| # Generated with generate_ssl_tests.pl |
| |
| num_tests = 57 |
| |
| test-0 = 0-ECDSA CipherString Selection |
| test-1 = 1-ECDSA CipherString Selection |
| test-2 = 2-ECDSA CipherString Selection |
| test-3 = 3-RSA CipherString Selection |
| test-4 = 4-P-256 CipherString and Signature Algorithm Selection |
| test-5 = 5-ECDSA CipherString Selection, no ECDSA certificate |
| test-6 = 6-ECDSA Signature Algorithm Selection |
| test-7 = 7-ECDSA Signature Algorithm Selection SHA384 |
| test-8 = 8-ECDSA Signature Algorithm Selection compressed point |
| test-9 = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate |
| test-10 = 10-RSA Signature Algorithm Selection |
| test-11 = 11-RSA-PSS Signature Algorithm Selection |
| test-12 = 12-RSA key exchange with all RSA certificate types |
| test-13 = 13-Suite B P-256 Hash Algorithm Selection |
| test-14 = 14-Suite B P-384 Hash Algorithm Selection |
| test-15 = 15-Ed25519 CipherString and Signature Algorithm Selection |
| test-16 = 16-Ed448 CipherString and Signature Algorithm Selection |
| test-17 = 17-Ed25519 CipherString and Curves Selection |
| test-18 = 18-Ed448 CipherString and Curves Selection |
| test-19 = 19-TLS 1.2 Ed25519 Client Auth |
| test-20 = 20-TLS 1.2 Ed448 Client Auth |
| test-21 = 21-ECDSA Signature Algorithm Selection SHA1 |
| test-22 = 22-ECDSA with brainpool |
| test-23 = 23-RSA-PSS Certificate CipherString Selection |
| test-24 = 24-RSA-PSS Certificate Legacy Signature Algorithm Selection |
| test-25 = 25-RSA-PSS Certificate Unified Signature Algorithm Selection |
| test-26 = 26-Only RSA-PSS Certificate |
| test-27 = 27-Only RSA-PSS Certificate Valid Signature Algorithms |
| test-28 = 28-RSA-PSS Certificate, no PSS signature algorithms |
| test-29 = 29-Only RSA-PSS Restricted Certificate |
| test-30 = 30-RSA-PSS Restricted Certificate Valid Signature Algorithms |
| test-31 = 31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm |
| test-32 = 32-RSA-PSS Restricted Certificate Invalid Signature Algorithms |
| test-33 = 33-RSA key exchange with only RSA-PSS certificate |
| test-34 = 34-Only RSA-PSS Certificate, TLS v1.1 |
| test-35 = 35-TLS 1.3 ECDSA Signature Algorithm Selection |
| test-36 = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point |
| test-37 = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1 |
| test-38 = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS |
| test-39 = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS |
| test-40 = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate |
| test-41 = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS |
| test-42 = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection |
| test-43 = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection |
| test-44 = 44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names |
| test-45 = 45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection |
| test-46 = 46-TLS 1.3 Ed25519 Signature Algorithm Selection |
| test-47 = 47-TLS 1.3 Ed448 Signature Algorithm Selection |
| test-48 = 48-TLS 1.3 Ed25519 CipherString and Groups Selection |
| test-49 = 49-TLS 1.3 Ed448 CipherString and Groups Selection |
| test-50 = 50-TLS 1.3 Ed25519 Client Auth |
| test-51 = 51-TLS 1.3 Ed448 Client Auth |
| test-52 = 52-TLS 1.3 ECDSA with brainpool but no suitable groups |
| test-53 = 53-TLS 1.3 ECDSA with brainpool |
| test-54 = 54-TLS 1.2 DSA Certificate Test |
| test-55 = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms |
| test-56 = 56-TLS 1.3 DSA Certificate Test |
| # =========================================================== |
| |
| [0-ECDSA CipherString Selection] |
| ssl_conf = 0-ECDSA CipherString Selection-ssl |
| |
| [0-ECDSA CipherString Selection-ssl] |
| server = 0-ECDSA CipherString Selection-server |
| client = 0-ECDSA CipherString Selection-client |
| |
| [0-ECDSA CipherString Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [0-ECDSA CipherString Selection-client] |
| CipherString = aECDSA |
| MaxProtocol = TLSv1.2 |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-0] |
| ExpectedResult = Success |
| ExpectedServerCANames = empty |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [1-ECDSA CipherString Selection] |
| ssl_conf = 1-ECDSA CipherString Selection-ssl |
| |
| [1-ECDSA CipherString Selection-ssl] |
| server = 1-ECDSA CipherString Selection-server |
| client = 1-ECDSA CipherString Selection-client |
| |
| [1-ECDSA CipherString Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Groups = P-384 |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [1-ECDSA CipherString Selection-client] |
| CipherString = aECDSA |
| Groups = P-256:P-384 |
| MaxProtocol = TLSv1.2 |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-1] |
| ExpectedResult = Success |
| ExpectedServerCANames = empty |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [2-ECDSA CipherString Selection] |
| ssl_conf = 2-ECDSA CipherString Selection-ssl |
| |
| [2-ECDSA CipherString Selection-ssl] |
| server = 2-ECDSA CipherString Selection-server |
| client = 2-ECDSA CipherString Selection-client |
| |
| [2-ECDSA CipherString Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Groups = P-256:P-384 |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [2-ECDSA CipherString Selection-client] |
| CipherString = aECDSA |
| Groups = P-384 |
| MaxProtocol = TLSv1.2 |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-2] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [3-RSA CipherString Selection] |
| ssl_conf = 3-RSA CipherString Selection-ssl |
| |
