate Valid Signature Algorithms-ssl 1013e0c4386eSCy Schubert 1014e0c4386eSCy Schubert[30-RSA-PSS Restricted Certificate Valid Signature Algorithms-ssl] 1015e0c4386eSCy Schubertserver = 30-RSA-PSS Restricted Certificate Valid Signature Algorithms-server 1016e0c4386eSCy Schubertclient = 30-RSA-PSS Restricted Certificate Valid Signature Algorithms-client 1017e0c4386eSCy Schubert 1018e0c4386eSCy Schubert[30-RSA-PSS Restricted Certificate Valid Signature Algorithms-server] 1019e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem 1020e0c4386eSCy SchubertCipherString = DEFAULT 1021e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem 1022e0c4386eSCy Schubert 1023e0c4386eSCy Schubert[30-RSA-PSS Restricted Certificate Valid Signature Algorithms-client] 1024e0c4386eSCy SchubertCipherString = DEFAULT 1025e0c4386eSCy SchubertSignatureAlgorithms = rsa_pss_pss_sha256:rsa_pss_pss_sha512 1026e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1027e0c4386eSCy SchubertVerifyMode = Peer 1028e0c4386eSCy Schubert 1029e0c4386eSCy Schubert[test-30] 1030e0c4386eSCy SchubertExpectedResult = Success 1031e0c4386eSCy SchubertExpectedServerCertType = RSA-PSS 1032e0c4386eSCy SchubertExpectedServerSignHash = SHA256 1033e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 1034e0c4386eSCy Schubert 1035e0c4386eSCy Schubert 1036e0c4386eSCy Schubert# =========================================================== 1037e0c4386eSCy Schubert 1038e0c4386eSCy Schubert[31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm] 1039e0c4386eSCy Schubertssl_conf = 31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-ssl 1040e0c4386eSCy Schubert 1041e0c4386eSCy Schubert[31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-ssl] 1042e0c4386eSCy Schubertserver = 31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-server 1043e0c4386eSCy Schubertclient = 31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-client 1044e0c4386eSCy Schubert 1045e0c4386eSCy Schubert[31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-server] 1046e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem 1047e0c4386eSCy SchubertCipherString = DEFAULT 1048e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem 1049e0c4386eSCy Schubert 1050e0c4386eSCy Schubert[31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-client] 1051e0c4386eSCy SchubertCipherString = DEFAULT 1052e0c4386eSCy SchubertSignatureAlgorithms = rsa_pss_pss_sha512:rsa_pss_pss_sha256 1053e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1054e0c4386eSCy SchubertVerifyMode = Peer 1055e0c4386eSCy Schubert 1056e0c4386eSCy Schubert[test-31] 1057e0c4386eSCy SchubertExpectedResult = Success 1058e0c4386eSCy SchubertExpectedServerCertType = RSA-PSS 1059e0c4386eSCy SchubertExpectedServerSignHash = SHA256 1060e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 1061e0c4386eSCy Schubert 1062e0c4386eSCy Schubert 1063e0c4386eSCy Schubert# =========================================================== 1064e0c4386eSCy Schubert 1065e0c4386eSCy Schubert[32-RSA-PSS Restricted Certificate Invalid Signature Algorithms] 1066e0c4386eSCy Schubertssl_conf = 32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-ssl 1067e0c4386eSCy Schubert 1068e0c4386eSCy Schubert[32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-ssl] 1069e0c4386eSCy Schubertserver = 32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-server 1070e0c4386eSCy Schubertclient = 32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-client 1071e0c4386eSCy Schubert 1072e0c4386eSCy Schubert[32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-server] 1073e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem 1074e0c4386eSCy SchubertCipherString = DEFAULT 1075e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem 1076e0c4386eSCy Schubert 1077e0c4386eSCy Schubert[32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-client] 1078e0c4386eSCy SchubertCipherString = DEFAULT 1079e0c4386eSCy SchubertSignatureAlgorithms = rsa_pss_pss_sha512 1080e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1081e0c4386eSCy SchubertVerifyMode = Peer 1082e0c4386eSCy Schubert 1083e0c4386eSCy Schubert[test-32] 1084e0c4386eSCy SchubertExpectedResult = ServerFail 1085e0c4386eSCy Schubert 1086e0c4386eSCy Schubert 1087e0c4386eSCy Schubert# =========================================================== 1088e0c4386eSCy Schubert 1089e0c4386eSCy Schubert[33-RSA key exchange with only RSA-PSS certificate] 1090e0c4386eSCy Schubertssl_conf = 33-RSA key exchange with only RSA-PSS certificate-ssl 1091e0c4386eSCy Schubert 1092e0c4386eSCy Schubert[33-RSA key exchange with only RSA-PSS certificate-ssl] 1093e0c4386eSCy Schubertserver = 33-RSA key exchange with only RSA-PSS certificate-server 1094e0c4386eSCy Schubertclient = 33-RSA key exchange with only RSA-PSS certificate-client 1095e0c4386eSCy Schubert 1096e0c4386eSCy Schubert[33-RSA key exchange with only RSA-PSS certificate-server] 1097e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem 1098e0c4386eSCy SchubertCipherString = DEFAULT 1099e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem 1100e0c4386eSCy Schubert 1101e0c4386eSCy Schubert[33-RSA key exchange with only RSA-PSS certificate-client] 1102e0c4386eSCy SchubertCipherString = kRSA 1103e0c4386eSCy SchubertMaxProtocol = TLSv1.2 1104e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1105e0c4386eSCy SchubertVerifyMode = Peer 1106e0c4386eSCy Schubert 1107e0c4386eSCy Schubert[test-33] 1108e0c4386eSCy SchubertExpectedResult = ServerFail 1109e0c4386eSCy Schubert 1110e0c4386eSCy Schubert 1111e0c4386eSCy Schubert# =========================================================== 1112e0c4386eSCy Schubert 1113e0c4386eSCy Schubert[34-Only RSA-PSS Certificate, TLS v1.1] 1114e0c4386eSCy