Test use of a brainpool ECDSA certificate (24ae0038) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

test/ssl-tests/20-cert-select.conf

+456 −397

File changed.

Preview size limit exceeded, changes collapsed.

+39 −0

Original line number	Diff line number	Diff line
		@@ -138,6 +138,28 @@ our @tests = (
		"ExpectedResult" => "Success"
		},
		},
		{
		name => "ECDSA with brainpool",
		server => {
		"Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
		"PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
		"Groups" => "brainpoolP256r1",
		},
		client => {
		#We don't restrict this to TLSv1.2, although use of brainpool
		#should force this anyway so that this should succeed
		"CipherString" => "aECDSA",
		"RequestCAFile" => test_pem("root-cert.pem"),
		"Groups" => "brainpoolP256r1",
		},
		test => {
		"ExpectedServerCertType" =>, "brainpoolP256r1",
		"ExpectedServerSignType" =>, "EC",
		# Note: certificate_authorities not sent for TLS < 1.3
		"ExpectedServerCANames" =>, "empty",
		"ExpectedResult" => "Success"
		},
		},
		{
		name => "RSA CipherString Selection",
		server => $server,
		@@ -762,6 +784,23 @@ my @tests_tls_1_3 = (
		"ExpectedResult" => "Success"
		},
		},
		{
		name => "TLS 1.3 ECDSA with brainpool",
		server => {
		"Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"),
		"PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"),
		"Groups" => "brainpoolP256r1",
		},
		client => {
		"RequestCAFile" => test_pem("root-cert.pem"),
		"Groups" => "brainpoolP256r1",
		"MinProtocol" => "TLSv1.3",
		"MaxProtocol" => "TLSv1.3"
		},
		test => {
		"ExpectedResult" => "ServerFail"
		},
		},
		);

		push @tests, @tests_tls_1_3 unless disabled("tls1_3");