| [3-RSA CipherString Selection-ssl] |
| server = 3-RSA CipherString Selection-server |
| client = 3-RSA CipherString Selection-client |
| |
| [3-RSA CipherString Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [3-RSA CipherString Selection-client] |
| CipherString = aRSA |
| MaxProtocol = TLSv1.2 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-3] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [4-P-256 CipherString and Signature Algorithm Selection] |
| ssl_conf = 4-P-256 CipherString and Signature Algorithm Selection-ssl |
| |
| [4-P-256 CipherString and Signature Algorithm Selection-ssl] |
| server = 4-P-256 CipherString and Signature Algorithm Selection-server |
| client = 4-P-256 CipherString and Signature Algorithm Selection-client |
| |
| [4-P-256 CipherString and Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [4-P-256 CipherString and Signature Algorithm Selection-client] |
| CipherString = aECDSA |
| MaxProtocol = TLSv1.2 |
| SignatureAlgorithms = ECDSA+SHA256:ed25519 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-4] |
| ExpectedResult = Success |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [5-ECDSA CipherString Selection, no ECDSA certificate] |
| ssl_conf = 5-ECDSA CipherString Selection, no ECDSA certificate-ssl |
| |
| [5-ECDSA CipherString Selection, no ECDSA certificate-ssl] |
| server = 5-ECDSA CipherString Selection, no ECDSA certificate-server |
| client = 5-ECDSA CipherString Selection, no ECDSA certificate-client |
| |
| [5-ECDSA CipherString Selection, no ECDSA certificate-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [5-ECDSA CipherString Selection, no ECDSA certificate-client] |
| CipherString = aECDSA |
| MaxProtocol = TLSv1.2 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-5] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [6-ECDSA Signature Algorithm Selection] |
| ssl_conf = 6-ECDSA Signature Algorithm Selection-ssl |
| |
| [6-ECDSA Signature Algorithm Selection-ssl] |
| server = 6-ECDSA Signature Algorithm Selection-server |
| client = 6-ECDSA Signature Algorithm Selection-client |
| |
| [6-ECDSA Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [6-ECDSA Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-6] |
| ExpectedResult = Success |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [7-ECDSA Signature Algorithm Selection SHA384] |
| ssl_conf = 7-ECDSA Signature Algorithm Selection SHA384-ssl |
| |
| [7-ECDSA Signature Algorithm Selection SHA384-ssl] |
| server = 7-ECDSA Signature Algorithm Selection SHA384-server |
| client = 7-ECDSA Signature Algorithm Selection SHA384-client |
| |
| [7-ECDSA Signature Algorithm Selection SHA384-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [7-ECDSA Signature Algorithm Selection SHA384-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA384 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-7] |
| ExpectedResult = Success |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignHash = SHA384 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [8-ECDSA Signature Algorithm Selection compressed point] |
| ssl_conf = 8-ECDSA Signature Algorithm Selection compressed point-ssl |
| |
| [8-ECDSA Signature Algorithm Selection compressed point-ssl] |
| server = 8-ECDSA Signature Algorithm Selection compressed point-server |
| client = 8-ECDSA Signature Algorithm Selection compressed point-client |
| |
| [8-ECDSA Signature Algorithm Selection compressed point-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [8-ECDSA Signature Algorithm Selection compressed point-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-8] |
| ExpectedResult = Success |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [9-ECDSA Signature Algorithm Selection, no ECDSA certificate] |
| ssl_conf = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl |
| |
| [9-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl] |
| server = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate-server |
| client = 9-ECDSA Signature Algorithm Selection, no ECDSA certificate-client |
| |
| [9-ECDSA Signature Algorithm Selection, no ECDSA certificate-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [9-ECDSA Signature Algorithm Selection, no ECDSA certificate-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-9] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [10-RSA Signature Algorithm Selection] |
| ssl_conf = 10-RSA Signature Algorithm Selection-ssl |
| |
| [10-RSA Signature Algorithm Selection-ssl] |
| server = 10-RSA Signature Algorithm Selection-server |
| client = 10-RSA Signature Algorithm Selection-client |
| |
| [10-RSA Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [10-RSA Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = RSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-10] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = RSA |
| |
| |
| # =========================================================== |
| |
| [11-RSA-PSS Signature Algorithm Selection] |
| ssl_conf = 11-RSA-PSS Signature Algorithm Selection-ssl |
| |
| [11-RSA-PSS Signature Algorithm Selection-ssl] |
| server = 11-RSA-PSS Signature Algorithm Selection-server |
| client = 11-RSA-PSS Signature Algorithm Selection-client |
| |
| [11-RSA-PSS Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [11-RSA-PSS Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = RSA-PSS+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-11] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [12-RSA key exchange with all RSA certificate types] |
| ssl_conf = 12-RSA key exchange with all RSA certificate types-ssl |
