diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2017-02-17 15:28:36 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2017-02-17 16:33:12 +0000 |
| commit | 7a08b764cca8f1a4a04384b708468c9c5d648659 (patch) | |
| tree | 9e47b5ce3ed59d25b731cf54b1a641409ff1c796 /test | |
| parent | 7a02661ac1e42afd36b0fc7d52ddbd509a36ec95 (diff) | |
add DSA cert tests
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2667)
Diffstat (limited to 'test')
| -rw-r--r-- | test/ssl-tests/20-cert-select.conf | 32 | ||||
| -rw-r--r-- | test/ssl-tests/20-cert-select.conf.in | 46 |
2 files changed, 77 insertions, 1 deletions
diff --git a/test/ssl-tests/20-cert-select.conf b/test/ssl-tests/20-cert-select.conf index 72ce42574b..1598dadc6b 100644 --- a/test/ssl-tests/20-cert-select.conf +++ b/test/ssl-tests/20-cert-select.conf @@ -1,6 +1,6 @@ # Generated with generate_ssl_tests.pl -num_tests = 8 +num_tests = 9 test-0 = 0-ECDSA CipherString Selection test-1 = 1-RSA CipherString Selection @@ -10,6 +10,7 @@ test-4 = 4-ECDSA Signature Algorithm Selection SHA384 test-5 = 5-ECDSA Signature Algorithm Selection, no ECDSA certificate test-6 = 6-RSA Signature Algorithm Selection test-7 = 7-RSA-PSS Signature Algorithm Selection +test-8 = 8-TLS 1.2 DSA Certificate Test # =========================================================== [0-ECDSA CipherString Selection] @@ -235,3 +236,32 @@ ExpectedServerSignHash = SHA256 ExpectedServerSignType = RSA-PSS +# =========================================================== + +[8-TLS 1.2 DSA Certificate Test] +ssl_conf = 8-TLS 1.2 DSA Certificate Test-ssl + +[8-TLS 1.2 DSA Certificate Test-ssl] +server = 8-TLS 1.2 DSA Certificate Test-server +client = 8-TLS 1.2 DSA Certificate Test-client + +[8-TLS 1.2 DSA Certificate Test-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ALL +DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem +DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem +DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[8-TLS 1.2 DSA Certificate Test-client] +CipherString = ALL +SignatureAlgorithms = DSA+SHA256:DSA+SHA1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-8] +ExpectedResult = Success + + diff --git a/test/ssl-tests/20-cert-select.conf.in b/test/ssl-tests/20-cert-select.conf.in index c5a5c31d11..7edfed6bd6 100644 --- a/test/ssl-tests/20-cert-select.conf.in +++ b/test/ssl-tests/20-cert-select.conf.in @@ -244,3 +244,49 @@ my @tests_tls_1_3 = ( ); push @tests, @tests_tls_1_3 unless disabled("tls1_3"); + +my @tests_dsa_tls_1_2 = ( + { + name => "TLS 1.2 DSA Certificate Test", + server => { + "DSA.Certificate" => test_pem("server-dsa-cert.pem"), + "DSA.PrivateKey" => test_pem("server-dsa-key.pem"), + "DHParameters" => test_pem("dhp2048.pem"), + "MinProtocol" => "TLSv1.2", + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ALL", + }, + client => { + "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1", + "CipherString" => "ALL", + }, + test => { + "ExpectedResult" => "Success" + }, + }, +); + +my @tests_dsa_tls_1_3 = ( + { + name => "TLS 1.3 DSA Certificate Test", + server => { + "DSA.Certificate" => test_pem("server-dsa-cert.pem"), + "DSA.PrivateKey" => test_pem("server-dsa-key.pem"), + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "CipherString" => "ALL", + }, + client => { + "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256", + "CipherString" => "ALL", + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, +); + +if (!disabled("dsa")) { + push @tests, @tests_dsa_tls_1_2 unless disabled("dh"); + push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3"); +} |