Schubertssl_conf = 34-Only RSA-PSS Certificate, TLS v1.1-ssl 1115e0c4386eSCy Schubert 1116e0c4386eSCy Schubert[34-Only RSA-PSS Certificate, TLS v1.1-ssl] 1117e0c4386eSCy Schubertserver = 34-Only RSA-PSS Certificate, TLS v1.1-server 1118e0c4386eSCy Schubertclient = 34-Only RSA-PSS Certificate, TLS v1.1-client 1119e0c4386eSCy Schubert 1120e0c4386eSCy Schubert[34-Only RSA-PSS Certificate, TLS v1.1-server] 1121e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem 1122e0c4386eSCy SchubertCipherString = DEFAULT 1123e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem 1124e0c4386eSCy Schubert 1125e0c4386eSCy Schubert[34-Only RSA-PSS Certificate, TLS v1.1-client] 1126e0c4386eSCy SchubertCipherString = DEFAULT 1127e0c4386eSCy SchubertMaxProtocol = TLSv1.1 1128e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1129e0c4386eSCy SchubertVerifyMode = Peer 1130e0c4386eSCy Schubert 1131e0c4386eSCy Schubert[test-34] 1132e0c4386eSCy SchubertExpectedResult = ServerFail 1133e0c4386eSCy Schubert 1134e0c4386eSCy Schubert 1135e0c4386eSCy Schubert# =========================================================== 1136e0c4386eSCy Schubert 1137e0c4386eSCy Schubert[35-TLS 1.3 ECDSA Signature Algorithm Selection] 1138e0c4386eSCy Schubertssl_conf = 35-TLS 1.3 ECDSA Signature Algorithm Selection-ssl 1139e0c4386eSCy Schubert 1140e0c4386eSCy Schubert[35-TLS 1.3 ECDSA Signature Algorithm Selection-ssl] 1141e0c4386eSCy Schubertserver = 35-TLS 1.3 ECDSA Signature Algorithm Selection-server 1142e0c4386eSCy Schubertclient = 35-TLS 1.3 ECDSA Signature Algorithm Selection-client 1143e0c4386eSCy Schubert 1144e0c4386eSCy Schubert[35-TLS 1.3 ECDSA Signature Algorithm Selection-server] 1145e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1146e0c4386eSCy SchubertCipherString = DEFAULT 1147e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1148e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1149e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1150e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1151e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1152e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1153e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1154e0c4386eSCy SchubertMinProtocol = TLSv1.3 1155e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1156e0c4386eSCy Schubert 1157e0c4386eSCy Schubert[35-TLS 1.3 ECDSA Signature Algorithm Selection-client] 1158e0c4386eSCy SchubertCipherString = DEFAULT 1159e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256 1160e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1161e0c4386eSCy SchubertVerifyMode = Peer 1162e0c4386eSCy Schubert 1163e0c4386eSCy Schubert[test-35] 1164e0c4386eSCy SchubertExpectedResult = Success 1165e0c4386eSCy SchubertExpectedServerCANames = empty 1166e0c4386eSCy SchubertExpectedServerCertType = P-256 1167e0c4386eSCy SchubertExpectedServerSignHash = SHA256 1168e0c4386eSCy SchubertExpectedServerSignType = EC 1169e0c4386eSCy Schubert 1170e0c4386eSCy Schubert 1171e0c4386eSCy Schubert# =========================================================== 1172e0c4386eSCy Schubert 1173e0c4386eSCy Schubert[36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point] 1174e0c4386eSCy Schubertssl_conf = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl 1175e0c4386eSCy Schubert 1176e0c4386eSCy Schubert[36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl] 1177e0c4386eSCy Schubertserver = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server 1178e0c4386eSCy Schubertclient = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client 1179e0c4386eSCy Schubert 1180e0c4386eSCy Schubert[36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server] 1181e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1182e0c4386eSCy SchubertCipherString = DEFAULT 1183e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem 1184e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem 1185e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1186e0c4386eSCy SchubertMinProtocol = TLSv1.3 1187e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1188e0c4386eSCy Schubert 1189e0c4386eSCy Schubert[36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client] 1190e0c4386eSCy SchubertCipherString = DEFAULT 1191e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256 1192e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1193e0c4386eSCy SchubertVerifyMode = Peer 1194e0c4386eSCy Schubert 1195e0c4386eSCy Schubert[test-36] 1196e0c4386eSCy SchubertExpectedResult = Success 1197e0c4386eSCy SchubertExpectedServerCANames = empty 1198e0c4386eSCy SchubertExpectedServerCertType = P-256 1199e0c4386eSCy SchubertExpectedServerSignHash = SHA256 1200e0c4386eSCy SchubertExpectedServerSignType = EC 1201e0c4386eSCy Schubert 1202e0c4386eSCy Schubert 1203e0c4386eSCy Schubert# =========================================================== 1204e0c4386eSCy Schubert 1205e0c4386eSCy Schubert[37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1] 1206e0c4386eSCy Schubertssl_conf = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl 1207e0c4386eSCy Schubert 1208e0c4386eSCy Schubert[37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl] 1209e0c4386eSCy Schubertserver = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server 1210e0c4386eSCy Schubertclient = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client 1211e0c4386eSCy Schubert 1212e0c4386eSCy Schubert[37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server] 1213e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1214e0c4386eSCy SchubertCipherString = DEFAULT:@SECLEVEL=0 