| |
| [12-RSA key exchange with all RSA certificate types-ssl] |
| server = 12-RSA key exchange with all RSA certificate types-server |
| client = 12-RSA key exchange with all RSA certificate types-client |
| |
| [12-RSA key exchange with all RSA certificate types-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem |
| PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [12-RSA key exchange with all RSA certificate types-client] |
| CipherString = kRSA |
| MaxProtocol = TLSv1.2 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-12] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA |
| |
| |
| # =========================================================== |
| |
| [13-Suite B P-256 Hash Algorithm Selection] |
| ssl_conf = 13-Suite B P-256 Hash Algorithm Selection-ssl |
| |
| [13-Suite B P-256 Hash Algorithm Selection-ssl] |
| server = 13-Suite B P-256 Hash Algorithm Selection-server |
| client = 13-Suite B P-256 Hash Algorithm Selection-client |
| |
| [13-Suite B P-256 Hash Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = SUITEB128 |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p256-server-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [13-Suite B P-256 Hash Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem |
| VerifyMode = Peer |
| |
| [test-13] |
| ExpectedResult = Success |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [14-Suite B P-384 Hash Algorithm Selection] |
| ssl_conf = 14-Suite B P-384 Hash Algorithm Selection-ssl |
| |
| [14-Suite B P-384 Hash Algorithm Selection-ssl] |
| server = 14-Suite B P-384 Hash Algorithm Selection-server |
| client = 14-Suite B P-384 Hash Algorithm Selection-client |
| |
| [14-Suite B P-384 Hash Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = SUITEB128 |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [14-Suite B P-384 Hash Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem |
| VerifyMode = Peer |
| |
| [test-14] |
| ExpectedResult = Success |
| ExpectedServerCertType = P-384 |
| ExpectedServerSignHash = SHA384 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [15-Ed25519 CipherString and Signature Algorithm Selection] |
| ssl_conf = 15-Ed25519 CipherString and Signature Algorithm Selection-ssl |
| |
| [15-Ed25519 CipherString and Signature Algorithm Selection-ssl] |
| server = 15-Ed25519 CipherString and Signature Algorithm Selection-server |
| client = 15-Ed25519 CipherString and Signature Algorithm Selection-client |
| |
| [15-Ed25519 CipherString and Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [15-Ed25519 CipherString and Signature Algorithm Selection-client] |
| CipherString = aECDSA |
| MaxProtocol = TLSv1.2 |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| SignatureAlgorithms = ed25519:ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-15] |
| ExpectedResult = Success |
| ExpectedServerCANames = empty |
| ExpectedServerCertType = Ed25519 |
| ExpectedServerSignType = Ed25519 |
| |
| |
| # =========================================================== |
| |
| [16-Ed448 CipherString and Signature Algorithm Selection] |
| ssl_conf = 16-Ed448 CipherString and Signature Algorithm Selection-ssl |
| |
| [16-Ed448 CipherString and Signature Algorithm Selection-ssl] |
| server = 16-Ed448 CipherString and Signature Algorithm Selection-server |
| client = 16-Ed448 CipherString and Signature Algorithm Selection-client |
| |
| [16-Ed448 CipherString and Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [16-Ed448 CipherString and Signature Algorithm Selection-client] |
| CipherString = aECDSA |
| MaxProtocol = TLSv1.2 |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem |
| SignatureAlgorithms = ed448:ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem |
| VerifyMode = Peer |
| |
| [test-16] |
| ExpectedResult = Success |
| ExpectedServerCANames = empty |
| ExpectedServerCertType = Ed448 |
| ExpectedServerSignType = Ed448 |
| |
| |
| # =========================================================== |
| |
| [17-Ed25519 CipherString and Curves Selection] |
| ssl_conf = 17-Ed25519 CipherString and Curves Selection-ssl |
| |
| [17-Ed25519 CipherString and Curves Selection-ssl] |
| server = 17-Ed25519 CipherString and Curves Selection-server |
| client = 17-Ed25519 CipherString and Curves Selection-client |
| |
| [17-Ed25519 CipherString and Curves Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [17-Ed25519 CipherString and Curves Selection-client] |
| CipherString = aECDSA |
| Curves = X25519 |
| MaxProtocol = TLSv1.2 |
| SignatureAlgorithms = ECDSA+SHA256:ed25519 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-17] |
| ExpectedResult = Success |
| ExpectedServerCertType = Ed25519 |
| ExpectedServerSignType = Ed25519 |
| |
| |
| # =========================================================== |
| |
| [18-Ed448 CipherString and Curves Selection] |
| ssl_conf = 18-Ed448 CipherString and Curves Selection-ssl |
| |
| [18-Ed448 CipherString and Curves Selection-ssl] |
| server = 18-Ed448 CipherString and Curves Selection-server |
| client = 18-Ed448 CipherString and Curves Selection-client |
| |
| [18-Ed448 CipherString and Curves Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [18-Ed448 CipherString and Curves Selection-client] |
| CipherString = aECDSA |
| Curves = X448 |
| MaxProtocol = TLSv1.2 |
| SignatureAlgorithms = ECDSA+SHA256:ed448 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem |
| VerifyMode = Peer |
| |
| [test-18] |
| ExpectedResult = Success |
| ExpectedServerCertType = Ed448 |
