Google Git
Sign in
flutter / third_party / openssl / 64e2b23ce3b75fc6c73ac8c979894e190c9e78d1 / . / test / ssl-tests / 20-cert-select.conf
blob: e787efc5f06c85630c916a55bcc3bac35546ec1a [file] [log] [blame]
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]1# Generated with generate_ssl_tests.pl
2
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]3num_tests = 13
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]4
5test-0 = 0-ECDSA CipherString Selection
6test-1 = 1-RSA CipherString Selection
7test-2 = 2-ECDSA CipherString Selection, no ECDSA certificate
8test-3 = 3-ECDSA Signature Algorithm Selection
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]9test-4 = 4-ECDSA Signature Algorithm Selection SHA384
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]10test-5 = 5-ECDSA Signature Algorithm Selection SHA1
11test-6 = 6-ECDSA Signature Algorithm Selection compressed point
12test-7 = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate
13test-8 = 8-RSA Signature Algorithm Selection
14test-9 = 9-RSA-PSS Signature Algorithm Selection
15test-10 = 10-Suite B P-256 Hash Algorithm Selection
16test-11 = 11-Suite B P-384 Hash Algorithm Selection
17test-12 = 12-TLS 1.2 DSA Certificate Test
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]18# ===========================================================
19
20[0-ECDSA CipherString Selection]
21ssl_conf = 0-ECDSA CipherString Selection-ssl
22
23[0-ECDSA CipherString Selection-ssl]
24server = 0-ECDSA CipherString Selection-server
25client = 0-ECDSA CipherString Selection-client
26
27[0-ECDSA CipherString Selection-server]
28Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
29CipherString = DEFAULT
30ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
31ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
32MaxProtocol = TLSv1.2
33PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
34
35[0-ECDSA CipherString Selection-client]
36CipherString = aECDSA
37VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
38VerifyMode = Peer
39
40[test-0]
41ExpectedResult = Success
42ExpectedServerCertType = P-256
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]43ExpectedServerSignType = EC
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]44
45
46# ===========================================================
47
48[1-RSA CipherString Selection]
49ssl_conf = 1-RSA CipherString Selection-ssl
50
51[1-RSA CipherString Selection-ssl]
52server = 1-RSA CipherString Selection-server
53client = 1-RSA CipherString Selection-client
54
55[1-RSA CipherString Selection-server]
56Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
57CipherString = DEFAULT
58ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
59ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
60MaxProtocol = TLSv1.2
61PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
62
63[1-RSA CipherString Selection-client]
64CipherString = aRSA
65VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
66VerifyMode = Peer
67
68[test-1]
69ExpectedResult = Success
70ExpectedServerCertType = RSA
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]71ExpectedServerSignType = RSA-PSS
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]72
73
74# ===========================================================
75
76[2-ECDSA CipherString Selection, no ECDSA certificate]
77ssl_conf = 2-ECDSA CipherString Selection, no ECDSA certificate-ssl
78
79[2-ECDSA CipherString Selection, no ECDSA certificate-ssl]
80server = 2-ECDSA CipherString Selection, no ECDSA certificate-server
81client = 2-ECDSA CipherString Selection, no ECDSA certificate-client
82
83[2-ECDSA CipherString Selection, no ECDSA certificate-server]
84Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
85CipherString = DEFAULT
Dr. Stephen Henson0e2c7b32017-02-02 12:34:22 +0000[diff] [blame]86MaxProtocol = TLSv1.2
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]87PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
88
89[2-ECDSA CipherString Selection, no ECDSA certificate-client]
90CipherString = aECDSA
91VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
92VerifyMode = Peer
93
94[test-2]
95ExpectedResult = ServerFail
96
97
98# ===========================================================
99
100[3-ECDSA Signature Algorithm Selection]
101ssl_conf = 3-ECDSA Signature Algorithm Selection-ssl
102
103[3-ECDSA Signature Algorithm Selection-ssl]
104server = 3-ECDSA Signature Algorithm Selection-server
105client = 3-ECDSA Signature Algorithm Selection-client
106
107[3-ECDSA Signature Algorithm Selection-server]
108Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
109CipherString = DEFAULT
110ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
111ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
112MaxProtocol = TLSv1.2
113PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
114
115[3-ECDSA Signature Algorithm Selection-client]
116CipherString = DEFAULT
117SignatureAlgorithms = ECDSA+SHA256
118VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
119VerifyMode = Peer
120
121[test-3]
122ExpectedResult = Success
123ExpectedServerCertType = P-256
Dr. Stephen Henson062540c2017-01-15 15:59:48 +0000[diff] [blame]124ExpectedServerSignHash = SHA256
Dr. Stephen Hensona92e7102017-01-27 15:56:47 +0000[diff] [blame]125ExpectedServerSignType = EC
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]126
127
128# ===========================================================
129
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]130[4-ECDSA Signature Algorithm Selection SHA384]
131ssl_conf = 4-ECDSA Signature Algorithm Selection SHA384-ssl
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]132
