Google Git
Sign in
flutter/third_party/openssl/edb8a5eb54ee54452a410a6072c584ee94ed3ebb^!/./test/ssl-tests/20-cert-select.conf.in
commit
edb8a5eb54ee54452a410a6072c584ee94ed3ebb
[log]
author
Dr. Stephen Henson <steve@openssl.org>
Thu Jan 12 14:52:31 2017 +0000
committer
Dr. Stephen Henson <steve@openssl.org>
Sun Jan 15 00:23:34 2017 +0000
tree
0857d195c80bb2af09ddbd40c41a591c6e4bd3e4
parent
7289ab49d1c04cd9065429f75be028d7439d8248 [diff] [blame]
Add certificate selection tests.

Add certifcate selection tests: the certificate type is selected by cipher
string and signature algorithm.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2224)
diff --git a/test/ssl-tests/20-cert-select.conf.in b/test/ssl-tests/20-cert-select.conf.in
new file mode 100644
index 0000000..d348491
--- /dev/null
+++ b/test/ssl-tests/20-cert-select.conf.in

@@ -0,0 +1,87 @@
+# -*- mode: perl; -*-
+
+## SSL test configurations
+
+package ssltests;
+
+use strict;
+use warnings;
+
+use OpenSSL::Test;
+use OpenSSL::Test::Utils qw(anydisabled);
+
+my $dir_sep = $^O ne "VMS" ? "/" : "";
+
+my $server = {
+    "ECDSA.Certificate" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-cert.pem",
+    "ECDSA.PrivateKey" => "\${ENV::TEST_CERTS_DIR}${dir_sep}server-ecdsa-key.pem",
+    # TODO: add test cases for TLSv1.3
+    "MaxProtocol" => "TLSv1.2"
+};
+
+our @tests = (
+    {
+        name => "ECDSA CipherString Selection",
+        server => $server,
+        client => {
+            "CipherString" => "aECDSA",
+        },
+        test   => {
+            "ExpectedServerCertType" =>, "P-256",
+            "ExpectedResult" => "Success"
+        },
+    },
+    {
+        name => "RSA CipherString Selection",
+        server => $server,
+        client => {
+            "CipherString" => "aRSA",
+        },
+        test   => {
+            "ExpectedServerCertType" =>, "RSA",
+            "ExpectedResult" => "Success"
+        },
+    },
+    {
+        name => "ECDSA CipherString Selection, no ECDSA certificate",
+        server => { },
+        client => {
+            "CipherString" => "aECDSA"
+        },
+        test   => {
+            "ExpectedResult" => "ServerFail"
+        },
+    },
+    {
+        name => "ECDSA Signature Algorithm Selection",
+        server => $server,
+        client => {
+            "SignatureAlgorithms" => "ECDSA+SHA256",
+        },
+        test   => {
+            "ExpectedServerCertType" =>, "P-256",
+            "ExpectedResult" => "Success"
+        },
+    },
+    {
+        name => "ECDSA Signature Algorithm Selection, no ECDSA certificate",
+        server => { },
+        client => {
+            "SignatureAlgorithms" => "ECDSA+SHA256",
+        },
+        test   => {
+            "ExpectedResult" => "ServerFail"
+        },
+    },
+    {
+        name => "RSA Signature Algorithm Selection",
+        server => $server,
+        client => {
+            "SignatureAlgorithms" => "RSA+SHA256",
+        },
+        test   => {
+            "ExpectedServerCertType" =>, "RSA",
+            "ExpectedResult" => "Success"
+        },
+    }
+);