1215e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1216e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1217e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1218e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1219e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1220e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1221e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1222e0c4386eSCy SchubertMinProtocol = TLSv1.3 1223e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1224e0c4386eSCy Schubert 1225e0c4386eSCy Schubert[37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client] 1226e0c4386eSCy SchubertCipherString = DEFAULT:@SECLEVEL=0 1227e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA1 1228e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1229e0c4386eSCy SchubertVerifyMode = Peer 1230e0c4386eSCy Schubert 1231e0c4386eSCy Schubert[test-37] 1232e0c4386eSCy SchubertExpectedResult = ServerFail 1233e0c4386eSCy Schubert 1234e0c4386eSCy Schubert 1235e0c4386eSCy Schubert# =========================================================== 1236e0c4386eSCy Schubert 1237e0c4386eSCy Schubert[38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS] 1238e0c4386eSCy Schubertssl_conf = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl 1239e0c4386eSCy Schubert 1240e0c4386eSCy Schubert[38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl] 1241e0c4386eSCy Schubertserver = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server 1242e0c4386eSCy Schubertclient = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client 1243e0c4386eSCy Schubert 1244e0c4386eSCy Schubert[38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server] 1245e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1246e0c4386eSCy SchubertCipherString = DEFAULT 1247e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1248e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1249e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1250e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1251e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1252e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1253e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1254e0c4386eSCy SchubertMinProtocol = TLSv1.3 1255e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1256e0c4386eSCy Schubert 1257e0c4386eSCy Schubert[38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client] 1258e0c4386eSCy SchubertCipherString = DEFAULT 1259e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1260e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256 1261e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1262e0c4386eSCy SchubertVerifyMode = Peer 1263e0c4386eSCy Schubert 1264e0c4386eSCy Schubert[test-38] 1265e0c4386eSCy SchubertExpectedResult = Success 1266e0c4386eSCy SchubertExpectedServerCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1267e0c4386eSCy SchubertExpectedServerCertType = P-256 1268e0c4386eSCy SchubertExpectedServerSignHash = SHA256 1269e0c4386eSCy SchubertExpectedServerSignType = EC 1270e0c4386eSCy Schubert 1271e0c4386eSCy Schubert 1272e0c4386eSCy Schubert# =========================================================== 1273e0c4386eSCy Schubert 1274e0c4386eSCy Schubert[39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS] 1275e0c4386eSCy Schubertssl_conf = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl 1276e0c4386eSCy Schubert 1277e0c4386eSCy Schubert[39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl] 1278e0c4386eSCy Schubertserver = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server 1279e0c4386eSCy Schubertclient = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client 1280e0c4386eSCy Schubert 1281e0c4386eSCy Schubert[39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server] 1282e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1283e0c4386eSCy SchubertCipherString = DEFAULT 1284e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1285e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1286e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1287e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1288e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1289e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1290e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1291e0c4386eSCy SchubertMinProtocol = TLSv1.3 1292e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1293e0c4386eSCy Schubert 1294e0c4386eSCy Schubert[39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client] 1295e0c4386eSCy SchubertCipherString = DEFAULT 1296e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384 1297e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1298e0c4386eSCy SchubertVerifyMode = Peer 1299e0c4386eSCy Schubert 1300e0c4386eSCy Schubert[test-39] 1301e0c4386eSCy SchubertExpectedResult = Success 1302e0c4386eSCy SchubertExpectedServerCertType = RSA 1303e0c4386eSCy SchubertExpectedServerSignHash = SHA384 1304e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 1305e0c4386eSCy Schubert 1306e0c4386eSCy Schubert 1307e0c4386eSCy Schubert# =========================================================== 1308e0c4386eSCy Schubert 1309e0c4386eSCy Schubert[40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate] 1310e0c4386eSCy Schubertssl_conf = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl 1311e0c4386eSCy Schubert 1312e0c4386eSCy Schubert[40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl] 1313e0c4386eSCy Schubertserver = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server 1314e0c4386eSCy Schubertclient = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client 1315e0c4386eSCy Schubert 1316e0c4386eSCy Schubert[40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server] 1317e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1318e0c4386eSCy SchubertCipherString = DEFAULT 1319e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1320e0c4386eSCy