| ExpectedServerSignType = Ed448 |
| |
| |
| # =========================================================== |
| |
| [19-TLS 1.2 Ed25519 Client Auth] |
| ssl_conf = 19-TLS 1.2 Ed25519 Client Auth-ssl |
| |
| [19-TLS 1.2 Ed25519 Client Auth-ssl] |
| server = 19-TLS 1.2 Ed25519 Client Auth-server |
| client = 19-TLS 1.2 Ed25519 Client Auth-client |
| |
| [19-TLS 1.2 Ed25519 Client Auth-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyMode = Require |
| |
| [19-TLS 1.2 Ed25519 Client Auth-client] |
| CipherString = DEFAULT |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem |
| MaxProtocol = TLSv1.2 |
| MinProtocol = TLSv1.2 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-19] |
| ExpectedClientCertType = Ed25519 |
| ExpectedClientSignType = Ed25519 |
| ExpectedResult = Success |
| |
| |
| # =========================================================== |
| |
| [20-TLS 1.2 Ed448 Client Auth] |
| ssl_conf = 20-TLS 1.2 Ed448 Client Auth-ssl |
| |
| [20-TLS 1.2 Ed448 Client Auth-ssl] |
| server = 20-TLS 1.2 Ed448 Client Auth-server |
| client = 20-TLS 1.2 Ed448 Client Auth-client |
| |
| [20-TLS 1.2 Ed448 Client Auth-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyMode = Require |
| |
| [20-TLS 1.2 Ed448 Client Auth-client] |
| CipherString = DEFAULT |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| MinProtocol = TLSv1.2 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-20] |
| ExpectedClientCertType = Ed448 |
| ExpectedClientSignType = Ed448 |
| ExpectedResult = Success |
| |
| |
| # =========================================================== |
| |
| [21-ECDSA Signature Algorithm Selection SHA1] |
| ssl_conf = 21-ECDSA Signature Algorithm Selection SHA1-ssl |
| |
| [21-ECDSA Signature Algorithm Selection SHA1-ssl] |
| server = 21-ECDSA Signature Algorithm Selection SHA1-server |
| client = 21-ECDSA Signature Algorithm Selection SHA1-client |
| |
| [21-ECDSA Signature Algorithm Selection SHA1-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT:@SECLEVEL=0 |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [21-ECDSA Signature Algorithm Selection SHA1-client] |
| CipherString = DEFAULT:@SECLEVEL=0 |
| SignatureAlgorithms = ECDSA+SHA1 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-21] |
| ExpectedResult = Success |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignHash = SHA1 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [22-ECDSA with brainpool] |
| ssl_conf = 22-ECDSA with brainpool-ssl |
| |
| [22-ECDSA with brainpool-ssl] |
| server = 22-ECDSA with brainpool-server |
| client = 22-ECDSA with brainpool-client |
| |
| [22-ECDSA with brainpool-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem |
| CipherString = DEFAULT |
| Groups = brainpoolP256r1 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem |
| |
| [22-ECDSA with brainpool-client] |
| CipherString = aECDSA |
| Groups = brainpoolP256r1 |
| MaxProtocol = TLSv1.2 |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-22] |
| ExpectedResult = Success |
| ExpectedServerCANames = empty |
| ExpectedServerCertType = brainpoolP256r1 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [23-RSA-PSS Certificate CipherString Selection] |
| ssl_conf = 23-RSA-PSS Certificate CipherString Selection-ssl |
| |
| [23-RSA-PSS Certificate CipherString Selection-ssl] |
| server = 23-RSA-PSS Certificate CipherString Selection-server |
| client = 23-RSA-PSS Certificate CipherString Selection-client |
| |
| [23-RSA-PSS Certificate CipherString Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem |
| PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [23-RSA-PSS Certificate CipherString Selection-client] |
| CipherString = aRSA |
| MaxProtocol = TLSv1.2 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-23] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA-PSS |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [24-RSA-PSS Certificate Legacy Signature Algorithm Selection] |
| ssl_conf = 24-RSA-PSS Certificate Legacy Signature Algorithm Selection-ssl |
| |
| [24-RSA-PSS Certificate Legacy Signature Algorithm Selection-ssl] |
| server = 24-RSA-PSS Certificate Legacy Signature Algorithm Selection-server |
| client = 24-RSA-PSS Certificate Legacy Signature Algorithm Selection-client |
| |
| [24-RSA-PSS Certificate Legacy Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem |
| PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [24-RSA-PSS Certificate Legacy Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = RSA-PSS+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-24] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [25-RSA-PSS Certificate Unified Signature Algorithm Selection] |
| ssl_conf = 25-RSA-PSS Certificate Unified Signature Algorithm Selection-ssl |
| |
| [25-RSA-PSS Certificate Unified Signature Algorithm Selection-ssl] |
| server = 25-RSA-PSS Certificate Unified Signature Algorithm Selection-server |
| client = 25-RSA-PSS Certificate Unified Signature Algorithm Selection-client |
| |
| [25-RSA-PSS Certificate Unified Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.2 |
| PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem |
| PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [25-RSA-PSS Certificate Unified Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = rsa_pss_pss_sha256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-25] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA-PSS |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [26-Only RSA-PSS Certificate] |
| ssl_conf = 26-Only RSA-PSS Certificate-ssl |
