Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
查找文件 普通视图历史永久链接Permalink
20-cert-select.conf 5.1 KB
Newer Older
D
Add certificate selection tests.  
Dr. Stephen Henson 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 
# Generated with generate_ssl_tests.pl

num_tests = 6

test-0 = 0-ECDSA CipherString Selection
test-1 = 1-RSA CipherString Selection
test-2 = 2-ECDSA CipherString Selection, no ECDSA certificate
test-3 = 3-ECDSA Signature Algorithm Selection
test-4 = 4-ECDSA Signature Algorithm Selection, no ECDSA certificate
test-5 = 5-RSA Signature Algorithm Selection
# ===========================================================

[0-ECDSA CipherString Selection]
ssl_conf = 0-ECDSA CipherString Selection-ssl

[0-ECDSA CipherString Selection-ssl]
server = 0-ECDSA CipherString Selection-server
client = 0-ECDSA CipherString Selection-client

[0-ECDSA CipherString Selection-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

[0-ECDSA CipherString Selection-client]
CipherString = aECDSA
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer

[test-0]
ExpectedResult = Success
ExpectedServerCertType = P-256


# ===========================================================

[1-RSA CipherString Selection]
ssl_conf = 1-RSA CipherString Selection-ssl

[1-RSA CipherString Selection-ssl]
server = 1-RSA CipherString Selection-server
client = 1-RSA CipherString Selection-client

[1-RSA CipherString Selection-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

[1-RSA CipherString Selection-client]
CipherString = aRSA
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer

[test-1]
ExpectedResult = Success
ExpectedServerCertType = RSA


# ===========================================================

[2-ECDSA CipherString Selection, no ECDSA certificate]
ssl_conf = 2-ECDSA CipherString Selection, no ECDSA certificate-ssl

[2-ECDSA CipherString Selection, no ECDSA certificate-ssl]
server = 2-ECDSA CipherString Selection, no ECDSA certificate-server
client = 2-ECDSA CipherString Selection, no ECDSA certificate-client

[2-ECDSA CipherString Selection, no ECDSA certificate-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

[2-ECDSA CipherString Selection, no ECDSA certificate-client]
CipherString = aECDSA
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer

[test-2]
ExpectedResult = ServerFail


# ===========================================================

[3-ECDSA Signature Algorithm Selection]
ssl_conf = 3-ECDSA Signature Algorithm Selection-ssl

[3-ECDSA Signature Algorithm Selection-ssl]
server = 3-ECDSA Signature Algorithm Selection-server
client = 3-ECDSA Signature Algorithm Selection-client

[3-ECDSA Signature Algorithm Selection-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

[3-ECDSA Signature Algorithm Selection-client]
CipherString = DEFAULT
SignatureAlgorithms = ECDSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer

[test-3]
ExpectedResult = Success
ExpectedServerCertType = P-256


# ===========================================================

[4-ECDSA Signature Algorithm Selection, no ECDSA certificate]
ssl_conf = 4-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl

[4-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
server = 4-ECDSA Signature Algorithm Selection, no ECDSA certificate-server
client = 4-ECDSA Signature Algorithm Selection, no ECDSA certificate-client

[4-ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

[4-ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
CipherString = DEFAULT
SignatureAlgorithms = ECDSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer

[test-4]
ExpectedResult = ServerFail


# ===========================================================

[5-RSA Signature Algorithm Selection]
ssl_conf = 5-RSA Signature Algorithm Selection-ssl

[5-RSA Signature Algorithm Selection-ssl]
server = 5-RSA Signature Algorithm Selection-server
client = 5-RSA Signature Algorithm Selection-client

[5-RSA Signature Algorithm Selection-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

[5-RSA Signature Algorithm Selection-client]
CipherString = DEFAULT
SignatureAlgorithms = RSA+SHA256
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer

[test-5]
ExpectedResult = Success
ExpectedServerCertType = RSA