SchubertMinProtocol = TLSv1.3 1321e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1322e0c4386eSCy Schubert 1323e0c4386eSCy Schubert[40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client] 1324e0c4386eSCy SchubertCipherString = DEFAULT 1325e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256 1326e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1327e0c4386eSCy SchubertVerifyMode = Peer 1328e0c4386eSCy Schubert 1329e0c4386eSCy Schubert[test-40] 1330e0c4386eSCy SchubertExpectedResult = ServerFail 1331e0c4386eSCy Schubert 1332e0c4386eSCy Schubert 1333e0c4386eSCy Schubert# =========================================================== 1334e0c4386eSCy Schubert 1335e0c4386eSCy Schubert[41-TLS 1.3 RSA Signature Algorithm Selection, no PSS] 1336e0c4386eSCy Schubertssl_conf = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl 1337e0c4386eSCy Schubert 1338e0c4386eSCy Schubert[41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl] 1339e0c4386eSCy Schubertserver = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server 1340e0c4386eSCy Schubertclient = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client 1341e0c4386eSCy Schubert 1342e0c4386eSCy Schubert[41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server] 1343e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1344e0c4386eSCy SchubertCipherString = DEFAULT 1345e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1346e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1347e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1348e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1349e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1350e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1351e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1352e0c4386eSCy SchubertMinProtocol = TLSv1.3 1353e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1354e0c4386eSCy Schubert 1355e0c4386eSCy Schubert[41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client] 1356e0c4386eSCy SchubertCipherString = DEFAULT 1357e0c4386eSCy SchubertSignatureAlgorithms = RSA+SHA256 1358e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1359e0c4386eSCy SchubertVerifyMode = Peer 1360e0c4386eSCy Schubert 1361e0c4386eSCy Schubert[test-41] 1362e0c4386eSCy SchubertExpectedResult = ServerFail 1363e0c4386eSCy Schubert 1364e0c4386eSCy Schubert 1365e0c4386eSCy Schubert# =========================================================== 1366e0c4386eSCy Schubert 1367e0c4386eSCy Schubert[42-TLS 1.3 RSA-PSS Signature Algorithm Selection] 1368e0c4386eSCy Schubertssl_conf = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl 1369e0c4386eSCy Schubert 1370e0c4386eSCy Schubert[42-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl] 1371e0c4386eSCy Schubertserver = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection-server 1372e0c4386eSCy Schubertclient = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection-client 1373e0c4386eSCy Schubert 1374e0c4386eSCy Schubert[42-TLS 1.3 RSA-PSS Signature Algorithm Selection-server] 1375e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1376e0c4386eSCy SchubertCipherString = DEFAULT 1377e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1378e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1379e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1380e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1381e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1382e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1383e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1384e0c4386eSCy SchubertMinProtocol = TLSv1.3 1385e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1386e0c4386eSCy Schubert 1387e0c4386eSCy Schubert[42-TLS 1.3 RSA-PSS Signature Algorithm Selection-client] 1388e0c4386eSCy SchubertCipherString = DEFAULT 1389e0c4386eSCy SchubertSignatureAlgorithms = RSA-PSS+SHA256 1390e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1391e0c4386eSCy SchubertVerifyMode = Peer 1392e0c4386eSCy Schubert 1393e0c4386eSCy Schubert[test-42] 1394e0c4386eSCy SchubertExpectedResult = Success 1395e0c4386eSCy SchubertExpectedServerCertType = RSA 1396e0c4386eSCy SchubertExpectedServerSignHash = SHA256 1397e0c4386eSCy SchubertExpectedServerSignType = RSA-PSS 1398e0c4386eSCy Schubert 1399e0c4386eSCy Schubert 1400e0c4386eSCy Schubert# =========================================================== 1401e0c4386eSCy Schubert 1402e0c4386eSCy Schubert[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection] 1403e0c4386eSCy Schubertssl_conf = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl 1404e0c4386eSCy Schubert 1405e0c4386eSCy Schubert[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl] 1406e0c4386eSCy Schubertserver = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server 1407e0c4386eSCy Schubertclient = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client 1408e0c4386eSCy Schubert 1409e0c4386eSCy Schubert[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server] 1410e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1411e0c4386eSCy SchubertCipherString = DEFAULT 1412e0c4386eSCy SchubertClientSignatureAlgorithms = PSS+SHA256 1413e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1414e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1415e0c4386eSCy SchubertVerifyMode = Require 1416e0c4386eSCy Schubert 1417e0c4386eSCy Schubert[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client] 1418e0c4386eSCy SchubertCipherString = DEFAULT 1419e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem 1420e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem 1421e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1422e0c4386eSCy SchubertMinProtocol = TLSv1.3 1423e0c4386eSCy SchubertRSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 1424e0c4386eSCy SchubertRSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 1425e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1426e0c4386eSCy SchubertVerifyMode = Peer 1427e0c4386eSCy Schubert 1428e0c4386eSCy Schubert[test-43] 1429e0c4386eSCy SchubertExpectedClientCANames = empty 1430e0c4386eSCy SchubertExpectedClientCertType = RSA 1431e0c4386eSCy SchubertExpectedClientSignHash = SHA256 1432e0c4386eSCy SchubertExpectedClientSignType = RSA-PSS 1433e0c4386eSCy SchubertExpectedResult = Success 1434e0c4386eSCy Schubert 1435e0c4386eSCy Schubert 1436e0c4386eSCy Schubert# =========================================================== 1437e0c4386eSCy Schubert 1438e0c4386eSCy Schubert[44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names] 1439e0c4386eSCy Schubertssl_conf = 44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl 1440e0c4386eSCy Schubert 1441e0c4386eSCy Schubert[44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl] 1442e0c4386eSCy Schubertserver = 44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server 1443e0c4386eSCy Schubertclient = 44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client 1444e0c4386eSCy Schubert 1445e0c4386eSCy Schubert[44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server] 1446e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1447e0c4386eSCy SchubertCipherString = DEFAULT 1448e0c4386eSCy SchubertClientSignatureAlgorithms = PSS+SHA256 1449e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1450e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1451e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1452e0c4386eSCy SchubertVerifyMode = Require 1453e0c4386eSCy Schubert 1454e0c4386eSCy Schubert[44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client] 1455e0c4386eSCy SchubertCipherString = DEFAULT 1456e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem 1457e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem 1458e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1459e0c4386eSCy SchubertMinProtocol = TLSv1.3 1460e0c4386eSCy SchubertRSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 1461e0c4386eSCy SchubertRSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 1462e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1463e0c4386eSCy SchubertVerifyMode = Peer 1464e0c4386eSCy Schubert 1465e0c4386eSCy Schubert[test-44] 1466e0c4386eSCy SchubertExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1467e0c4386eSCy SchubertExpectedClientCertType = RSA 1468e0c4386eSCy SchubertExpectedClientSignHash = SHA256 1469e0c4386eSCy SchubertExpectedClientSignType = RSA-PSS 1470e0c4386eSCy SchubertExpectedResult = Success 1471e0c4386eSCy Schubert 1472e0c4386eSCy Schubert 1473e0c4386eSCy Schubert# =========================================================== 1474e0c4386eSCy Schubert 1475e0c4386eSCy Schubert[45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection] 1476e0c4386eSCy Schubertssl_conf = 45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl 1477e0c4386eSCy Schubert 1478e0c4386eSCy Schubert[45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl] 1479e0c4386eSCy Schubertserver = 45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server 1480e0c4386eSCy Schubertclient = 45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client 1481e0c4386eSCy Schubert 1482e0c4386eSCy Schubert[45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server] 1483e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1484e0c4386eSCy SchubertCipherString = DEFAULT 1485e0c4386eSCy SchubertClientSignatureAlgorithms = ECDSA+SHA256 1486e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1487e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1488e0c4386eSCy SchubertVerifyMode = Require 1489e0c4386eSCy Schubert 1490e0c4386eSCy Schubert[45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client] 1491e0c4386eSCy SchubertCipherString = DEFAULT 1492e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem 1493e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem 1494e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1495e0c4386eSCy SchubertMinProtocol = TLSv1.3 1496e0c4386eSCy SchubertRSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem 1497e0c4386eSCy SchubertRSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem 1498e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1499e0c4386eSCy SchubertVerifyMode = Peer 1500e0c4386eSCy Schubert 1501e0c4386eSCy Schubert[test-45] 1502e0c4386eSCy SchubertExpectedClientCertType = P-256 1503e0c4386eSCy SchubertExpectedClientSignHash = SHA256 1504e0c4386eSCy SchubertExpectedClientSignType = EC 1505e0c4386eSCy SchubertExpectedResult = Success 1506e0c4386eSCy Schubert 1507e0c4386eSCy Schubert 1508e0c4386eSCy Schubert# =========================================================== 1509e0c4386eSCy Schubert 1510e0c4386eSCy Schubert[46-TLS 1.3 Ed25519 Signature Algorithm Selection] 1511e0c4386eSCy Schubertssl_conf = 46-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl 1512e0c4386eSCy Schubert 1513e0c4386eSCy Schubert[46-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl] 1514e0c4386eSCy Schubertserver = 46-TLS 1.3 Ed25519 Signature Algorithm Selection-server 1515e0c4386eSCy Schubertclient = 46-TLS 1.3 Ed25519 Signature Algorithm Selection-client 1516e0c4386eSCy Schubert 1517e0c4386eSCy Schubert[46-TLS 1.3 Ed25519 Signature Algorithm Selection-server] 1518e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1519e0c4386eSCy SchubertCipherString = DEFAULT 