| |
| [26-Only RSA-PSS Certificate-ssl] |
| server = 26-Only RSA-PSS Certificate-server |
| client = 26-Only RSA-PSS Certificate-client |
| |
| [26-Only RSA-PSS Certificate-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem |
| |
| [26-Only RSA-PSS Certificate-client] |
| CipherString = DEFAULT |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-26] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA-PSS |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [27-Only RSA-PSS Certificate Valid Signature Algorithms] |
| ssl_conf = 27-Only RSA-PSS Certificate Valid Signature Algorithms-ssl |
| |
| [27-Only RSA-PSS Certificate Valid Signature Algorithms-ssl] |
| server = 27-Only RSA-PSS Certificate Valid Signature Algorithms-server |
| client = 27-Only RSA-PSS Certificate Valid Signature Algorithms-client |
| |
| [27-Only RSA-PSS Certificate Valid Signature Algorithms-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem |
| |
| [27-Only RSA-PSS Certificate Valid Signature Algorithms-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = rsa_pss_pss_sha512 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-27] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA-PSS |
| ExpectedServerSignHash = SHA512 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [28-RSA-PSS Certificate, no PSS signature algorithms] |
| ssl_conf = 28-RSA-PSS Certificate, no PSS signature algorithms-ssl |
| |
| [28-RSA-PSS Certificate, no PSS signature algorithms-ssl] |
| server = 28-RSA-PSS Certificate, no PSS signature algorithms-server |
| client = 28-RSA-PSS Certificate, no PSS signature algorithms-client |
| |
| [28-RSA-PSS Certificate, no PSS signature algorithms-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem |
| |
| [28-RSA-PSS Certificate, no PSS signature algorithms-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = RSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-28] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [29-Only RSA-PSS Restricted Certificate] |
| ssl_conf = 29-Only RSA-PSS Restricted Certificate-ssl |
| |
| [29-Only RSA-PSS Restricted Certificate-ssl] |
| server = 29-Only RSA-PSS Restricted Certificate-server |
| client = 29-Only RSA-PSS Restricted Certificate-client |
| |
| [29-Only RSA-PSS Restricted Certificate-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem |
| |
| [29-Only RSA-PSS Restricted Certificate-client] |
| CipherString = DEFAULT |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-29] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA-PSS |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [30-RSA-PSS Restricted Certificate Valid Signature Algorithms] |
| ssl_conf = 30-RSA-PSS Restricted Certificate Valid Signature Algorithms-ssl |
| |
| [30-RSA-PSS Restricted Certificate Valid Signature Algorithms-ssl] |
| server = 30-RSA-PSS Restricted Certificate Valid Signature Algorithms-server |
| client = 30-RSA-PSS Restricted Certificate Valid Signature Algorithms-client |
| |
| [30-RSA-PSS Restricted Certificate Valid Signature Algorithms-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem |
| |
| [30-RSA-PSS Restricted Certificate Valid Signature Algorithms-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = rsa_pss_pss_sha256:rsa_pss_pss_sha512 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-30] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA-PSS |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm] |
| ssl_conf = 31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-ssl |
| |
| [31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-ssl] |
| server = 31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-server |
| client = 31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-client |
| |
| [31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem |
| |
| [31-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = rsa_pss_pss_sha512:rsa_pss_pss_sha256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-31] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA-PSS |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [32-RSA-PSS Restricted Certificate Invalid Signature Algorithms] |
| ssl_conf = 32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-ssl |
| |
| [32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-ssl] |
| server = 32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-server |
| client = 32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-client |
| |
| [32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem |
| |
| [32-RSA-PSS Restricted Certificate Invalid Signature Algorithms-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = rsa_pss_pss_sha512 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-32] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [33-RSA key exchange with only RSA-PSS certificate] |
| ssl_conf = 33-RSA key exchange with only RSA-PSS certificate-ssl |
| |
| [33-RSA key exchange with only RSA-PSS certificate-ssl] |
| server = 33-RSA key exchange with only RSA-PSS certificate-server |
| client = 33-RSA key exchange with only RSA-PSS certificate-client |
| |
| [33-RSA key exchange with only RSA-PSS certificate-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem |
| |
| [33-RSA key exchange with only RSA-PSS certificate-client] |
| CipherString = kRSA |
| MaxProtocol = TLSv1.2 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-33] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [34-Only RSA-PSS Certificate, TLS v1.1] |
| ssl_conf = 34-Only RSA-PSS Certificate, TLS v1.1-ssl |
| |
