diff options
author | Matt Caswell <matt@openssl.org> | 2023-06-23 16:01:41 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-06-27 10:50:08 +0100 |
commit | 2c59d54cd7cb741c4547311ca1b8479e08dce0b7 (patch) | |
tree | 8e60d96adc875eebb4b182d8ab9aa94531328b67 /test | |
parent | e609a4565f9ededc5c982175c297bb08058f767c (diff) |
Add some test_ssl_new tests for the ffdhe groups
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21274)
Diffstat (limited to 'test')
-rw-r--r-- | test/ssl-tests/14-curves.cnf | 1974 | ||||
-rw-r--r-- | test/ssl-tests/14-curves.cnf.in | 90 |
2 files changed, 1305 insertions, 759 deletions
diff --git a/test/ssl-tests/14-curves.cnf b/test/ssl-tests/14-curves.cnf index 8aba20b7af..e075a37943 100644 --- a/test/ssl-tests/14-curves.cnf +++ b/test/ssl-tests/14-curves.cnf @@ -1,93 +1,111 @@ # Generated with generate_ssl_tests.pl -num_tests = 86 +num_tests = 104 test-0 = 0-curve-prime256v1 test-1 = 1-curve-secp384r1 test-2 = 2-curve-secp521r1 test-3 = 3-curve-X25519 test-4 = 4-curve-X448 -test-5 = 5-curve-brainpoolP256r1tls13 -test-6 = 6-curve-brainpoolP384r1tls13 -test-7 = 7-curve-brainpoolP512r1tls13 -test-8 = 8-curve-sect233k1 -test-9 = 9-curve-sect233r1 -test-10 = 10-curve-sect283k1 -test-11 = 11-curve-sect283r1 -test-12 = 12-curve-sect409k1 -test-13 = 13-curve-sect409r1 -test-14 = 14-curve-sect571k1 -test-15 = 15-curve-sect571r1 -test-16 = 16-curve-secp224r1 -test-17 = 17-curve-sect163k1 -test-18 = 18-curve-sect163r2 -test-19 = 19-curve-prime192v1 -test-20 = 20-curve-sect163r1 -test-21 = 21-curve-sect193r1 -test-22 = 22-curve-sect193r2 -test-23 = 23-curve-sect239k1 -test-24 = 24-curve-secp160k1 -test-25 = 25-curve-secp160r1 -test-26 = 26-curve-secp160r2 -test-27 = 27-curve-secp192k1 -test-28 = 28-curve-secp224k1 -test-29 = 29-curve-secp256k1 -test-30 = 30-curve-brainpoolP256r1 -test-31 = 31-curve-brainpoolP384r1 -test-32 = 32-curve-brainpoolP512r1 -test-33 = 33-curve-sect233k1-tls12-in-tls13 -test-34 = 34-curve-sect233r1-tls12-in-tls13 -test-35 = 35-curve-sect283k1-tls12-in-tls13 -test-36 = 36-curve-sect283r1-tls12-in-tls13 -test-37 = 37-curve-sect409k1-tls12-in-tls13 -test-38 = 38-curve-sect409r1-tls12-in-tls13 -test-39 = 39-curve-sect571k1-tls12-in-tls13 -test-40 = 40-curve-sect571r1-tls12-in-tls13 -test-41 = 41-curve-secp224r1-tls12-in-tls13 -test-42 = 42-curve-sect163k1-tls12-in-tls13 -test-43 = 43-curve-sect163r2-tls12-in-tls13 -test-44 = 44-curve-prime192v1-tls12-in-tls13 -test-45 = 45-curve-sect163r1-tls12-in-tls13 -test-46 = 46-curve-sect193r1-tls12-in-tls13 -test-47 = 47-curve-sect193r2-tls12-in-tls13 -test-48 = 48-curve-sect239k1-tls12-in-tls13 -test-49 = 49-curve-secp160k1-tls12-in-tls13 -test-50 = 50-curve-secp160r1-tls12-in-tls13 -test-51 = 51-curve-secp160r2-tls12-in-tls13 -test-52 = 52-curve-secp192k1-tls12-in-tls13 -test-53 = 53-curve-secp224k1-tls12-in-tls13 -test-54 = 54-curve-secp256k1-tls12-in-tls13 -test-55 = 55-curve-brainpoolP256r1-tls12-in-tls13 -test-56 = 56-curve-brainpoolP384r1-tls12-in-tls13 -test-57 = 57-curve-brainpoolP512r1-tls12-in-tls13 -test-58 = 58-curve-sect233k1-tls13 -test-59 = 59-curve-sect233r1-tls13 -test-60 = 60-curve-sect283k1-tls13 -test-61 = 61-curve-sect283r1-tls13 -test-62 = 62-curve-sect409k1-tls13 -test-63 = 63-curve-sect409r1-tls13 -test-64 = 64-curve-sect571k1-tls13 -test-65 = 65-curve-sect571r1-tls13 -test-66 = 66-curve-secp224r1-tls13 -test-67 = 67-curve-sect163k1-tls13 -test-68 = 68-curve-sect163r2-tls13 -test-69 = 69-curve-prime192v1-tls13 -test-70 = 70-curve-sect163r1-tls13 -test-71 = 71-curve-sect193r1-tls13 -test-72 = 72-curve-sect193r2-tls13 -test-73 = 73-curve-sect239k1-tls13 -test-74 = 