1520e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1521e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1522e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1523e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1524e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1525e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1526e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1527e0c4386eSCy SchubertMinProtocol = TLSv1.3 1528e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1529e0c4386eSCy Schubert 1530e0c4386eSCy Schubert[46-TLS 1.3 Ed25519 Signature Algorithm Selection-client] 1531e0c4386eSCy SchubertCipherString = DEFAULT 1532e0c4386eSCy SchubertSignatureAlgorithms = ed25519 1533e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1534e0c4386eSCy SchubertVerifyMode = Peer 1535e0c4386eSCy Schubert 1536e0c4386eSCy Schubert[test-46] 1537e0c4386eSCy SchubertExpectedResult = Success 1538e0c4386eSCy SchubertExpectedServerCertType = Ed25519 1539e0c4386eSCy SchubertExpectedServerSignType = Ed25519 1540e0c4386eSCy Schubert 1541e0c4386eSCy Schubert 1542e0c4386eSCy Schubert# =========================================================== 1543e0c4386eSCy Schubert 1544e0c4386eSCy Schubert[47-TLS 1.3 Ed448 Signature Algorithm Selection] 1545e0c4386eSCy Schubertssl_conf = 47-TLS 1.3 Ed448 Signature Algorithm Selection-ssl 1546e0c4386eSCy Schubert 1547e0c4386eSCy Schubert[47-TLS 1.3 Ed448 Signature Algorithm Selection-ssl] 1548e0c4386eSCy Schubertserver = 47-TLS 1.3 Ed448 Signature Algorithm Selection-server 1549e0c4386eSCy Schubertclient = 47-TLS 1.3 Ed448 Signature Algorithm Selection-client 1550e0c4386eSCy Schubert 1551e0c4386eSCy Schubert[47-TLS 1.3 Ed448 Signature Algorithm Selection-server] 1552e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1553e0c4386eSCy SchubertCipherString = DEFAULT 1554e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1555e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1556e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1557e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1558e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1559e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1560e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1561e0c4386eSCy SchubertMinProtocol = TLSv1.3 1562e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1563e0c4386eSCy Schubert 1564e0c4386eSCy Schubert[47-TLS 1.3 Ed448 Signature Algorithm Selection-client] 1565e0c4386eSCy SchubertCipherString = DEFAULT 1566e0c4386eSCy SchubertSignatureAlgorithms = ed448 1567e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem 1568e0c4386eSCy SchubertVerifyMode = Peer 1569e0c4386eSCy Schubert 1570e0c4386eSCy Schubert[test-47] 1571e0c4386eSCy SchubertExpectedResult = Success 1572e0c4386eSCy SchubertExpectedServerCertType = Ed448 1573e0c4386eSCy SchubertExpectedServerSignType = Ed448 1574e0c4386eSCy Schubert 1575e0c4386eSCy Schubert 1576e0c4386eSCy Schubert# =========================================================== 1577e0c4386eSCy Schubert 1578e0c4386eSCy Schubert[48-TLS 1.3 Ed25519 CipherString and Groups Selection] 1579e0c4386eSCy Schubertssl_conf = 48-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl 1580e0c4386eSCy Schubert 1581e0c4386eSCy Schubert[48-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl] 1582e0c4386eSCy Schubertserver = 48-TLS 1.3 Ed25519 CipherString and Groups Selection-server 1583e0c4386eSCy Schubertclient = 48-TLS 1.3 Ed25519 CipherString and Groups Selection-client 1584e0c4386eSCy Schubert 1585e0c4386eSCy Schubert[48-TLS 1.3 Ed25519 CipherString and Groups Selection-server] 1586e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1587e0c4386eSCy SchubertCipherString = DEFAULT 1588e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1589e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1590e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1591e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1592e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1593e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1594e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1595e0c4386eSCy SchubertMinProtocol = TLSv1.3 1596e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1597e0c4386eSCy Schubert 1598e0c4386eSCy Schubert[48-TLS 1.3 Ed25519 CipherString and Groups Selection-client] 1599e0c4386eSCy SchubertCipherString = DEFAULT 1600e0c4386eSCy SchubertGroups = X25519 1601e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256:ed25519 1602e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1603e0c4386eSCy SchubertVerifyMode = Peer 1604e0c4386eSCy Schubert 1605e0c4386eSCy Schubert[test-48] 1606e0c4386eSCy SchubertExpectedResult = Success 1607e0c4386eSCy SchubertExpectedServerCertType = P-256 1608e0c4386eSCy SchubertExpectedServerSignType = EC 1609e0c4386eSCy Schubert 1610e0c4386eSCy Schubert 1611e0c4386eSCy Schubert# =========================================================== 1612e0c4386eSCy Schubert 1613e0c4386eSCy Schubert[49-TLS 1.3 Ed448 CipherString and Groups Selection] 1614e0c4386eSCy Schubertssl_conf = 49-TLS 1.3 Ed448 CipherString and Groups Selection-ssl 1615e0c4386eSCy Schubert 1616e0c4386eSCy Schubert[49-TLS 1.3 Ed448 CipherString and Groups Selection-ssl] 1617e0c4386eSCy Schubertserver = 49-TLS 1.3 Ed448 CipherString and Groups Selection-server 1618e0c4386eSCy Schubertclient = 49-TLS 1.3 Ed448 CipherString and Groups Selection-client 1619e0c4386eSCy Schubert 1620e0c4386eSCy Schubert[49-TLS 1.3 Ed448 CipherString and Groups Selection-server] 1621e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1622e0c4386eSCy SchubertCipherString = DEFAULT 1623e0c4386eSCy SchubertECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem 1624e0c4386eSCy SchubertECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem 1625e0c4386eSCy SchubertEd25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem 1626e0c4386eSCy