| [34-Only RSA-PSS Certificate, TLS v1.1-ssl] |
| server = 34-Only RSA-PSS Certificate, TLS v1.1-server |
| client = 34-Only RSA-PSS Certificate, TLS v1.1-client |
| |
| [34-Only RSA-PSS Certificate, TLS v1.1-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem |
| CipherString = DEFAULT:@SECLEVEL=0 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem |
| |
| [34-Only RSA-PSS Certificate, TLS v1.1-client] |
| CipherString = DEFAULT:@SECLEVEL=0 |
| MaxProtocol = TLSv1.1 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-34] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [35-TLS 1.3 ECDSA Signature Algorithm Selection] |
| ssl_conf = 35-TLS 1.3 ECDSA Signature Algorithm Selection-ssl |
| |
| [35-TLS 1.3 ECDSA Signature Algorithm Selection-ssl] |
| server = 35-TLS 1.3 ECDSA Signature Algorithm Selection-server |
| client = 35-TLS 1.3 ECDSA Signature Algorithm Selection-client |
| |
| [35-TLS 1.3 ECDSA Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [35-TLS 1.3 ECDSA Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-35] |
| ExpectedResult = Success |
| ExpectedServerCANames = empty |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point] |
| ssl_conf = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl |
| |
| [36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl] |
| server = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server |
| client = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client |
| |
| [36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-36] |
| ExpectedResult = Success |
| ExpectedServerCANames = empty |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1] |
| ssl_conf = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl |
| |
| [37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl] |
| server = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server |
| client = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client |
| |
| [37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT:@SECLEVEL=0 |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client] |
| CipherString = DEFAULT:@SECLEVEL=0 |
| SignatureAlgorithms = ECDSA+SHA1 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-37] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS] |
| ssl_conf = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl |
| |
| [38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl] |
| server = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server |
| client = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client |
| |
| [38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client] |
| CipherString = DEFAULT |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| SignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-38] |
| ExpectedResult = Success |
| ExpectedServerCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS] |
| ssl_conf = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl |
| |
| [39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl] |
| server = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server |
| client = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client |
| |
| [39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-39] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA |
| ExpectedServerSignHash = SHA384 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate] |
| ssl_conf = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl |
| |
| [40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl] |
| server = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server |
| client = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client |
| |
| [40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-40] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [41-TLS 1.3 RSA Signature Algorithm Selection, no PSS] |
| ssl_conf = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl |
| |
| [41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl] |
| server = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server |
| client = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client |
| |
| [41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = RSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-41] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [42-TLS 1.3 RSA-PSS Signature Algorithm Selection] |
| ssl_conf = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl |
| |
| [42-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl] |
| server = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection-server |
| client = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection-client |
| |
| [42-TLS 1.3 RSA-PSS Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [42-TLS 1.3 RSA-PSS Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = RSA-PSS+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-42] |
| ExpectedResult = Success |
| ExpectedServerCertType = RSA |
| ExpectedServerSignHash = SHA256 |
| ExpectedServerSignType = RSA-PSS |
| |
| |
| # =========================================================== |
| |
| [43-TLS 1.3 RSA Client Auth Signature Algorithm Selection] |
| ssl_conf = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl |
| |
| [43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl] |
| server = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server |
| client = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client |
| |
| [43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ClientSignatureAlgorithms = PSS+SHA256 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyMode = Require |
| |