74-curve-secp160k1-tls13 -test-75 = 75-curve-secp160r1-tls13 -test-76 = 76-curve-secp160r2-tls13 -test-77 = 77-curve-secp192k1-tls13 -test-78 = 78-curve-secp224k1-tls13 -test-79 = 79-curve-secp256k1-tls13 -test-80 = 80-curve-brainpoolP256r1-tls13 -test-81 = 81-curve-brainpoolP384r1-tls13 -test-82 = 82-curve-brainpoolP512r1-tls13 -test-83 = 83-curve-brainpoolP256r1tls13-tls13-in-tls12 -test-84 = 84-curve-brainpoolP384r1tls13-tls13-in-tls12 -test-85 = 85-curve-brainpoolP512r1tls13-tls13-in-tls12 +test-5 = 5-curve-ffdhe2048 +test-6 = 6-curve-ffdhe3072 +test-7 = 7-curve-ffdhe4096 +test-8 = 8-curve-ffdhe6144 +test-9 = 9-curve-ffdhe8192 +test-10 = 10-curve-brainpoolP256r1tls13 +test-11 = 11-curve-brainpoolP384r1tls13 +test-12 = 12-curve-brainpoolP512r1tls13 +test-13 = 13-curve-sect233k1 +test-14 = 14-curve-sect233r1 +test-15 = 15-curve-sect283k1 +test-16 = 16-curve-sect283r1 +test-17 = 17-curve-sect409k1 +test-18 = 18-curve-sect409r1 +test-19 = 19-curve-sect571k1 +test-20 = 20-curve-sect571r1 +test-21 = 21-curve-secp224r1 +test-22 = 22-curve-sect163k1 +test-23 = 23-curve-sect163r2 +test-24 = 24-curve-prime192v1 +test-25 = 25-curve-sect163r1 +test-26 = 26-curve-sect193r1 +test-27 = 27-curve-sect193r2 +test-28 = 28-curve-sect239k1 +test-29 = 29-curve-secp160k1 +test-30 = 30-curve-secp160r1 +test-31 = 31-curve-secp160r2 +test-32 = 32-curve-secp192k1 +test-33 = 33-curve-secp224k1 +test-34 = 34-curve-secp256k1 +test-35 = 35-curve-brainpoolP256r1 +test-36 = 36-curve-brainpoolP384r1 +test-37 = 37-curve-brainpoolP512r1 +test-38 = 38-curve-sect233k1-tls12-in-tls13 +test-39 = 39-curve-sect233r1-tls12-in-tls13 +test-40 = 40-curve-sect283k1-tls12-in-tls13 +test-41 = 41-curve-sect283r1-tls12-in-tls13 +test-42 = 42-curve-sect409k1-tls12-in-tls13 +test-43 = 43-curve-sect409r1-tls12-in-tls13 +test-44 = 44-curve-sect571k1-tls12-in-tls13 +test-45 = 45-curve-sect571r1-tls12-in-tls13 +test-46 = 46-curve-secp224r1-tls12-in-tls13 +test-47 = 47-curve-sect163k1-tls12-in-tls13 +test-48 = 48-curve-sect163r2-tls12-in-tls13 +test-49 = 49-curve-prime192v1-tls12-in-tls13 +test-50 = 50-curve-sect163r1-tls12-in-tls13 +test-51 = 51-curve-sect193r1-tls12-in-tls13 +test-52 = 52-curve-sect193r2-tls12-in-tls13 +test-53 = 53-curve-sect239k1-tls12-in-tls13 +test-54 = 54-curve-secp160k1-tls12-in-tls13 +test-55 = 55-curve-secp160r1-tls12-in-tls13 +test-56 = 56-curve-secp160r2-tls12-in-tls13 +test-57 = 57-curve-secp192k1-tls12-in-tls13 +test-58 = 58-curve-secp224k1-tls12-in-tls13 +test-59 = 59-curve-secp256k1-tls12-in-tls13 +test-60 = 60-curve-brainpoolP256r1-tls12-in-tls13 +test-61 = 61-curve-brainpoolP384r1-tls12-in-tls13 +test-62 = 62-curve-brainpoolP512r1-tls12-in-tls13 +test-63 = 63-curve-sect233k1-tls13 +test-64 = 64-curve-sect233r1-tls13 +test-65 = 65-curve-sect283k1-tls13 +test-66 = 66-curve-sect283r1-tls13 +test-67 = 67-curve-sect409k1-tls13 +test-68 = 68-curve-sect409r1-tls13 +test-69 = 69-curve-sect571k1-tls13 +test-70 = 70-curve-sect571r1-tls13 +test-71 = 71-curve-secp224r1-tls13 +test-72 = 72-curve-sect163k1-tls13 +test-73 = 73-curve-sect163r2-tls13 +test-74 = 74-curve-prime192v1-tls13 +test-75 = 75-curve-sect163r1-tls13 +test-76 = 76-curve-sect193r1-tls13 +test-77 = 77-curve-sect193r2-tls13 +test-78 = 78-curve-sect239k1-tls13 +test-79 = 79-curve-secp160k1-tls13 +test-80 = 80-curve-secp160r1-tls13 +test-81 = 81-curve-secp160r2-tls13 +test-82 = 82-curve-secp192k1-tls13 +test-83 = 83-curve-secp224k1-tls13 +test-84 = 84-curve-secp256k1-tls13 +test-85 = 85-curve-brainpoolP256r1-tls13 +test-86 = 86-curve-brainpoolP384r1-tls13 +test-87 = 87-curve-brainpoolP512r1-tls13 +test-88 = 88-curve-ffdhe2048-tls13-in-tls12 +test-89 = 