Google Git
Sign in
flutter / third_party / openssl / 0e2c7b3ee374bb78785095589a4b0c33bca4b9c3 / . / test / ssl-tests / 20-cert-select.conf
blob: 72ce42574b423c6a067f5f0635e4f65254301c07 [file] [log] [blame]
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]1# Generated with generate_ssl_tests.pl
2
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]3num_tests = 8
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]4
5test-0 = 0-ECDSA CipherString Selection
6test-1 = 1-RSA CipherString Selection
7test-2 = 2-ECDSA CipherString Selection, no ECDSA certificate
8test-3 = 3-ECDSA Signature Algorithm Selection
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]9test-4 = 4-ECDSA Signature Algorithm Selection SHA384
10test-5 = 5-ECDSA Signature Algorithm Selection, no ECDSA certificate
11test-6 = 6-RSA Signature Algorithm Selection
12test-7 = 7-RSA-PSS Signature Algorithm Selection
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]13# ===========================================================
14
15[0-ECDSA CipherString Selection]
16ssl_conf = 0-ECDSA CipherString Selection-ssl
17
18[0-ECDSA CipherString Selection-ssl]
19server = 0-ECDSA CipherString Selection-server
20client = 0-ECDSA CipherString Selection-client
21
22[0-ECDSA CipherString Selection-server]
23Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
24CipherString = DEFAULT
25ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
26ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
27MaxProtocol = TLSv1.2
28PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
29
30[0-ECDSA CipherString Selection-client]
31CipherString = aECDSA
32VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
33VerifyMode = Peer
34
35[test-0]
36ExpectedResult = Success
37ExpectedServerCertType = P-256
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]38ExpectedServerSignType = EC
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]39
40
41# ===========================================================
42
43[1-RSA CipherString Selection]
44ssl_conf = 1-RSA CipherString Selection-ssl
45
46[1-RSA CipherString Selection-ssl]
47server = 1-RSA CipherString Selection-server
48client = 1-RSA CipherString Selection-client
49
50[1-RSA CipherString Selection-server]
51Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
52CipherString = DEFAULT
53ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
54ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
55MaxProtocol = TLSv1.2
56PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
57
58[1-RSA CipherString Selection-client]
59CipherString = aRSA
60VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
61VerifyMode = Peer
62
63[test-1]
64ExpectedResult = Success
65ExpectedServerCertType = RSA
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]66ExpectedServerSignType = RSA-PSS
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]67
68
69# ===========================================================
70
71[2-ECDSA CipherString Selection, no ECDSA certificate]
72ssl_conf = 2-ECDSA CipherString Selection, no ECDSA certificate-ssl
73
74[2-ECDSA CipherString Selection, no ECDSA certificate-ssl]
75server = 2-ECDSA CipherString Selection, no ECDSA certificate-server
76client = 2-ECDSA CipherString Selection, no ECDSA certificate-client
77
78[2-ECDSA CipherString Selection, no ECDSA certificate-server]
79Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
80CipherString = DEFAULT
Dr. Stephen Henson0e2c7b32017-02-02 12:34:22 +0000[diff] [blame^]81MaxProtocol = TLSv1.2
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]82PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
83
84[2-ECDSA CipherString Selection, no ECDSA certificate-client]
85CipherString = aECDSA
86VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
87VerifyMode = Peer
88
89[test-2]
90ExpectedResult = ServerFail
91
92
93# ===========================================================
94
95[3-ECDSA Signature Algorithm Selection]
96ssl_conf = 3-ECDSA Signature Algorithm Selection-ssl
97
98[3-ECDSA Signature Algorithm Selection-ssl]
99server = 3-ECDSA Signature Algorithm Selection-server
100client = 3-ECDSA Signature Algorithm Selection-client
101
102[3-ECDSA Signature Algorithm Selection-server]
103Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
104CipherString = DEFAULT
105ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
106ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
107MaxProtocol = TLSv1.2
108PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
109
110[3-ECDSA Signature Algorithm Selection-client]
111CipherString = DEFAULT
112SignatureAlgorithms = ECDSA+SHA256
113VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
114VerifyMode = Peer
115
116[test-3]
117ExpectedResult = Success
118ExpectedServerCertType = P-256
Dr. Stephen Henson062540c2017-01-15 15:59:48 +0000[diff] [blame]119ExpectedServerSignHash = SHA256
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]120ExpectedServerSignType = EC
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]121
122
123# ===========================================================
124
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]125[4-ECDSA Signature Algorithm Selection SHA384]
