You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
112 lines
4.5 KiB
112 lines
4.5 KiB
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in |
|
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in.no-brainpool 2019-09-10 15:13:07.000000000 +0200 |
|
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.in 2019-09-13 15:11:07.358687169 +0200 |
|
@@ -147,22 +147,22 @@ our @tests = ( |
|
{ |
|
name => "ECDSA with brainpool", |
|
server => { |
|
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), |
|
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), |
|
- "Groups" => "brainpoolP256r1", |
|
+ "Certificate" => test_pem("server-ecdsa-cert.pem"), |
|
+ "PrivateKey" => test_pem("server-ecdsa-key.pem"), |
|
+# "Groups" => "brainpoolP256r1", |
|
}, |
|
client => { |
|
#We don't restrict this to TLSv1.2, although use of brainpool |
|
#should force this anyway so that this should succeed |
|
"CipherString" => "aECDSA", |
|
"RequestCAFile" => test_pem("root-cert.pem"), |
|
- "Groups" => "brainpoolP256r1", |
|
+# "Groups" => "brainpoolP256r1", |
|
}, |
|
test => { |
|
- "ExpectedServerCertType" =>, "brainpoolP256r1", |
|
- "ExpectedServerSignType" =>, "EC", |
|
+# "ExpectedServerCertType" =>, "brainpoolP256r1", |
|
+# "ExpectedServerSignType" =>, "EC", |
|
# Note: certificate_authorities not sent for TLS < 1.3 |
|
- "ExpectedServerCANames" =>, "empty", |
|
+# "ExpectedServerCANames" =>, "empty", |
|
"ExpectedResult" => "Success" |
|
}, |
|
}, |
|
@@ -853,18 +853,18 @@ my @tests_tls_1_3 = ( |
|
{ |
|
name => "TLS 1.3 ECDSA with brainpool", |
|
server => { |
|
- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), |
|
- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), |
|
- "Groups" => "brainpoolP256r1", |
|
+ "Certificate" => test_pem("server-ecdsa-cert.pem"), |
|
+ "PrivateKey" => test_pem("server-ecdsa-key.pem"), |
|
+# "Groups" => "brainpoolP256r1", |
|
}, |
|
client => { |
|
"RequestCAFile" => test_pem("root-cert.pem"), |
|
- "Groups" => "brainpoolP256r1", |
|
+# "Groups" => "brainpoolP256r1", |
|
"MinProtocol" => "TLSv1.3", |
|
"MaxProtocol" => "TLSv1.3" |
|
}, |
|
test => { |
|
- "ExpectedResult" => "ServerFail" |
|
+ "ExpectedResult" => "Success" |
|
}, |
|
}, |
|
); |
|
diff -up openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool openssl-1.1.1d/test/ssl-tests/20-cert-select.conf |
|
--- openssl-1.1.1d/test/ssl-tests/20-cert-select.conf.no-brainpool 2019-09-10 15:13:07.000000000 +0200 |
|
+++ openssl-1.1.1d/test/ssl-tests/20-cert-select.conf 2019-09-13 15:12:27.380288469 +0200 |
|
@@ -238,23 +238,18 @@ server = 5-ECDSA with brainpool-server |
|
client = 5-ECDSA with brainpool-client |
|
|
|
[5-ECDSA with brainpool-server] |
|
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem |
|
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
|
CipherString = DEFAULT |
|
-Groups = brainpoolP256r1 |
|
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem |
|
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
|
|
|
[5-ECDSA with brainpool-client] |
|
CipherString = aECDSA |
|
-Groups = brainpoolP256r1 |
|
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
|
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
|
VerifyMode = Peer |
|
|
|
[test-5] |
|
ExpectedResult = Success |
|
-ExpectedServerCANames = empty |
|
-ExpectedServerCertType = brainpoolP256r1 |
|
-ExpectedServerSignType = EC |
|
|
|
|
|
# =========================================================== |
|
@@ -1713,14 +1708,12 @@ server = 52-TLS 1.3 ECDSA with brainpool |
|
client = 52-TLS 1.3 ECDSA with brainpool-client |
|
|
|
[52-TLS 1.3 ECDSA with brainpool-server] |
|
-Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem |
|
+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem |
|
CipherString = DEFAULT |
|
-Groups = brainpoolP256r1 |
|
-PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem |
|
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem |
|
|
|
[52-TLS 1.3 ECDSA with brainpool-client] |
|
CipherString = DEFAULT |
|
-Groups = brainpoolP256r1 |
|
MaxProtocol = TLSv1.3 |
|
MinProtocol = TLSv1.3 |
|
RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
|
@@ -1728,7 +1721,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro |
|
VerifyMode = Peer |
|
|
|
[test-52] |
|
-ExpectedResult = ServerFail |
|
+ExpectedResult = Success |
|
|
|
|
|
# ===========================================================
|
|
|