89-curve-ffdhe2048-tls13-in-tls12-2 +test-90 = 90-curve-ffdhe3072-tls13-in-tls12 +test-91 = 91-curve-ffdhe3072-tls13-in-tls12-2 +test-92 = 92-curve-ffdhe4096-tls13-in-tls12 +test-93 = 93-curve-ffdhe4096-tls13-in-tls12-2 +test-94 = 94-curve-ffdhe6144-tls13-in-tls12 +test-95 = 95-curve-ffdhe6144-tls13-in-tls12-2 +test-96 = 96-curve-ffdhe8192-tls13-in-tls12 +test-97 = 97-curve-ffdhe8192-tls13-in-tls12-2 +test-98 = 98-curve-brainpoolP256r1tls13-tls13-in-tls12 +test-99 = 99-curve-brainpoolP256r1tls13-tls13-in-tls12-2 +test-100 = 100-curve-brainpoolP384r1tls13-tls13-in-tls12 +test-101 = 101-curve-brainpoolP384r1tls13-tls13-in-tls12-2 +test-102 = 102-curve-brainpoolP512r1tls13-tls13-in-tls12 +test-103 = 103-curve-brainpoolP512r1tls13-tls13-in-tls12-2 # =========================================================== [0-curve-prime256v1] @@ -235,28 +253,173 @@ ExpectedTmpKeyType = X448 # =========================================================== -[5-curve-brainpoolP256r1tls13] -ssl_conf = 5-curve-brainpoolP256r1tls13-ssl +[5-curve-ffdhe2048] +ssl_conf = 5-curve-ffdhe2048-ssl -[5-curve-brainpoolP256r1tls13-ssl] -server = 5-curve-brainpoolP256r1tls13-server -client = 5-curve-brainpoolP256r1tls13-client +[5-curve-ffdhe2048-ssl] +server = 5-curve-ffdhe2048-server +client = 5-curve-ffdhe2048-client -[5-curve-brainpoolP256r1tls13-server] +[5-curve-ffdhe2048-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT@SECLEVEL=1 +Curves = ffdhe2048 +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[5-curve-ffdhe2048-client] +CipherString = ECDHE@SECLEVEL=1 +Curves = ffdhe2048 +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-5] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success +ExpectedTmpKeyType = dhKeyAgreement + + +# =========================================================== + +[6-curve-ffdhe3072] +ssl_conf = 6-curve-ffdhe3072-ssl + +[6-curve-ffdhe3072-ssl] +server = 6-curve-ffdhe3072-server +client = 6-curve-ffdhe3072-client + +[6-curve-ffdhe3072-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT@SECLEVEL=1 +Curves = ffdhe3072 +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[6-curve-ffdhe3072-client] +CipherString = ECDHE@SECLEVEL=1 +Curves = ffdhe3072 +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-6] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success +ExpectedTmpKeyType = dhKeyAgreement + + +# =========================================================== + +[7-curve-ffdhe4096] +ssl_conf = 7-curve-ffdhe4096-ssl + +[7-curve-ffdhe4096-ssl] +server = 7-curve-ffdhe4096-server +client = 7-curve-ffdhe4096-client + +[7-curve-ffdhe4096-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT@SECLEVEL=1 +Curves = ffdhe4096 +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[7-curve-ffdhe4096-client] +CipherString = ECDHE@SECLEVEL=1 +Curves = ffdhe4096 +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-7] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success +ExpectedTmpKeyType = dhKeyAgreement + + +# =========================================================== + +[8-curve-ffdhe6144] +ssl_conf = 8-curve-ffdhe6144-ssl + +[8-curve-ffdhe6144-ssl] +server = 8-curve-ffdhe6144-server +client = 8-curve-ffdhe6144-client + +[8-curve-ffdhe6144-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT@SECLEVEL=1 +Curves = ffdhe6144 +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[8-curve-ffdhe6144-client] +CipherString = ECDHE@SECLEVEL=1 +Curves = ffdhe6144 +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-8] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success +ExpectedTmpKeyType = dhKeyAgreement + + +# =========================================================== + +[9-curve-ffdhe8192] +ssl_conf = 9-curve-ffdhe8192-ssl + +[9-curve-ffdhe8192-ssl] +server = 9-curve-ffdhe8192-server +client = 9-curve-ffdhe8192-client + +[9-curve-ffdhe8192-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT@SECLEVEL=1 +Curves = ffdhe8192 +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[9-curve-ffdhe8192-client] +CipherString = ECDHE@SECLEVEL=1 +Curves = ffdhe8192 +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-9] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success +ExpectedTmpKeyType = dhKeyAgreement + + +# =========================================================== + +[10-curve-brainpoolP256r1tls13] +ssl_conf = 10-curve-brainpoolP256r1tls13-ssl + +[10-curve-brainpoolP256r1tls13-ssl] +server = 10-curve-brainpoolP256r1tls13-server +client = 10-curve-brainpoolP256r1tls13-client + +[10-curve-brainpoolP256r1tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = brainpoolP256r1tls13 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[5-curve-brainpoolP256r1tls13-client] +[10-curve-brainpoolP256r1tls13-client] CipherString = ECDHE@SECLEVEL=1 Curves = brainpoolP256r1tls13 MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-5] +[test-10] ExpectedProtocol = TLSv1.3 ExpectedResult = Success ExpectedTmpKeyType = brainpoolP256r1tls13 @@ -264,28 +427,28 @@ ExpectedTmpKeyType = brainpoolP256r1tls13 # =========================================================== -[6-curve-brainpoolP384r1tls13] -ssl_conf = 6-curve-brainpoolP384r1tls13-ssl +[11-curve-brainpoolP384r1tls13] +ssl_conf = 11-curve-brainpoolP384r1tls13-ssl -[6-curve-brainpoolP384r1tls13-ssl] -server = 6-curve-brainpoolP384r1tls13-server -client = 6-curve-brainpoolP384r1tls13-client +[11-curve-brainpoolP384r1tls13-ssl] +server = 11-curve-brainpoolP384r1tls13-server +client = 11-curve-brainpoolP384r1tls13-client -[6-curve-brainpoolP384r1tls13-server] +[11-curve-brainpoolP384r1tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = brainpoolP384r1tls13 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[6-curve-brainpoolP384r1tls13-client] +[11-curve-brainpoolP384r1tls13-client] CipherString = ECDHE@SECLEVEL=1 Curves = brainpoolP384r1tls13 MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-6] +[test-11] ExpectedProtocol = TLSv1.3 ExpectedResult = Success ExpectedTmpKeyType = brainpoolP384r1tls13 @@ -293,28 +456,28 @@ ExpectedTmpKeyType = brainpoolP384r1tls13 # =========================================================== -[7-curve-brainpoolP512r1tls13] -ssl_conf = 7-curve-brainpoolP512r1tls13-ssl +[12-curve-brainpoolP512r1tls13] +ssl_conf = 12-curve-brainpoolP512r1tls13-ssl -[7-curve-brainpoolP512r1tls13-ssl] -server = 7-curve-brainpoolP512r1tls13-server -client = 7-curve-brainpoolP512r1tls13-client +[12-curve-brainpoolP512r1tls13-ssl] +server = 12-curve-brainpoolP512r1tls13-server +client = 12-curve-brainpoolP512r1tls13-client -[7-curve-brainpoolP512r1tls13-server] +[12-curve-brainpoolP512r1tls13-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = brainpoolP512r1tls13 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[7-curve-brainpoolP512r1tls13-client] +[12-curve-brainpoolP512r1tls13-client] CipherString = ECDHE@SECLEVEL=1 Curves = brainpoolP512r1tls13 MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-7] +[test-12] ExpectedProtocol = TLSv1.3 ExpectedResult = Success ExpectedTmpKeyType = brainpoolP512r1tls13 @@ -322,28 +485,28 @@ ExpectedTmpKeyType = brainpoolP512r1tls13 # =========================================================== -[8-curve-sect233k1] -ssl_conf = 8-curve-sect233k1-ssl +[13-curve-sect233k1] +ssl_conf = 13-curve-sect233k1-ssl -[8-curve-sect233k1-ssl] -server = 8-curve-sect233k1-server -client = 8-curve-sect233k1-client +[13-curve-sect233k1-ssl] +server = 13-curve-sect233k1-server +client = 13-curve-sect233k1-client -[8-curve-sect233k1-server] +[13-curve-sect233k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect233k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[8-curve-sect233k1-client] +[13-curve-sect233k1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect233k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-8] +[test-13] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect233k1 @@ -351,28 +514,28 @@ ExpectedTmpKeyType = sect233k1 # =========================================================== -[9-curve-sect233r1] -ssl_conf = 9-curve-sect233r1-ssl +[14-curve-sect233r1] +ssl_conf = 14-curve-sect233r1-ssl -[9-curve-sect233r1-ssl] -server = 9-curve-sect233r1-server -client = 9-curve-sect233r1-client +[14-curve-sect233r1-ssl] +server = 14-curve-sect233r1-server +client = 14-curve-sect233r1-client -[9-curve-sect233r1-server] +[14-curve-sect233r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect233r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[9-curve-sect233r1-client] +[14-curve-sect233r1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect233r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-9] +[test-14] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect233r1 @@ -380,28 +543,28 @@ ExpectedTmpKeyType = sect233r1 # =========================================================== -[10-curve-sect283k1] -ssl_conf = 10-curve-sect283k1-ssl +[15-curve-sect283k1] +ssl_conf = 15-curve-sect283k1-ssl -[10-curve-sect283k1-ssl] -server = 10-curve-sect283k1-server -client = 10-curve-sect283k1-client +[15-curve-sect283k1-ssl] +server = 15-curve-sect283k1-server +client = 15-curve-sect283k1-client -[10-curve-sect283k1-server] +[15-curve-sect283k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect283k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[10-curve-sect283k1-client] +[15-curve-sect283k1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect283k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-10] +[test-15] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect283k1 @@ -409,28 +572,28 @@ ExpectedTmpKeyType = sect283k1 # =========================================================== -[11-curve-sect283r1] -ssl_conf = 11-curve-sect283r1-ssl +[16-curve-sect283r1] +ssl_conf = 16-curve-sect283r1-ssl -[11-curve-sect283r1-ssl] -server = 11-curve-sect283r1-server -client = 11-curve-sect283r1-client +[16-curve-sect283r1-ssl] +server = 16-curve-sect283r1-server +client = 16-curve-sect283r1-client -[11-curve-sect283r1-server] +[16-curve-sect283r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect283r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[11-curve-sect283r1-client] +[16-curve-sect283r1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect283r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-11] +[test-16] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect283r1 @@ -438,28 +601,28 @@ ExpectedTmpKeyType = sect283r1 # =========================================================== -[12-curve-sect409k1] -ssl_conf = 12-curve-sect409k1-ssl +[17-curve-sect409k1] +ssl_conf = 17-curve-sect409k1-ssl -[12-curve-sect409k1-ssl] -server = 12-curve-sect409k1-server -client = 12-curve-sect409k1-client +[17-curve-sect409k1-ssl] +server = 17-curve-sect409k1-server +client = 17-curve-sect409k1-client -[12-curve-sect409k1-server] +[17-curve-sect409k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect409k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[12-curve-sect409k1-client] +[17-curve-sect409k1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect409k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-12] +[test-17] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect409k1 @@ -467,28 +630,28 @@ ExpectedTmpKeyType = sect409k1 # =========================================================== -[13-curve-sect409r1] -ssl_conf = 13-curve-sect409r1-ssl +[18-curve-sect409r1] +ssl_conf = 18-curve-sect409r1-ssl -[13-curve-sect409r1-ssl] -server = 13-curve-sect409r1-server -client = 13-curve-sect409r1-client +[18-curve-sect409r1-ssl] +server = 18-curve-sect409r1-server +client = 18-curve-sect409r1-client -[13-curve-sect409r1-server] +[18-curve-sect409r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect409r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[13-curve-sect409r1-client] +[18-curve-sect409r1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect409r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-13] +[test-18] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect409r1 @@ -496,28 +659,28 @@ ExpectedTmpKeyType = sect409r1 # =========================================================== -[14-curve-sect571k1] -ssl_conf = 14-curve-sect571k1-ssl +[19-curve-sect571k1] +ssl_conf = 19-curve-sect571k1-ssl -[14-curve-sect571k1-ssl] -server = 14-curve-sect571k1-server -client = 14-curve-sect571k1-client +[19-curve-sect571k1-ssl] +server = 19-curve-sect571k1-server +client = 19-curve-sect571k1-client -[14-curve-sect571k1-server] +[19-curve-sect571k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect571k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[14-curve-sect571k1-client] +[19-curve-sect571k1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect571k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-14] +[test-19] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect571k1 @@ -525,28 +688,28 @@ ExpectedTmpKeyType = sect571k1 # =========================================================== -[15-curve-sect571r1] -ssl_conf = 15-curve-sect571r1-ssl +[20-curve-sect571r1] +ssl_conf = 20-curve-sect571r1-ssl -[15-curve-sect571r1-ssl] -server = 15-curve-sect571r1-server -client = 15-curve-sect571r1-client +[20-curve-sect571r1-ssl] +server = 20-curve-sect571r1-server +client = 20-curve-sect571r1-client -[15-curve-sect571r1-server] +[20-curve-sect571r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect571r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[15-curve-sect571r1-client] +[20-curve-sect571r1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect571r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-15] +[test-20] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect571r1 @@ -554,28 +717,28 @@ ExpectedTmpKeyType = sect571r1 # =========================================================== -[16-curve-secp224r1] -ssl_conf = 16-curve-secp224r1-ssl +[21-curve-secp224r1] +ssl_conf = 21-curve-secp224r1-ssl -[16-curve-secp224r1-ssl] -server = 16-curve-secp224r1-server -client = 16-curve-secp224r1-client +[21-curve-secp224r1-ssl] +server = 21-curve-secp224r1-server +client = 21-curve-secp224r1-client -[16-curve-secp224r1-server] +[21-curve-secp224r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = secp224r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[16-curve-secp224r1-client] +[21-curve-secp224r1-client] CipherString = ECDHE@SECLEVEL=1 Curves = secp224r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-16] +[test-21] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = secp224r1 @@ -583,28 +746,28 @@ ExpectedTmpKeyType = secp224r1 # =========================================================== -[17-curve-sect163k1] -ssl_conf = 