SchubertEd25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem 1627e0c4386eSCy SchubertEd448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem 1628e0c4386eSCy SchubertEd448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem 1629e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1630e0c4386eSCy SchubertMinProtocol = TLSv1.3 1631e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1632e0c4386eSCy Schubert 1633e0c4386eSCy Schubert[49-TLS 1.3 Ed448 CipherString and Groups Selection-client] 1634e0c4386eSCy SchubertCipherString = DEFAULT 1635e0c4386eSCy SchubertGroups = X448 1636e0c4386eSCy SchubertSignatureAlgorithms = ECDSA+SHA256:ed448 1637e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1638e0c4386eSCy SchubertVerifyMode = Peer 1639e0c4386eSCy Schubert 1640e0c4386eSCy Schubert[test-49] 1641e0c4386eSCy SchubertExpectedResult = Success 1642e0c4386eSCy SchubertExpectedServerCertType = P-256 1643e0c4386eSCy SchubertExpectedServerSignType = EC 1644e0c4386eSCy Schubert 1645e0c4386eSCy Schubert 1646e0c4386eSCy Schubert# =========================================================== 1647e0c4386eSCy Schubert 1648e0c4386eSCy Schubert[50-TLS 1.3 Ed25519 Client Auth] 1649e0c4386eSCy Schubertssl_conf = 50-TLS 1.3 Ed25519 Client Auth-ssl 1650e0c4386eSCy Schubert 1651e0c4386eSCy Schubert[50-TLS 1.3 Ed25519 Client Auth-ssl] 1652e0c4386eSCy Schubertserver = 50-TLS 1.3 Ed25519 Client Auth-server 1653e0c4386eSCy Schubertclient = 50-TLS 1.3 Ed25519 Client Auth-client 1654e0c4386eSCy Schubert 1655e0c4386eSCy Schubert[50-TLS 1.3 Ed25519 Client Auth-server] 1656e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1657e0c4386eSCy SchubertCipherString = DEFAULT 1658e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1659e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1660e0c4386eSCy SchubertVerifyMode = Require 1661e0c4386eSCy Schubert 1662e0c4386eSCy Schubert[50-TLS 1.3 Ed25519 Client Auth-client] 1663e0c4386eSCy SchubertCipherString = DEFAULT 1664e0c4386eSCy SchubertEdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem 1665e0c4386eSCy SchubertEdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem 1666e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1667e0c4386eSCy SchubertMinProtocol = TLSv1.3 1668e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1669e0c4386eSCy SchubertVerifyMode = Peer 1670e0c4386eSCy Schubert 1671e0c4386eSCy Schubert[test-50] 1672e0c4386eSCy SchubertExpectedClientCertType = Ed25519 1673e0c4386eSCy SchubertExpectedClientSignType = Ed25519 1674e0c4386eSCy SchubertExpectedResult = Success 1675e0c4386eSCy Schubert 1676e0c4386eSCy Schubert 1677e0c4386eSCy Schubert# =========================================================== 1678e0c4386eSCy Schubert 1679e0c4386eSCy Schubert[51-TLS 1.3 Ed448 Client Auth] 1680e0c4386eSCy Schubertssl_conf = 51-TLS 1.3 Ed448 Client Auth-ssl 1681e0c4386eSCy Schubert 1682e0c4386eSCy Schubert[51-TLS 1.3 Ed448 Client Auth-ssl] 1683e0c4386eSCy Schubertserver = 51-TLS 1.3 Ed448 Client Auth-server 1684e0c4386eSCy Schubertclient = 51-TLS 1.3 Ed448 Client Auth-client 1685e0c4386eSCy Schubert 1686e0c4386eSCy Schubert[51-TLS 1.3 Ed448 Client Auth-server] 1687e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1688e0c4386eSCy SchubertCipherString = DEFAULT 1689e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1690e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1691e0c4386eSCy SchubertVerifyMode = Require 1692e0c4386eSCy Schubert 1693e0c4386eSCy Schubert[51-TLS 1.3 Ed448 Client Auth-client] 1694e0c4386eSCy SchubertCipherString = DEFAULT 1695e0c4386eSCy SchubertEdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem 1696e0c4386eSCy SchubertEdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem 1697e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1698e0c4386eSCy SchubertMinProtocol = TLSv1.3 1699e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1700e0c4386eSCy SchubertVerifyMode = Peer 1701e0c4386eSCy Schubert 1702e0c4386eSCy Schubert[test-51] 1703e0c4386eSCy SchubertExpectedClientCertType = Ed448 1704e0c4386eSCy SchubertExpectedClientSignType = Ed448 1705e0c4386eSCy SchubertExpectedResult = Success 1706e0c4386eSCy Schubert 1707e0c4386eSCy Schubert 1708e0c4386eSCy Schubert# =========================================================== 1709e0c4386eSCy Schubert 1710e0c4386eSCy Schubert[52-TLS 1.3 ECDSA with brainpool but no suitable groups] 1711e0c4386eSCy Schubertssl_conf = 52-TLS 1.3 ECDSA with brainpool but no suitable groups-ssl 1712e0c4386eSCy Schubert 1713e0c4386eSCy Schubert[52-TLS 1.3 ECDSA with brainpool but no suitable groups-ssl] 1714e0c4386eSCy Schubertserver = 52-TLS 1.3 ECDSA with brainpool but no suitable groups-server 1715e0c4386eSCy Schubertclient = 52-TLS 1.3 ECDSA with brainpool but no suitable groups-client 1716e0c4386eSCy Schubert 1717e0c4386eSCy Schubert[52-TLS 1.3 ECDSA with brainpool but no suitable groups-server] 1718e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem 1719e0c4386eSCy SchubertCipherString = DEFAULT 1720e0c4386eSCy SchubertGroups = brainpoolP256r1 1721e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem 1722e0c4386eSCy Schubert 1723e0c4386eSCy Schubert[52-TLS 1.3 ECDSA with brainpool but no suitable groups-client] 1724e0c4386eSCy SchubertCipherString = aECDSA 1725e0c4386eSCy SchubertGroups = brainpoolP256r1 1726e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1727e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1728e0c4386eSCy SchubertVerifyMode = Peer 1729e0c4386eSCy Schubert 1730e0c4386eSCy Schubert[test-52] 1731e0c4386eSCy SchubertExpectedResult = ClientFail 1732e0c4386eSCy Schubert 1733e0c4386eSCy Schubert 1734e0c4386eSCy Schubert# =========================================================== 