| [43-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem |
| RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-43] |
| ExpectedClientCANames = empty |
| ExpectedClientCertType = RSA |
| ExpectedClientSignHash = SHA256 |
| ExpectedClientSignType = RSA-PSS |
| ExpectedResult = Success |
| |
| |
| # =========================================================== |
| |
| [44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names] |
| ssl_conf = 44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl |
| |
| [44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl] |
| server = 44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server |
| client = 44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client |
| |
| [44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ClientSignatureAlgorithms = PSS+SHA256 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyMode = Require |
| |
| [44-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client] |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem |
| RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-44] |
| ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| ExpectedClientCertType = RSA |
| ExpectedClientSignHash = SHA256 |
| ExpectedClientSignType = RSA-PSS |
| ExpectedResult = Success |
| |
| |
| # =========================================================== |
| |
| [45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection] |
| ssl_conf = 45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl |
| |
| [45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl] |
| server = 45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server |
| client = 45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client |
| |
| [45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ClientSignatureAlgorithms = ECDSA+SHA256 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyMode = Require |
| |
| [45-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem |
| RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-45] |
| ExpectedClientCertType = P-256 |
| ExpectedClientSignHash = SHA256 |
| ExpectedClientSignType = EC |
| ExpectedResult = Success |
| |
| |
| # =========================================================== |
| |
| [46-TLS 1.3 Ed25519 Signature Algorithm Selection] |
| ssl_conf = 46-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl |
| |
| [46-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl] |
| server = 46-TLS 1.3 Ed25519 Signature Algorithm Selection-server |
| client = 46-TLS 1.3 Ed25519 Signature Algorithm Selection-client |
| |
| [46-TLS 1.3 Ed25519 Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [46-TLS 1.3 Ed25519 Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ed25519 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-46] |
| ExpectedResult = Success |
| ExpectedServerCertType = Ed25519 |
| ExpectedServerSignType = Ed25519 |
| |
| |
| # =========================================================== |
| |
| [47-TLS 1.3 Ed448 Signature Algorithm Selection] |
| ssl_conf = 47-TLS 1.3 Ed448 Signature Algorithm Selection-ssl |
| |
| [47-TLS 1.3 Ed448 Signature Algorithm Selection-ssl] |
| server = 47-TLS 1.3 Ed448 Signature Algorithm Selection-server |
| client = 47-TLS 1.3 Ed448 Signature Algorithm Selection-client |
| |
| [47-TLS 1.3 Ed448 Signature Algorithm Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [47-TLS 1.3 Ed448 Signature Algorithm Selection-client] |
| CipherString = DEFAULT |
| SignatureAlgorithms = ed448 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-ed448-cert.pem |
| VerifyMode = Peer |
| |
| [test-47] |
| ExpectedResult = Success |
| ExpectedServerCertType = Ed448 |
| ExpectedServerSignType = Ed448 |
| |
| |
| # =========================================================== |
| |
| [48-TLS 1.3 Ed25519 CipherString and Groups Selection] |
| ssl_conf = 48-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl |
| |
| [48-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl] |
| server = 48-TLS 1.3 Ed25519 CipherString and Groups Selection-server |
| client = 48-TLS 1.3 Ed25519 CipherString and Groups Selection-client |
| |
| [48-TLS 1.3 Ed25519 CipherString and Groups Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [48-TLS 1.3 Ed25519 CipherString and Groups Selection-client] |
| CipherString = DEFAULT |
| Groups = X25519 |
| SignatureAlgorithms = ECDSA+SHA256:ed25519 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-48] |
| ExpectedResult = Success |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [49-TLS 1.3 Ed448 CipherString and Groups Selection] |
| ssl_conf = 49-TLS 1.3 Ed448 CipherString and Groups Selection-ssl |
| |
| [49-TLS 1.3 Ed448 CipherString and Groups Selection-ssl] |
| server = 49-TLS 1.3 Ed448 CipherString and Groups Selection-server |
| client = 49-TLS 1.3 Ed448 CipherString and Groups Selection-client |
| |
| [49-TLS 1.3 Ed448 CipherString and Groups Selection-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
| ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
| Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem |
| Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem |
| Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem |
| Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [49-TLS 1.3 Ed448 CipherString and Groups Selection-client] |
| CipherString = DEFAULT |
| Groups = X448 |
| SignatureAlgorithms = ECDSA+SHA256:ed448 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-49] |
| ExpectedResult = Success |
| ExpectedServerCertType = P-256 |
| ExpectedServerSignType = EC |
