| # -*- mode: perl; -*- |
| # Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. |
| # |
| # Licensed under the Apache License 2.0 (the "License"). You may not use |
| # this file except in compliance with the License. You can obtain a copy |
| # in the file LICENSE in the source distribution or at |
| # https://www.openssl.org/source/license.html |
| |
| |
| ## Test version negotiation |
| |
| use strict; |
| use warnings; |
| |
| package ssltests; |
| use OpenSSL::Test::Utils; |
| |
| our $fips_mode; |
| |
| our @tests = ( |
| { |
| name => "cipher-server-1", |
| server => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", |
| }, |
| client => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384" |
| }, |
| test => { |
| "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", |
| }, |
| }, |
| { |
| name => "cipher-server-2", |
| server => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", |
| }, |
| client => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES128-SHA256" |
| }, |
| test => { |
| "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256", |
| }, |
| }, |
| { |
| name => "cipher-server-client-list", |
| server => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", |
| }, |
| client => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", |
| }, |
| test => { |
| "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256", |
| }, |
| }, |
| { |
| name => "cipher-server-pref-1", |
| server => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", |
| "Options" => "ServerPreference", |
| }, |
| client => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384" |
| }, |
| test => { |
| "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", |
| }, |
| }, |
| { |
| name => "cipher-server-pref-2", |
| server => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", |
| "Options" => "ServerPreference", |
| }, |
| client => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES128-SHA256" |
| }, |
| test => { |
| "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256", |
| }, |
| }, |
| { |
| name => "cipher-server-pref-client-list", |
| server => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", |
| "Options" => "ServerPreference", |
| }, |
| client => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", |
| }, |
| test => { |
| "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", |
| }, |
| }, |
| { |
| name => "cipher-server-pref-not-mobile", |
| server => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305", |
| "Options" => "ServerPreference", |
| }, |
| client => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", |
| }, |
| test => { |
| "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", |
| }, |
| }, |
| { |
| name => "cipher-server-pref-mobile", |
| server => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305", |
| "Options" => "ServerPreference,PrioritizeChaCha", |
| }, |
| client => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305", |
| }, |
| test => { |
| "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", |
| }, |
| }, |
| ); |
| |
| my @tests_poly1305 = ( |
| { |
| name => "cipher-server-pref-mobile2", |
| server => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305", |
| "Options" => "ServerPreference,PrioritizeChaCha", |
| }, |
| client => { |
| "MaxProtocol" => "TLSv1.2", |
| "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", |
| }, |
| test => { |
| "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305", |
| }, |
| }, |
| ); |
| |
| push @tests, @tests_poly1305 |
| unless disabled("poly1305") || disabled("chacha") || $fips_mode; |