1735e0c4386eSCy Schubert 1736e0c4386eSCy Schubert[53-TLS 1.3 ECDSA with brainpool] 1737e0c4386eSCy Schubertssl_conf = 53-TLS 1.3 ECDSA with brainpool-ssl 1738e0c4386eSCy Schubert 1739e0c4386eSCy Schubert[53-TLS 1.3 ECDSA with brainpool-ssl] 1740e0c4386eSCy Schubertserver = 53-TLS 1.3 ECDSA with brainpool-server 1741e0c4386eSCy Schubertclient = 53-TLS 1.3 ECDSA with brainpool-client 1742e0c4386eSCy Schubert 1743e0c4386eSCy Schubert[53-TLS 1.3 ECDSA with brainpool-server] 1744e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem 1745e0c4386eSCy SchubertCipherString = DEFAULT 1746e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem 1747e0c4386eSCy Schubert 1748e0c4386eSCy Schubert[53-TLS 1.3 ECDSA with brainpool-client] 1749e0c4386eSCy SchubertCipherString = DEFAULT 1750e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1751e0c4386eSCy SchubertMinProtocol = TLSv1.3 1752e0c4386eSCy SchubertRequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1753e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1754e0c4386eSCy SchubertVerifyMode = Peer 1755e0c4386eSCy Schubert 1756e0c4386eSCy Schubert[test-53] 1757e0c4386eSCy SchubertExpectedResult = ServerFail 1758e0c4386eSCy Schubert 1759e0c4386eSCy Schubert 1760e0c4386eSCy Schubert# =========================================================== 1761e0c4386eSCy Schubert 1762e0c4386eSCy Schubert[54-TLS 1.2 DSA Certificate Test] 1763e0c4386eSCy Schubertssl_conf = 54-TLS 1.2 DSA Certificate Test-ssl 1764e0c4386eSCy Schubert 1765e0c4386eSCy Schubert[54-TLS 1.2 DSA Certificate Test-ssl] 1766e0c4386eSCy Schubertserver = 54-TLS 1.2 DSA Certificate Test-server 1767e0c4386eSCy Schubertclient = 54-TLS 1.2 DSA Certificate Test-client 1768e0c4386eSCy Schubert 1769e0c4386eSCy Schubert[54-TLS 1.2 DSA Certificate Test-server] 1770e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1771e0c4386eSCy SchubertCipherString = ALL 1772e0c4386eSCy SchubertDHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem 1773e0c4386eSCy SchubertDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem 1774e0c4386eSCy SchubertDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem 1775e0c4386eSCy SchubertMaxProtocol = TLSv1.2 1776e0c4386eSCy SchubertMinProtocol = TLSv1.2 1777e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1778e0c4386eSCy Schubert 1779e0c4386eSCy Schubert[54-TLS 1.2 DSA Certificate Test-client] 1780e0c4386eSCy SchubertCipherString = ALL 1781e0c4386eSCy SchubertSignatureAlgorithms = DSA+SHA256:DSA+SHA1 1782e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1783e0c4386eSCy SchubertVerifyMode = Peer 1784e0c4386eSCy Schubert 1785e0c4386eSCy Schubert[test-54] 1786e0c4386eSCy SchubertExpectedResult = Success 1787e0c4386eSCy Schubert 1788e0c4386eSCy Schubert 1789e0c4386eSCy Schubert# =========================================================== 1790e0c4386eSCy Schubert 1791e0c4386eSCy Schubert[55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms] 1792e0c4386eSCy Schubertssl_conf = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl 1793e0c4386eSCy Schubert 1794e0c4386eSCy Schubert[55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl] 1795e0c4386eSCy Schubertserver = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server 1796e0c4386eSCy Schubertclient = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client 1797e0c4386eSCy Schubert 1798e0c4386eSCy Schubert[55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server] 1799e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1800e0c4386eSCy SchubertCipherString = DEFAULT 1801e0c4386eSCy SchubertClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256 1802e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1803e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem 1804e0c4386eSCy SchubertVerifyMode = Request 1805e0c4386eSCy Schubert 1806e0c4386eSCy Schubert[55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client] 1807e0c4386eSCy SchubertCipherString = DEFAULT 1808e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1809e0c4386eSCy SchubertVerifyMode = Peer 1810e0c4386eSCy Schubert 1811e0c4386eSCy Schubert[test-55] 1812e0c4386eSCy SchubertExpectedResult = ServerFail 1813e0c4386eSCy Schubert 1814e0c4386eSCy Schubert 1815e0c4386eSCy Schubert# =========================================================== 1816e0c4386eSCy Schubert 1817e0c4386eSCy Schubert[56-TLS 1.3 DSA Certificate Test] 1818e0c4386eSCy Schubertssl_conf = 56-TLS 1.3 DSA Certificate Test-ssl 1819e0c4386eSCy Schubert 1820e0c4386eSCy Schubert[56-TLS 1.3 DSA Certificate Test-ssl] 1821e0c4386eSCy Schubertserver = 56-TLS 1.3 DSA Certificate Test-server 1822e0c4386eSCy Schubertclient = 56-TLS 1.3 DSA Certificate Test-client 1823e0c4386eSCy Schubert 1824e0c4386eSCy Schubert[56-TLS 1.3 DSA Certificate Test-server] 1825e0c4386eSCy SchubertCertificate = ${ENV::TEST_CERTS_DIR}/servercert.pem 1826e0c4386eSCy SchubertCipherString = ALL 1827e0c4386eSCy SchubertDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem 1828e0c4386eSCy SchubertDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem 1829e0c4386eSCy SchubertMaxProtocol = TLSv1.3 1830e0c4386eSCy SchubertMinProtocol = TLSv1.3 1831e0c4386eSCy SchubertPrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem 1832e0c4386eSCy Schubert 1833e0c4386eSCy Schubert[56-TLS 1.3 DSA Certificate Test-client] 1834e0c4386eSCy SchubertCipherString = ALL 1835e0c4386eSCy SchubertSignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256 1836e0c4386eSCy SchubertVerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem 1837e0c4386eSCy SchubertVerifyMode = Peer 1838e0c4386eSCy Schubert 1839e0c4386eSCy Schubert[test-56] 1840e0c4386eSCy SchubertExpectedResult = ServerFail 1841e0c4386eSCy Schubert 1842e0c4386eSCy Schubert 1843