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]133[4-ECDSA Signature Algorithm Selection SHA384-ssl]
134server = 4-ECDSA Signature Algorithm Selection SHA384-server
135client = 4-ECDSA Signature Algorithm Selection SHA384-client
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]136
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]137[4-ECDSA Signature Algorithm Selection SHA384-server]
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]138Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
139CipherString = DEFAULT
140ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
141ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
142MaxProtocol = TLSv1.2
143PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
144
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]145[4-ECDSA Signature Algorithm Selection SHA384-client]
146CipherString = DEFAULT
147SignatureAlgorithms = ECDSA+SHA384
148VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
149VerifyMode = Peer
150
151[test-4]
152ExpectedResult = Success
153ExpectedServerCertType = P-256
154ExpectedServerSignHash = SHA384
155ExpectedServerSignType = EC
156
157
158# ===========================================================
159
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]160[5-ECDSA Signature Algorithm Selection SHA1]
161ssl_conf = 5-ECDSA Signature Algorithm Selection SHA1-ssl
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]162
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]163[5-ECDSA Signature Algorithm Selection SHA1-ssl]
164server = 5-ECDSA Signature Algorithm Selection SHA1-server
165client = 5-ECDSA Signature Algorithm Selection SHA1-client
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]166
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]167[5-ECDSA Signature Algorithm Selection SHA1-server]
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]168Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
169CipherString = DEFAULT
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]170ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
171ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
Dr. Stephen Henson0e2c7b32017-02-02 12:34:22 +0000[diff] [blame]172MaxProtocol = TLSv1.2
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]173PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
174
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]175[5-ECDSA Signature Algorithm Selection SHA1-client]
176CipherString = DEFAULT
177SignatureAlgorithms = ECDSA+SHA1
178VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
179VerifyMode = Peer
180
181[test-5]
182ExpectedResult = Success
183ExpectedServerCertType = P-256
184ExpectedServerSignHash = SHA1
185ExpectedServerSignType = EC
186
187
188# ===========================================================
189
190[6-ECDSA Signature Algorithm Selection compressed point]
191ssl_conf = 6-ECDSA Signature Algorithm Selection compressed point-ssl
192
193[6-ECDSA Signature Algorithm Selection compressed point-ssl]
194server = 6-ECDSA Signature Algorithm Selection compressed point-server
195client = 6-ECDSA Signature Algorithm Selection compressed point-client
196
197[6-ECDSA Signature Algorithm Selection compressed point-server]
198Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
199CipherString = DEFAULT
200ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
201ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem
202MaxProtocol = TLSv1.2
203PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
204
205[6-ECDSA Signature Algorithm Selection compressed point-client]
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]206CipherString = DEFAULT
207SignatureAlgorithms = ECDSA+SHA256
208VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
209VerifyMode = Peer
210
Dr. Stephen Henson53f08732017-02-01 13:29:45 +0000[diff] [blame]211[test-6]
Dr. Stephen Hensonedb8a5e2017-01-12 14:52:31 +0000[diff] [blame]212ExpectedResult = Success
Dr. Stephen Henson9f577cd2017-02-24 15:47:54 +0000[diff] [blame]213ExpectedServerCertType = P-256
214ExpectedServerSignHash = SHA256
215ExpectedServerSignType = EC
216
217
218# ===========================================================
219
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]220[7-ECDSA Signature Algorithm Selection, no ECDSA certificate]
221ssl_conf = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
Dr. Stephen Henson9f577cd2017-02-24 15:47:54 +0000[diff] [blame]222
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]223[7-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
224server = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate-server
225client = 7-ECDSA Signature Algorithm Selection, no ECDSA certificate-client
Dr. Stephen Henson9f577cd2017-02-24 15:47:54 +0000[diff] [blame]226
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]227[7-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
228Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
229CipherString = DEFAULT
230MaxProtocol = TLSv1.2
231PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
232
233[7-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
234CipherString = DEFAULT
235SignatureAlgorithms = ECDSA+SHA256
236VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
237VerifyMode = Peer
238
239[test-7]
240ExpectedResult = ServerFail
241
242
243# ===========================================================
244
245[8-RSA Signature Algorithm Selection]
246ssl_conf = 8-RSA Signature Algorithm Selection-ssl
247
248[8-RSA Signature Algorithm Selection-ssl]
249server = 8-RSA Signature Algorithm Selection-server
250client = 8-RSA Signature Algorithm Selection-client
251
252[8-RSA Signature Algorithm Selection-server]
253Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
254CipherString = DEFAULT
255ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
256ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
257MaxProtocol = TLSv1.2
258PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
259
260[8-RSA Signature Algorithm Selection-client]
261CipherString = DEFAULT
262SignatureAlgorithms = RSA+SHA256
263VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
264VerifyMode = Peer
265
266[test-8]
267ExpectedResult = Success
268ExpectedServerCertType = RSA
269ExpectedServerSignHash = SHA256
270ExpectedServerSignType = RSA
271
272
273# ===========================================================
274
275[9-RSA-PSS Signature Algorithm Selection]
276ssl_conf = 9-RSA-PSS Signature Algorithm Selection-ssl
277
278[9-RSA-PSS Signature Algorithm Selection-ssl]
279server = 9-RSA-PSS Signature Algorithm Selection-server
280client = 9-RSA-PSS Signature Algorithm Selection-client
281
282[9-RSA-PSS Signature Algorithm Selection-server]
283Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
284CipherString = DEFAULT
285ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
286ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
287MaxProtocol = TLSv1.2
288PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
289
290[9-RSA-PSS Signature Algorithm Selection-client]
291CipherString = DEFAULT
292SignatureAlgorithms = RSA-PSS+SHA256
293VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
294VerifyMode = Peer
295
296[test-9]
297ExpectedResult = Success
298ExpectedServerCertType = RSA
299ExpectedServerSignHash = SHA256
300ExpectedServerSignType = RSA-PSS
301
302
303# ===========================================================
304
305[10-Suite B P-256 Hash Algorithm Selection]
306ssl_conf = 10-Suite B P-256 Hash Algorithm Selection-ssl
307
308[10-Suite B P-256 Hash Algorithm Selection-ssl]
309server = 10-Suite B P-256 Hash Algorithm Selection-server
310client = 10-Suite B P-256 Hash Algorithm Selection-client
311
312[10-Suite B P-256 Hash Algorithm Selection-server]
313Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
314CipherString = SUITEB128
315ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem
316ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p256-server-key.pem
317MaxProtocol = TLSv1.2
318PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
319
320[10-Suite B P-256 Hash Algorithm Selection-client]
321CipherString = DEFAULT
322SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256
323VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
324VerifyMode = Peer
325
326[test-10]
327ExpectedResult = Success
328ExpectedServerCertType = P-256
329ExpectedServerSignHash = SHA256
330ExpectedServerSignType = EC
331
332
333# ===========================================================
334
335[11-Suite B P-384 Hash Algorithm Selection]
336ssl_conf = 11-Suite B P-384 Hash Algorithm Selection-ssl
337
338[11-Suite B P-384 Hash Algorithm Selection-ssl]
339server = 11-Suite B P-384 Hash Algorithm Selection-server
340client = 11-Suite B P-384 Hash Algorithm Selection-client
341
342[11-Suite B P-384 Hash Algorithm Selection-server]
Dr. Stephen Henson9f577cd2017-02-24 15:47:54 +0000[diff] [blame]343Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
344CipherString = SUITEB128
345ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
346ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem
347MaxProtocol = TLSv1.2
348PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
349
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]350[11-Suite B P-384 Hash Algorithm Selection-client]
Dr. Stephen Henson9f577cd2017-02-24 15:47:54 +0000[diff] [blame]351CipherString = DEFAULT
352SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384
353VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
354VerifyMode = Peer
355
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]356[test-11]
Dr. Stephen Henson9f577cd2017-02-24 15:47:54 +0000[diff] [blame]357ExpectedResult = Success
358ExpectedServerCertType = P-384
359ExpectedServerSignHash = SHA384
360ExpectedServerSignType = EC
361
362
363# ===========================================================
364
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]365[12-TLS 1.2 DSA Certificate Test]
366ssl_conf = 12-TLS 1.2 DSA Certificate Test-ssl
Dr. Stephen Henson9f577cd2017-02-24 15:47:54 +0000[diff] [blame]367
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]368[12-TLS 1.2 DSA Certificate Test-ssl]
369server = 12-TLS 1.2 DSA Certificate Test-server
370client = 12-TLS 1.2 DSA Certificate Test-client
Dr. Stephen Henson9f577cd2017-02-24 15:47:54 +0000[diff] [blame]371
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]372[12-TLS 1.2 DSA Certificate Test-server]
Dr. Stephen Henson7a08b762017-02-17 15:28:36 +0000[diff] [blame]373Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
374CipherString = ALL
375DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem
376DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
377DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem
378MaxProtocol = TLSv1.2
379MinProtocol = TLSv1.2
380PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
381
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]382[12-TLS 1.2 DSA Certificate Test-client]
Dr. Stephen Henson7a08b762017-02-17 15:28:36 +0000[diff] [blame]383CipherString = ALL
384SignatureAlgorithms = DSA+SHA256:DSA+SHA1
385VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
386VerifyMode = Peer
387
Dr. Stephen Hensonc7493082017-02-25 00:40:55 +0000[diff] [blame]388[test-12]
Dr. Stephen Henson7a08b762017-02-17 15:28:36 +0000[diff] [blame]389ExpectedResult = Success
390
391