126ssl_conf = 4-ECDSA Signature Algorithm Selection SHA384-ssl
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]127
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]128[4-ECDSA Signature Algorithm Selection SHA384-ssl]
129server = 4-ECDSA Signature Algorithm Selection SHA384-server
130client = 4-ECDSA Signature Algorithm Selection SHA384-client
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]131
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]132[4-ECDSA Signature Algorithm Selection SHA384-server]
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]133Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
134CipherString = DEFAULT
135ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
136ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
137MaxProtocol = TLSv1.2
138PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
139
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]140[4-ECDSA Signature Algorithm Selection SHA384-client]
141CipherString = DEFAULT
142SignatureAlgorithms = ECDSA+SHA384
143VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
144VerifyMode = Peer
145
146[test-4]
147ExpectedResult = Success
148ExpectedServerCertType = P-256
149ExpectedServerSignHash = SHA384
150ExpectedServerSignType = EC
151
152
153# ===========================================================
154
155[5-ECDSA Signature Algorithm Selection, no ECDSA certificate]
156ssl_conf = 5-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
157
158[5-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
159server = 5-ECDSA Signature Algorithm Selection, no ECDSA certificate-server
160client = 5-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
161
162[5-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
163Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
164CipherString = DEFAULT
Dr. Stephen Henson0e2c7b32017-02-02 12:34:22 +0000[diff] [blame^]165MaxProtocol = TLSv1.2
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]166PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
167
168[5-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
169CipherString = DEFAULT
170SignatureAlgorithms = ECDSA+SHA256
171VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
172VerifyMode = Peer
173
174[test-5]
175ExpectedResult = ServerFail
176
177
178# ===========================================================
179
180[6-RSA Signature Algorithm Selection]
181ssl_conf = 6-RSA Signature Algorithm Selection-ssl
182
183[6-RSA Signature Algorithm Selection-ssl]
184server = 6-RSA Signature Algorithm Selection-server
185client = 6-RSA Signature Algorithm Selection-client
186
187[6-RSA Signature Algorithm Selection-server]
188Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
189CipherString = DEFAULT
190ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
191ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
192MaxProtocol = TLSv1.2
193PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
194
195[6-RSA Signature Algorithm Selection-client]
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]196CipherString = DEFAULT
197SignatureAlgorithms = RSA+SHA256
198VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
199VerifyMode = Peer
200
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]201[test-6]
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]202ExpectedResult = Success
203ExpectedServerCertType = RSA
Dr. Stephen Henson062540c2017-01-15 15:59:48 +0000[diff] [blame]204ExpectedServerSignHash = SHA256
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]205ExpectedServerSignType = RSA
206
207
208# ===========================================================
209
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]210[7-RSA-PSS Signature Algorithm Selection]
211ssl_conf = 7-RSA-PSS Signature Algorithm Selection-ssl
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]212
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]213[7-RSA-PSS Signature Algorithm Selection-ssl]
214server = 7-RSA-PSS Signature Algorithm Selection-server
215client = 7-RSA-PSS Signature Algorithm Selection-client
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]216
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]217[7-RSA-PSS Signature Algorithm Selection-server]
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]218Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
219CipherString = DEFAULT
220ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
221ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
222MaxProtocol = TLSv1.2
223PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
224
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]225[7-RSA-PSS Signature Algorithm Selection-client]
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]226CipherString = DEFAULT
227SignatureAlgorithms = RSA-PSS+SHA256
228VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
229VerifyMode = Peer
230
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]231[test-7]
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]232ExpectedResult = Success
233ExpectedServerCertType = RSA
234ExpectedServerSignHash = SHA256
235ExpectedServerSignType = RSA-PSS
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]236
237