| |
| |
| # =========================================================== |
| |
| [50-TLS 1.3 Ed25519 Client Auth] |
| ssl_conf = 50-TLS 1.3 Ed25519 Client Auth-ssl |
| |
| [50-TLS 1.3 Ed25519 Client Auth-ssl] |
| server = 50-TLS 1.3 Ed25519 Client Auth-server |
| client = 50-TLS 1.3 Ed25519 Client Auth-client |
| |
| [50-TLS 1.3 Ed25519 Client Auth-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyMode = Require |
| |
| [50-TLS 1.3 Ed25519 Client Auth-client] |
| CipherString = DEFAULT |
| EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem |
| EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-50] |
| ExpectedClientCertType = Ed25519 |
| ExpectedClientSignType = Ed25519 |
| ExpectedResult = Success |
| |
| |
| # =========================================================== |
| |
| [51-TLS 1.3 Ed448 Client Auth] |
| ssl_conf = 51-TLS 1.3 Ed448 Client Auth-ssl |
| |
| [51-TLS 1.3 Ed448 Client Auth-ssl] |
| server = 51-TLS 1.3 Ed448 Client Auth-server |
| client = 51-TLS 1.3 Ed448 Client Auth-client |
| |
| [51-TLS 1.3 Ed448 Client Auth-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyMode = Require |
| |
| [51-TLS 1.3 Ed448 Client Auth-client] |
| CipherString = DEFAULT |
| EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem |
| EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-51] |
| ExpectedClientCertType = Ed448 |
| ExpectedClientSignType = Ed448 |
| ExpectedResult = Success |
| |
| |
| # =========================================================== |
| |
| [52-TLS 1.3 ECDSA with brainpool but no suitable groups] |
| ssl_conf = 52-TLS 1.3 ECDSA with brainpool but no suitable groups-ssl |
| |
| [52-TLS 1.3 ECDSA with brainpool but no suitable groups-ssl] |
| server = 52-TLS 1.3 ECDSA with brainpool but no suitable groups-server |
| client = 52-TLS 1.3 ECDSA with brainpool but no suitable groups-client |
| |
| [52-TLS 1.3 ECDSA with brainpool but no suitable groups-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem |
| CipherString = DEFAULT |
| Groups = brainpoolP256r1 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem |
| |
| [52-TLS 1.3 ECDSA with brainpool but no suitable groups-client] |
| CipherString = aECDSA |
| Groups = brainpoolP256r1 |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-52] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [53-TLS 1.3 ECDSA with brainpool] |
| ssl_conf = 53-TLS 1.3 ECDSA with brainpool-ssl |
| |
| [53-TLS 1.3 ECDSA with brainpool-ssl] |
| server = 53-TLS 1.3 ECDSA with brainpool-server |
| client = 53-TLS 1.3 ECDSA with brainpool-client |
| |
| [53-TLS 1.3 ECDSA with brainpool-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem |
| CipherString = DEFAULT |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem |
| |
| [53-TLS 1.3 ECDSA with brainpool-client] |
| CipherString = DEFAULT |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-53] |
| ExpectedResult = Success |
| |
| |
| # =========================================================== |
| |
| [54-TLS 1.2 DSA Certificate Test] |
| ssl_conf = 54-TLS 1.2 DSA Certificate Test-ssl |
| |
| [54-TLS 1.2 DSA Certificate Test-ssl] |
| server = 54-TLS 1.2 DSA Certificate Test-server |
| client = 54-TLS 1.2 DSA Certificate Test-client |
| |
| [54-TLS 1.2 DSA Certificate Test-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = ALL |
| DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem |
| DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem |
| DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem |
| MaxProtocol = TLSv1.2 |
| MinProtocol = TLSv1.2 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [54-TLS 1.2 DSA Certificate Test-client] |
| CipherString = ALL |
| SignatureAlgorithms = DSA+SHA256:DSA+SHA1 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-54] |
| ExpectedResult = Success |
| |
| |
| # =========================================================== |
| |
| [55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms] |
| ssl_conf = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl |
| |
| [55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl] |
| server = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server |
| client = 55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client |
| |
| [55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = DEFAULT |
| ClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
| VerifyMode = Request |
| |
| [55-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client] |
| CipherString = DEFAULT |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-55] |
| ExpectedResult = ServerFail |
| |
| |
| # =========================================================== |
| |
| [56-TLS 1.3 DSA Certificate Test] |
| ssl_conf = 56-TLS 1.3 DSA Certificate Test-ssl |
| |
| [56-TLS 1.3 DSA Certificate Test-ssl] |
| server = 56-TLS 1.3 DSA Certificate Test-server |
| client = 56-TLS 1.3 DSA Certificate Test-client |
| |
| [56-TLS 1.3 DSA Certificate Test-server] |
| Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem |
| CipherString = ALL |
| DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem |
| DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem |
| MaxProtocol = TLSv1.3 |
| MinProtocol = TLSv1.3 |
| PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
| |
| [56-TLS 1.3 DSA Certificate Test-client] |
| CipherString = ALL |
| SignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256 |
| VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
| VerifyMode = Peer |
| |
| [test-56] |
| ExpectedResult = ServerFail |
| |
| |