17-curve-sect163k1-ssl +[22-curve-sect163k1] +ssl_conf = 22-curve-sect163k1-ssl -[17-curve-sect163k1-ssl] -server = 17-curve-sect163k1-server -client = 17-curve-sect163k1-client +[22-curve-sect163k1-ssl] +server = 22-curve-sect163k1-server +client = 22-curve-sect163k1-client -[17-curve-sect163k1-server] +[22-curve-sect163k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect163k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[17-curve-sect163k1-client] +[22-curve-sect163k1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect163k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-17] +[test-22] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect163k1 @@ -612,28 +775,28 @@ ExpectedTmpKeyType = sect163k1 # =========================================================== -[18-curve-sect163r2] -ssl_conf = 18-curve-sect163r2-ssl +[23-curve-sect163r2] +ssl_conf = 23-curve-sect163r2-ssl -[18-curve-sect163r2-ssl] -server = 18-curve-sect163r2-server -client = 18-curve-sect163r2-client +[23-curve-sect163r2-ssl] +server = 23-curve-sect163r2-server +client = 23-curve-sect163r2-client -[18-curve-sect163r2-server] +[23-curve-sect163r2-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect163r2 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[18-curve-sect163r2-client] +[23-curve-sect163r2-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect163r2 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-18] +[test-23] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect163r2 @@ -641,28 +804,28 @@ ExpectedTmpKeyType = sect163r2 # =========================================================== -[19-curve-prime192v1] -ssl_conf = 19-curve-prime192v1-ssl +[24-curve-prime192v1] +ssl_conf = 24-curve-prime192v1-ssl -[19-curve-prime192v1-ssl] -server = 19-curve-prime192v1-server -client = 19-curve-prime192v1-client +[24-curve-prime192v1-ssl] +server = 24-curve-prime192v1-server +client = 24-curve-prime192v1-client -[19-curve-prime192v1-server] +[24-curve-prime192v1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = prime192v1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[19-curve-prime192v1-client] +[24-curve-prime192v1-client] CipherString = ECDHE@SECLEVEL=1 Curves = prime192v1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-19] +[test-24] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = prime192v1 @@ -670,28 +833,28 @@ ExpectedTmpKeyType = prime192v1 # =========================================================== -[20-curve-sect163r1] -ssl_conf = 20-curve-sect163r1-ssl +[25-curve-sect163r1] +ssl_conf = 25-curve-sect163r1-ssl -[20-curve-sect163r1-ssl] -server = 20-curve-sect163r1-server -client = 20-curve-sect163r1-client +[25-curve-sect163r1-ssl] +server = 25-curve-sect163r1-server +client = 25-curve-sect163r1-client -[20-curve-sect163r1-server] +[25-curve-sect163r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect163r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[20-curve-sect163r1-client] +[25-curve-sect163r1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect163r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-20] +[test-25] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect163r1 @@ -699,28 +862,28 @@ ExpectedTmpKeyType = sect163r1 # =========================================================== -[21-curve-sect193r1] -ssl_conf = 21-curve-sect193r1-ssl +[26-curve-sect193r1] +ssl_conf = 26-curve-sect193r1-ssl -[21-curve-sect193r1-ssl] -server = 21-curve-sect193r1-server -client = 21-curve-sect193r1-client +[26-curve-sect193r1-ssl] +server = 26-curve-sect193r1-server +client = 26-curve-sect193r1-client -[21-curve-sect193r1-server] +[26-curve-sect193r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect193r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[21-curve-sect193r1-client] +[26-curve-sect193r1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect193r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-21] +[test-26] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect193r1 @@ -728,28 +891,28 @@ ExpectedTmpKeyType = sect193r1 # =========================================================== -[22-curve-sect193r2] -ssl_conf = 22-curve-sect193r2-ssl +[27-curve-sect193r2] +ssl_conf = 27-curve-sect193r2-ssl -[22-curve-sect193r2-ssl] -server = 22-curve-sect193r2-server -client = 22-curve-sect193r2-client +[27-curve-sect193r2-ssl] +server = 27-curve-sect193r2-server +client = 27-curve-sect193r2-client -[22-curve-sect193r2-server] +[27-curve-sect193r2-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect193r2 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[22-curve-sect193r2-client] +[27-curve-sect193r2-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect193r2 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-22] +[test-27] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect193r2 @@ -757,28 +920,28 @@ ExpectedTmpKeyType = sect193r2 # =========================================================== -[23-curve-sect239k1] -ssl_conf = 23-curve-sect239k1-ssl +[28-curve-sect239k1] +ssl_conf = 28-curve-sect239k1-ssl -[23-curve-sect239k1-ssl] -server = 23-curve-sect239k1-server -client = 23-curve-sect239k1-client +[28-curve-sect239k1-ssl] +server = 28-curve-sect239k1-server +client = 28-curve-sect239k1-client -[23-curve-sect239k1-server] +[28-curve-sect239k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = sect239k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[23-curve-sect239k1-client] +[28-curve-sect239k1-client] CipherString = ECDHE@SECLEVEL=1 Curves = sect239k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-23] +[test-28] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = sect239k1 @@ -786,28 +949,28 @@ ExpectedTmpKeyType = sect239k1 # =========================================================== -[24-curve-secp160k1] -ssl_conf = 24-curve-secp160k1-ssl +[29-curve-secp160k1] +ssl_conf = 29-curve-secp160k1-ssl -[24-curve-secp160k1-ssl] -server = 24-curve-secp160k1-server -client = 24-curve-secp160k1-client +[29-curve-secp160k1-ssl] +server = 29-curve-secp160k1-server +client = 29-curve-secp160k1-client -[24-curve-secp160k1-server] +[29-curve-secp160k1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = secp160k1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[24-curve-secp160k1-client] +[29-curve-secp160k1-client] CipherString = ECDHE@SECLEVEL=1 Curves = secp160k1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-24] +[test-29] ExpectedProtocol = TLSv1.2 ExpectedResult = Success ExpectedTmpKeyType = secp160k1 @@ -815,28 +978,28 @@ ExpectedTmpKeyType = secp160k1 # =========================================================== -[25-curve-secp160r1] -ssl_conf = 25-curve-secp160r1-ssl +[30-curve-secp160r1] +ssl_conf = 30-curve-secp160r1-ssl -[25-curve-secp160r1-ssl] -server = 25-curve-secp160r1-server -client = 25-curve-secp160r1-client +[30-curve-secp160r1-ssl] +server = 30-curve-secp160r1-server +client = 30-curve-secp160r1-client -[25-curve-secp160r1-server] +[30-curve-secp160r1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT@SECLEVEL=1 Curves = secp160r1 MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[25-curve-secp160r1-client] +[30-curve-secp160r1-client] CipherString = ECDHE@SECLEVEL=1 Curves = secp160r1 MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-25] +[test |